Add additional Box Co-Admins to CloudSOC Box Securlet to reduce throttling
search cancel

Add additional Box Co-Admins to CloudSOC Box Securlet to reduce throttling

book

Article ID: 222486

calendar_today

Updated On:

Products

CASB Security Advanced

Issue/Introduction

Adding additional Box co-admins splits up the API calls. It improves the Box Securlet API call processing and reduces Box throttling as well as CI latency

Note: The CloudSOC SysAdmin does NOT need the Box Admin to join in Webex to make these changes.

Box Admin only needs to create the two new Box Co-Admin Users with correct Privs and provide the CoAdmin Account IDs to the CloudSOC SysAdmin

 

Environment

Component : CloudSOC Box Securlet

Cause

Many Vendors, including Box, add throttling or rate limiting to their APIs to protect their infrastructure/resources from getting over-loaded

Resolution

Engineering added a new feature to Box Securlet where Clients can add dedicated Event Processing Co-Admin and dedicated Remediation Co-Admin to split up the API load

Both Box Co-Admins need to have these permissions at a minimum:

Manage users - Manage groups - View users' content - Edit users' content - Log in to users' accounts - View settings for your company - Edit settings for your company - Run new reports and Access existing reports

This is how the Co-Admin User privs would look like in Box User Configuration:

 

When Admin has created the two Box Co-Admins - Admin can Login as each Box Co-Admin to get their Account IDs. 

For example Log in to Box as new User - CoAdmin1”

Click on the Icon in upper right corner near Username.

Then click on “Account Settings”

Scroll down and each Box Coadmin will have a unique Account id that looks like this:

Account Details

Account Type

Enterprise

Account ID

<xxxxxxxxx01> <– Enterprise Box CoAdmin1 Account ID from CoAdmin's profile

 

Repeat procedure – Logging in as CoAdmin2

Account ID

<xxxxxxxx02> <– Enterprise Box CoAdmins Account ID from CoAdmin's Profile

 

Provide these two CoAdmin IDs to the CloudSOC SysAdmin

 

SysAdmin - In CloudSOC Store / Securlets / Box – Click on “Configure”

In order for this to function you would still have original Box Admin Account that activated the Securlet & two new Co-Admin Accounts

Click edit on the Box Securlet Config page shown below and add the two new CoAdmin Account ID's in the two (optional) fields below:


 

Once the two new Account IDs are added it will look like this.

Note: Account Name field does NOT need to be changed - Only add the two optional Account IDs for each Event Processing CoAdmin

 

Click “Save” and you should see a pop up in upper right corner like this for about 5-10 seconds.

Now Box Securlet will be splitting the API calls three ways.

Additional Information

Note: Box co-admin accounts do not have permissions to process the primary Box Admin account's activities.

Therefore, any activities the Box co-admin accounts process for the primary Box Admin will be denied and sent to a queue where the primary Box Admin will process those activities itself.

 

Powered by Wolken Software