This KB is intended to fill some gaps in documentation and is not a substitute for the "Chaining the CloudSOC Gateway to McAfee Web Gateway.pdf" Tech Note. You can access this document via CloudSOC > Knowledgebase > Gateway > search "McAfee"
Customer deploying chaining integration for both CloudSOC and MWG.
There are some gaps for this process in the current Tech Note (as of 7/1/19 version of Tech Note). In comparison, the Bluecoat Proxy SG Chaining to CloudSOC tech note does contain some of these missing steps but there are differences.
Prior to Beginning the Chaining process/steps in Tech Note, have the customer do the following:
1. Export the Cert file from CloudSOC > Settings > Gateway > Download Certification
2. Confirm with the customer, is CloudSOC Reach in use in the environment?
Go to the customer tenant in BOP > Gatelets
If customer has CloudSOC Reach, ensure this check box is checked.
If not, then ensure it's unchecked and be sure to check "agentless" per below
... then Update
Customer was unable to import the CloudSOC cert file (.crt)
For this issue, according to the customer, they had to perform the following actions:
Prior to importing the CloudSOC certificate file,
Go to MWG "Rule Sets" tab.
Expand the SSL Scanner option on the left hand pane.
Click Certificate Verification.
Uncheck the following:
Block Unknown Certificate Authorities
Block Untrusted Certificate Authorities
"Be sure to recheck these once the certificate is installed"
The location as to where the .crt file is uploaded in the MWG is still a bit unclear. We received confirmation from the customer after the fact that they were eventually able to successfully upload the .crt file.
Following the steps above are essential prior to beginning to follow the Tech Note steps.