Configure WSS ICAP Cloud DLP detector in CloudSOC
search cancel

Configure WSS ICAP Cloud DLP detector in CloudSOC

book

Article ID: 260493

calendar_today

Updated On:

Products

CASB Gateway Data Loss Prevention Cloud Detection Service for ICAP Data Loss Prevention Cloud Detection Service Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

How to configure the ICAP Cloud DLP detector to link to Cloud SWG (formerly known as WSS)

Environment

Release: 1

Resolution

In CloudSOC -> Settings -> Data Loss Prevention, there are 2 options depending on the type of Cloud Detector you have requested.

But beforehand, for either option, ensure that the option for "Content Inspection of Documents" is "ENABLED":

 

Then, if you chosen to have the "Cloud Managed DLP" option: a Cloud Detector will be automatically added to your CloudSOC service after it is provisioned. 

From that same settings page, click on the "Actions" column for the "Cloud Detection Service Configuration" and choose "Activate" and "Connect":

 

 

For the second option: where you have requested an "Enforce Managed DLP CDS", you need to register the CDS with the CloudSOC before configuration:

Click "Add Detection Service". Give it a name and add the token sent when the detector was enabled in CMP

 

After confirming one of the two options above, you need to enable your WSS or SWG service to send traffic to the DLP CDS:

In WSS Console -> Policy -> Data Loss Prevention, add the ICAP Detector

Verify the Scanning Level is set to Scan all outgoing payloads

In WSS Console -> Settings -> Products & Licensing, verify under the Linked Products section that Data Loss Prevention shows Configured

 

Additional Information

See also Creating a Cloud DLP WSS Policy

If you are a UPE customer the Management Center policy should have a rule to send selected sources to DLP using the reference proxy DLP ICAP action.

Powered by Wolken Software