Data Loss Prevention

Hello,

I am setting up DI a DLP fora customer. I can connect DLP to DI. However, I am running into an issue connecting DI to DLP.

In DLP I have a report user who has the Report role. The Report role had the following permissions added to it:

• Incident Reporting and Update API
  • Incident Reporting
  • Incident Update

On the DI server I have also imported the X.509 certificate from the DLP server.

In the DI console under DLP I have the following configurtion:

• hostname: HOSTNAME (in all capital letters)
• Port: 443
• Username: DOMAIN\DLPReportUserName (using the same case as the user in DLP)
• Configure resources automatically: Unchecked
• Saved Report IDs: 1

Basically the configuration that I have in DI is the same configuration I have when I want to log into DLP as that user.

When I click on the Test Connection button I get the following pop-up:

"Failed to retrieve data from Data Loss Prevention server. Check whether all the details are correct."

Any ideas on how I can get DI to communicate with DLP?

Cheers,

Cameron

Note. Appologies, the version for DI is actually 4.5.

I've seen that happen if you haven't done a scan (and received results) from Discover on the DLP side. If you can, try running a scan and checking again.

Aaron

Did you specify the role the user is in as well?

Does the hostname listed match the hosstname in the cerficate that you imported?  So if your certificate lists hostanme.domain.com and you are specifying hostname then I've seen it fail.

Also have you specified the role the DLP user is in?  I have seen it fail as well.

Also sometimes I've seen it fail, went and grabbed a cup of coffee and then have it work.  Not sure why it sometimes function that way but it does