Data Loss Prevention

 View Only

  • 1.  Integration Office 365 X DLP Reflect Mode Fail

    Posted Jul 23, 2020 03:32 PM
    Hello guys,

    Recently we are working with integration between Office 365 to Cloud Service for Email, working in reflect mode topology, we are following the guide Data Loss Prevention Cloud Service for Email Implementation Last Update February  2020.

    My Enforce Server On-premises can communicate with cloud sucessful after import enrolment bundle and opened firewall rules.

    My Office 365 administrator has configured connector outbound and inbound following the guide, when we are doing the test with sending email, we have some error messages in Office 365 console.

    Reason: [{LED=421 4.4.1 Fatal: Forwarding agent unavailable. Closing connection.};{MSG=};{FQDN=cds2g-p01-inductio-10lxbffgvo06n-269055033.us-west-2.elb.amazonaws.com};{IP=34.208.174.194};{LRT=6/19/2020 7:13:18 PM}]. OutboundProxyTargetIP: 34.208.174.194. OutboundProxyTargetHostName: cds2g-p01-inductio-10lxbffgvo06n-269055033.us-west-2.elb.amazonaws.com


    Timestamp:6/19/2020 7:26:30 PM

    EventId:DEFER

    Source:SMTP

    MessageSubject:Test email for connector validation

    MessageId:<ad8a4804-9a94-4ff3-9816-9e3420b7cbfd@CP0P215MB1203.LAMP215.PROD.OUTLOOK.COM>

    Recipients:pnogueira1991@yahoo.com.br

    RecipientCount:1

    RecipientStatus:[{LED=421 4.3.0 Tenant Not Assigned. Missing X-DetectorID. Check configuration: https://support.symantec.com/en_US/article.DOC9008.html.};{MSG=};{FQDN=cds2g-p01-inductio-10lxbffgvo06n-269055033.us-west-2.elb.amazonaws.com};{IP=52.33.200.83};{LRT=6/19/2020 7:26:28 PM}]

    SourceContext:Progressive backoff retry time of: 00:15:53

    Sender:O365ConnectorValidation@cip-bancos.org.br

    EventData:OutboundProxyTargetIPAddress:52.33.200.83, OutboundProxyTargetHostName:cds2g-p01-inductio-10lxbffgvo06n-269055033.us-west-2.elb.amazonaws.com, OutboundProxyFrontEndIPAddress:25.152.74.27:25, OutboundProxyFrontEndName:CY1NAM02FT034, OutboundTlsDetails:TLS=SP_PROT_TLS1_2_CLIENT TLSCipher=CALG_AES_256 TLSKeyLength=256 TLSKeyExAlg=CALG_ECDH_EPHEM, IsSmtpResponseFromExternalServer:True, Microsoft.Exchange.Hygiene.TenantOutboundConnectorCustomData:Name=Conector nuvem Symantec DLP - Saída;ConnectorType=Partner;UseMxRecord=False, DeferredRecipientIndex:0, LocalDelayLatency:0, DeliveryPriority:Normal, OriginalFromAddress:<>, AccountForest:LAMP215A002.PROD.OUTLOOK.COM


  • 2.  RE: Integration Office 365 X DLP Reflect Mode Fail

    Broadcom Employee
    Posted Jul 24, 2020 04:46 PM
    Hi Thiago!

    The Validation Check (option from O365 Admin portal, as part of the process of setting up a new Connector) will ALWAYS fail for the DLP Cloud Service.

    Sender:O365ConnectorValidation@cip-bancos.org.br

    This is because the validation check specifically uses a different "test" certificate which is not part of our Detector configuration.

    If the Connector(s) and Transport Rule(s) are setup - try sending a test email from the domains which are part of the setup.
    If you need more information, or run into additional issues - please do open a support ticket, as one of my colleagues or I can assist to verify settings and setup.

    Warm regards,
    Stephen

    ------------------------------
    Global Support Lead, DLP
    Broadcom, Symantec Enterprise Division
    ------------------------------

    Original Message


  • 3.  RE: Integration Office 365 X DLP Reflect Mode Fail

    Posted Jul 28, 2020 01:25 PM
    OK Stephen thank's so  much I go ahead to open a case with support.

    Regards,

    Thiago.
    Original Message