DLP Agent shown in Critical or Warning status with alert 'Chrome|Edge extension not deployed'

book

Article ID: 212090

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention Endpoint Prevent

Issue/Introduction

You observe agents shown in the Enforce Console in Critical or Warning status and the agent events contain a recent 'Chrome|Edge extension not deployed' event, such as shown below:

Cause

There are multiple reasons this could occur:

  1. The extension failed to deploy due to LGPO corruption.
  2. The Agent Advanced Setting 'ExtensionEnablement.INSTALL_BROWSER_EXTENSION.int' is set to 0, AND
    1. The browser extension is not deployed manually, OR
    2. You may see these alerts as false positives if you are running DLP 15.8 due to a race condition. This can happen if an end-user opens and closes Chrome or Edge in a shorter time than the PluginInstaller.TAMPERPROOFING_IGNORE_PROCESS_TIMEOUT.int value multiplied by 5. Broadcom is working to resolve this in a future update.
  3. If EDPA.exe goes down in an ungraceful manner while brkrprcs64.exe is still running and gets restarted by the watchdog process WDP.exe as shown in the screenshot below:

Environment

DLP 15.8 and higher.

Resolution

Solution 1

If you are experiencing LGPO corruption, work directly with Microsoft to resolve it. See: Detecting Local Group Policy corruption

Solution 2.1

If you are deploying the browser extensions manually, ensure that you are deploying it in the correct way, and that it is the correct version for your agent. See: DLP Agent Chrome and Edge browser extension management

Solution 2.2

If you are seeing these alerts as false positives (detection and URL reporting is working) and are running an affected version of 15.8, Broadcom is working to resolve this in a future update.

Solution 3

There are multiple ways to work around this, including:

  1. Restarting the browser on the endpoint
  2. Resetting the log level on the agent from the Agent Overview, troubleshooting menu
  3. Restarting the agent on the endpoint

Additional Information

See also: Detecting Local Group Policy corruption

See also: DLP Agent Chrome and Edge browser extension management

Attachments