Environment

• App Control Console: Version 8.8.0 and Higher

Objective

Resolution

1. Verify the CPE Applications feature has been fully configured and enabled.
2. In Reports > Events add a Filter for Type > Is: CPE Management and review the Errors.
3. Reset the CPE and CVE URLs to the default locations, and attempt a manual sync.
4. Log in to the application server hosting the Console as the Carbon Black Service Account and navigate to the CPE and CVE URLs in a browser to verify they load correctly.
5. Use PowerShell from the application server to test communication to the NVD website on Port 443:

   TNC -ComputerName services.nvd.nist.gov -Port 443

6. Restart the App Control Reporter service.
7. If an NVD API Key was specified, try removing the API Key, and attempt a manual sync.
8. Use Postman from the application server to pull sample data from the NIST API (Example with the App Control API).

Additional Notes

• This feature is not supported if the App Control Server is installed on Windows Server 2012.
• By default the delay between API requests for the CPE Sync is 6 seconds (Shepherd Config: CPEDelayBetweenRequests).
• If an error is encountered on the remote CPE site, this delay is increased to 60 seconds (Shepherd Config: CPEDelayBetweenFailedRequests).
• This feature relies upon communication between the application server and (by default) the NVD services owned by NIST.
• If the issue persists, please recreate the issue while capturing the Server High Debug Logs and open a case with Support.

Related Content