Environment
- App Control Server: All Supported Versions
- Microsoft Windows: All Supported Versions
Objective
To confirm Carbon Black File Reputation (CDC) status and connectivity.
Resolution
Verify CDC Activation & Status:
- Login to the Console and navigate to System Configuration > Licensing > Carbon Black File Reputation Activation.
- Verify the subscription to Carbon Black File Reputation shows as, "Currently activated".
- Click Options to load the CDC Settings page.
- Verify "Enable file metadata sharing for Reputation and Threat results from Carbon Black" is checked.
Test Connectivity:
- Log in to the application server hosting the Console as the Carbon Black Service Account.
- Open an administrative command prompt and issue the following commands:
cd "C:\Program Files (x86)\Bit9\Parity Server\Reporter"
ParityReporter.exe check
Note: If an Agent is installed on the App C server, Tamper Protection may need to be temporarily disabled before using the ParityReporter command.
- Test the connection to Port 443 via PowerShell:
tnc -ComputerName services.bit9.com -Port 443 -InformationLevel "Detailed"
- Run the following query in SQL Mgmt Studio:
use DAS; SELECT name, value FROM dbo.shepherd_configs WHERE name in ('ParityServerVersion', 'ActivationState', 'ActivationVerified', 'ActivationKey', 'ParityCenterSIDHash', 'ReporterConnectivityError')
Additional Notes
- The connection between the CDC and the application server hosting the Console will require TLS 1.2.
- To initiate the connection with the CDC .NET 4.6.2 (or later) is recommended. Earlier versions of .NET will default to pre-TLS 1.2 protocols, which will prevent a CDC connection.
- The Carbon Black File Reputation Key is different than the App Control License Key (.lic file), but should be included when the License Key is provisioned.
- If connectivity issues persist, despite successful tests, the Server High Debug Logs and a Wireshark capture while recreating the connectivity tests may be required.
Related Content