App Control: How To Check CDC/SRS Status and Connectivity
search cancel

App Control: How To Check CDC/SRS Status and Connectivity

book

Article ID: 286461

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

To confirm Carbon Black File Reputation (CDC) status and connectivity.

Environment

  • App Control Server: All Supported Versions
  • Microsoft Windows: All Supported Versions

Resolution

Verify CDC Activation & Status:
  1. Login to the Console and navigate to System Configuration > Licensing > Carbon Black File Reputation Activation.
  2. Verify the subscription to Carbon Black File Reputation shows as, "Currently activated".
  3. Click Options to load the CDC Settings page.
  4. Verify "Enable file metadata sharing for Reputation and Threat results from Carbon Black" is checked.
Test Connectivity:
  1. Log in to the application server hosting the Console as the Carbon Black Service Account.
  2. Open an administrative command prompt and issue the following commands:
    cd "C:\Program Files (x86)\Bit9\Parity Server\Reporter"
    ParityReporter.exe check
    
    Note: If an Agent is installed on the App C server, Tamper Protection may need to be temporarily disabled before using the ParityReporter command.
    
  3. Test the connection to Port 443 via PowerShell:
    tnc -ComputerName services.bit9.com -Port 443 -InformationLevel "Detailed"
  4. Run the following query in SQL Mgmt Studio:
    use DAS; SELECT name, value FROM dbo.shepherd_configs WHERE name in ('ParityServerVersion', 'ActivationState', 'ActivationVerified', 'ActivationKey', 'ParityCenterSIDHash', 'ReporterConnectivityError')

If connectivity issues persist, despite successful tests, the Server High Debug Logs and a Wireshark capture while recreating the connectivity tests may be required.

Additional Information

  • The connection between the CDC and the application server hosting the Console will require TLS 1.2.
  • To initiate the connection with the CDC .NET 4.6.2 (or later) is recommended. Earlier versions of .NET will default to pre-TLS 1.2 protocols, which will prevent a CDC connection.
  • The Carbon Black File Reputation Key is different than the App Control License Key (.lic file), but should be included when the License Key is provisioned.
  • The Reputation Key is unique, and directly associated with the unique License Key. It should not be used on multiple App Control Servers.