CASB scan filters are not syncing, causing EDM profiles to fail Cloud deployment.
search cancel

CASB scan filters are not syncing, causing EDM profiles to fail Cloud deployment.

book

Article ID: 377049

calendar_today

Updated On:

Products

Data Loss Prevention

Issue/Introduction

The Enforce server collects current data profiles and delivers them to the cloud detector, if any profiles are missing than sync will not complete and CASB will not accept the scan filters.  

     If this is a brand new deployment, please visit article 164312.

 

Environment

To begin with, recycle the Server detection controller (Monitor Controller) and access the cloud detection server. In the events box, wait and see if all the deliveries get completed. This can take some time depending on the size of the data sources and profiles. 

 

Below is an example of the completed delivery reports for each one. There are reasons that a profile can fail, for example IDM/EDM need to be indexed correctly and without any errors for the sync to be successful. You can validate all profiles are completed by looking at the detector events for the following.

Enforce version 16.0.2 - these include the new ICA component, and no longer have the ICT one

A Cloud Detector configured for CASB Application Detection (aka receiving traffic from the CloudSOC):

Configuration file [Policy] delivery complete
Configuration file [AipTaxonomy] delivery complete
Configuration file [EMDIProfile] delivery complete
Configuration file [SPI_REQUEST] delivery complete
Configuration file [IcaUserList] delivery complete
Configuration file [REST] delivery complete
Configuration file [Form Recognition] delivery complete
Configuration file [VMLProfile] delivery complete
Configuration file [IDMProfile] delivery complete
Configuration file [EDMProfile] delivery complete
Configuration file [Protocols] delivery complete
Configuration file [Settings] delivery complete

 

A Cloud Detector configured for Web Security Service (receiving ICAP traffic from WSS):

Configuration file [Policy] delivery complete
Configuration file [EMDIProfile] delivery complete
Configuration file [AipTaxonomy] delivery complete
Configuration file [IcaUserList] delivery complete
Configuration file [Form Recognition] delivery complete
Configuration file [VMLProfile] delivery complete
Configuration file [IDMProfile] delivery complete
Configuration file [EDMProfile] delivery complete
Configuration file [Settings] delivery complete
Configuration file [Protocols] delivery complete

 

Cloud Detector configured for the Cloud Email Service:

Configuration file [Policy] delivery complete
Configuration file [DetectorEmailDomains] delivery complete
Configuration file [AipTaxonomy] delivery complete
Configuration file [EMDIProfile] delivery complete
Configuration file [IcaUserList] delivery complete
Configuration file [Form Recognition] delivery complete
Configuration file [VMLProfile] delivery complete
Configuration file [IDMProfile] delivery complete
Configuration file [EDMProfile] delivery complete
Configuration file [Protocols] delivery complete
Configuration file [Settings] delivery complete

Cause

DLP requires that there are no errors before syncing/packaging the entire EDM profile and sending it to the CDS. 

Resolution

<still filling in data>

Powered by Wolken Software