Data Loss Prevention Cloud Service for Email

 View Only

  • 1.  dlp cloud detector and email security.com

    Posted Apr 24, 2020 08:28 AM
    Question on these 2 products. We have both. I have setup email security.cloud and have email going though it. I have setup the cloud dlp connector and imported the enrollment bundle into our on premise enforce server. The detector is showing up and appears to be talking. The problem is that no emails are going though dlp. Emails flow though email security.cloud but are never sent do dlp. I see NO setting in email security.cloud around dlp. I have our mail server sending email to the smart host listed in the email from email security.cloud when setting up the domain. I have created numerous tickets with broadcom and have gotten no help. 

    I feel the setup on their side is not complete, unless i am missing an email that says to send my email though a different smart host. I have looked though all the documentation i can find and everything shows what i have done is correct. Can anyone think of anything else i can try?

    Thank you in advance. 
    Mike

    ------------------------------
    Mike S
    ------------------------------


  • 2.  RE: dlp cloud detector and email security.com

    Posted Apr 24, 2020 09:10 AM

    Where do your emails originate (o365)? If so, you need to create a connector and mail flow rule to send all mail out to the cloud DLP, which will then send it to Symantec.cloud. That was our setup for the past few years.

     

    Marc


    Original Message


  • 3.  RE: dlp cloud detector and email security.com

    Posted Apr 24, 2020 10:23 AM
    Edited by Michael Schreiber Apr 24, 2020 10:24 AM
    Marc, Thank you for your response. Where did you get the smart host name for dlp. Our account has been messed up from the start and they had to manual provision it. We have not gotten any of the emails so i have been having to make many support ticket and fight with their support to get me what I need. 

    The only smart host i have gotten has been for the domains on email security.cloud. 

    Thank you for your time. 
    Mike



    Original Message


  • 4.  RE: dlp cloud detector and email security.com
    Best Answer

    Posted Apr 24, 2020 10:32 AM
    You can get the smarthost name from the enforce console under System-Servers and Detectors. Click on your cloud email connector, and the smarthost name is your [detector ID].ds.dlp.protect.symantec.com (should also be shown under detector FQDN).

    Then in O365, you need a connector set to forward mail based on a transport rule to this smarthost.

    The transport rule then just says: any mail sent externally should use this connector, except for the Symantec IP addresses (to avoid loops).

    This article actually does a good job with the setup: https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/symantec-security-software/information-security/data-loss-prevention/15-7/Cloud_DLP_10/configuring-office-365-to-use-symantec-email-secur-v111575553-d248e1727.html#v111575553
    Original Message


  • 5.  RE: dlp cloud detector and email security.com

    Posted Apr 24, 2020 10:46 AM
    Edited by Michael Schreiber Apr 24, 2020 10:55 AM
    Marc, 
    I could Hug you right now... well we have to stay 6 feet away. 
    The documentation you link says this "Click 
    +
     and add the Cloud Detector (SMTP Smarthost) URL that is indicated in the 
    Symantec Data Loss Prevention
     Cloud Service for Email welcome letter."

    Pretty hard when you dont get the emails. 

    Why could they not just say what you said is beyond me. That the missing piece. I have not found that anywhere in any documentation. Going to go change my o365 rules to point to that instead of email symantec.Cloud now. 

    Thank you again for your time!
    Mike



    Original Message