• Event(s) and/or Alert(s) in the Console for:
  • connection is lost for longer than specified period (3hrs)
  • fast sync with CDC wasn't successful for longer than specified period (3hrs) - lookup of newly added files at CDC
  • slow sync with CDC wasn't successful for longer than specified period (3hrs) - update of metadata pushed from CDC to your server

• App Control Server: All Supported Versions
• Carbon Black Collective Defense Cloud Enabled

1. Verify the CDC Connectivity between the application server and the CDC Backend.
   • If the connectivity is working, the Event/Alert can likely be ignored.
   • Typically an Event or two for this can safely be ignored, as there are many variables that could contribute to a network connection error between the application server and the CDC Backend.
2. If it is common that the environment is without network access, or new file creation, for long periods of time the Criteria for the Alert can be adjusted:
   1. Log in to the Console and navigate to Tools > Alerts.
   2. Click Edit (pencil icon) on the Alert, CB Collective Defense Cloud Unavailable.
   3. Set the Criteria > Time Period to be slightly longer than the expected period.

If connectivity issues persist:

1. Start Server High Debug Logging
2. Start a Wireshark capture from the application server.
3. Follow the steps to check CDC/SRS status and connectivity.
4. Capture the Server High Debug Logs and Wireshark (steps 1 and 2) then provide the logs to Support.

• It is recommended to check CDC/SRS status and connectivity whenever you receive this alert, as it is possible the alert was triggered due to a disconnection.
• For App Control server versions 7 or older, the CDC was originally named the Software Reputation Service (SRS).