You have configured Web Security Service to connect to an on premise DLP Network Prevent for Web detection server via an F5 load balancer

You notice that incidents received in the DLP Enforce Server console contain no user related data (username, domain etc).

Release : DLP 15.x

Component : Integration with WSS via F5 load-balancer and on-prem detection servers

The F5 needs to be configured to allow the appropriate header information to be passed through to the DLP detection servers.

Once the F5 was configured to pass the information headers below, incidents reflected the required user details.    

• X-Authenticated-User
• X-Client-IP
• X-Domain