MIP Step 3: Creating an MPIP credential profile for agents and on-premises detection servers
search cancel

MIP Step 3: Creating an MPIP credential profile for agents and on-premises detection servers

book

Article ID: 276044

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention API Detection for Developer Apps Virtual Appliance Data Loss Prevention API Detection Virtual Appliance Data Loss Prevention Cloud Detection Service Data Loss Prevention Cloud Detection Service for ICAP Data Loss Prevention Cloud Detection Service for REST Data Loss Prevention Cloud Package Data Loss Prevention Cloud Prevent for Microsoft Office 365 Data Loss Prevention Cloud Service for Discovery/Connector Data Loss Prevention Cloud Service for Email Data Loss Prevention Cloud Storage Data Loss Prevention Core Package Data Loss Prevention Data Access Governance Data Loss Prevention Discover Suite Data Loss Prevention Endpoint Discover Data Loss Prevention Endpoint Prevent Data Loss Prevention Endpoint Suite Data Loss Prevention Enforce Data Loss Prevention Enterprise Suite Data Loss Prevention for Mobile Data Loss Prevention for Office 365 Email and Gmail with Email Safeguard Data Loss Prevention Form Recognition Data Loss Prevention Network Discover Data Loss Prevention Network Email Data Loss Prevention Network Monitor Data Loss Prevention Network Monitor and Prevent for Email Data Loss Prevention Network Monitor and Prevent for Email and Web Data Loss Prevention Network Monitor and Prevent for Web Data Loss Prevention Network Prevent for Email Data Loss Prevention Network Prevent for Email Virtual Appliance Data Loss Prevention Network Prevent for Web Virtual Appliance Data Loss Prevention Network Protect Data Loss Prevention Network Web Data Loss Prevention Oracle Standard Edition 2 Data Loss Prevention Plus Suite Data Loss Prevention Sensitive Image Recognition

Issue/Introduction

This section reviews the process of creating MPIP credential profile for agents and on-premises detection servers in the DLP Console

DLP 16.0 MIP Implementation: Managing MIP Credential Profiles for Agents and On-Premises Detection Servers

DLP 25.1 MPIP Implementation: Managing MPIP Credential Profiles for Agents and On-Premises Detection Servers

Symantec Data Loss Prevention uses MPIP credential profiles to authenticate with the MPIP service. On the System > Settings > MPIP Credential Profiles page of the Enforce Server administration console, you can configure two types of MPIP credential profiles for agents and on-premises detection servers:
  • An MPIP classification credential profile – Used by the Enforce Server, DLP Agents, and on-premises detection servers to synchronize classification labels with the 
    MPIP service. You can configure only one MPIP classification credential profile at a time.
  • MPIP decryption credential profiles – Used by detection servers to inspect documents and emails that have been encrypted by MPIP. You can configure multiple MPIP
     decryption credential profiles.

    Resolution

    In the Enforce Server administration console

    Navigate to System > Settings > MPIP Credential Profiles

    Adding the Microsoft Information Protection Classification Credential Profile: To authorize Symantec Data Loss Prevention to classify documents that contain sensitive information and to synchronize labels with the MPIP service

    1. Under “Microsoft Purview Information Protection Classification Credential Profile” select “Add Profile”
    2. In the dialog box, type a name for the profile in the Profile Name field.
    3. Fill the Tenant ID, Application ID, and Application Secret (client secret) fields using the information that you copied when you registered an application on the Azure portal.
    4. Credentials are verified on save

    Note: To utilize an Application Certificate instead of a Application Secret, follow the steps found in the following article: Implementing a client certificate authentication for MIP Classification/Decryption profiles on Enforce

    Adding the Microsoft Information Protection Decryption Credential Profile: To authorize Symantec Data Loss Prevention to inspect documents and emails encrypted by MPIP

    1. Under “Microsoft Purview Information Protection Decryption Credential Profile” select “Add Profile”
    2. In the dialog box, type a name for the profile in the Profile Name field.
    3. Fill the Tenant ID, Application ID, and Application Secret (client secret) fields using the information that you copied when you registered an application on the Azure portal.
    4. Credentials are verified on save

    Note: To utilize an Application Certificate instead of a Application Secret, follow the steps found in the following article: Implementing a client certificate authentication for MIP Classification/Decryption profiles on Enforce

    Additional Information

    Return to Getting started with a DLP / MPIP Integration

    For additional guides please see the "Getting Started with Data Loss Prevention"

    To provide feedback please click on the "Feedback" link or send an email to "[email protected]"

    Powered by Wolken Software