Add additional Box Co-Admins to CloudSOC Box Securlet to reduce throttling

book

Article ID: 222486

calendar_today

Updated On:

Products

CASB Security Advanced

Issue/Introduction

Adding additional Box co-admins splits up the API calls. It improves the Box Securlet API call processing and reduces Box throttling as well as CI latency

Note: The CloudSOC SysAdmin does NOT need the Box Admin to join in Webex to make these changes.

Box Admin only needs to create the two new Box Co-Admin Users with correct Privs and provide the CoAdmin Account IDs to the CloudSOC SysAdmin

 

Cause

Many Vendors, including Box, add throttling or rate limiting to their APIs to protect their infrastructure/resources from getting over-loaded

Environment

Component : CloudSOC Box Securlet

Resolution

Engineering added a new feature to Box Securlet where Clients can add dedicated Event Processing Co-Admin and dedicated Remediation Co-Admin to split up the API load

Both Box Co-Admins need to have these permissions at a minimum:

Manage users - Manage groups - View users' content - Edit users' content - Log in to users' accounts - View settings for your company - Edit settings for your company - Run new reports and Access existing reports

This is how the Co-Admin User privs would look like in Box User Configuration:

 

When Admin has created the two Box Co-Admins - Admin can Login as each Box Co-Admin to get their Account IDs. 

For example Log in to Box as new User - CoAdmin1”

Click on the Icon in upper right corner near Username.

Then click on “Account Settings”

Scroll down and each Box Coadmin will have a unique Account id that looks like this:

Account Details

Account Type

Enterprise

Account ID

17002403814 <– Enterprise Box CoAdmin1 Account ID from CoAdmin's profile

 

Repeat procedure – Logging in as CoAdmin2

Account ID

17002330372 <– Enterprise Box CoAdmins Account ID from CoAdmin's Profile

 

Provide these two CoAdmin IDs to the CloudSOC SysAdmin

 

SysAdmin - In CloudSOC Store / Securlets / Box – Click on “Configure”

In order for this to function you would still have original Box Admin Account that activated the Securlet & two new Co-Admin Accounts

Click edit on the Box Securlet Config page shown below and add the two new CoAdmin Account ID's in the two (optional) fields below:

Once the two new Account IDs are added it will look like this.

Note: Account Name field does NOT need to be changed - Only add the two optional Account IDs for CoAdmins

Click “Save” and you should see a pop up in upper right corner like this for about 5-10 seconds.

Now Box Securlet will be splitting the API calls three ways.

Additional Information

Note: Box co-admin accounts do not have permissions to process the primary Box Admin account's activities. Therefore, any activities the Box co-admin accounts process for the primary Box Admin will be denied and sent to a queue where the primary Box Admin will process those activities itself.

 

Attachments