Common Issues and FAQs related to SonicWall Cloud App Security.
05/11/2020 8 4004
Here is the list of common issues reported with cloud App security and resolutions which you could try before reporting to support and few FAQs.
What are the SaaS applications supported by Cloud App Security?
Office 365 Mail
Office 365 OneDrive
Office 365 SharePoint
What are the Security services provided in Cloud App Security?
Data Leakage Prevention
Advanced Anti-Phishing detection
Advanced Threat Protection - SonicWall Capture ATP
How long does it take for the initial CAS onboarding process?
The expected time is 30 minutes. In case if it takes longer than that, please contact SonicWall technical support.
Is it recommended to use automatic mode while integrating or can there be unexpected problems in manual mode?
Yes, it is recommended to use the automatic mode. In manual mode, everything needs to be manually configured on the SaaS application admin center which might result in unexpected error/authorization failures.
I would prefer to use groups. Can I include only a few users in the group for testing and later add all other users for productive operation?
Yes, you can use a specific group to get scanned by CAS and later add other users.
Please refer the below KB article for configuring security group:
Can I change the portal URL after activating?
No, portal URL cannot be modified once set.
If there is any problem with the mail flow, is it possible to temporarily turn off mail through Cloud App Security?
Yes, revert the O365 mail flow mode to Monitor Only by navigating to > Policy > O365 mail flow rule. This will route all new emails directly to O365. The emails that were stuck prior to changing mode must be manually released by backend hence please contact support.
Can I stop SaaS applications integrated with CASB?
Yes, there is a stop button under Configuration > Cloud App Store. But it takes a few hours for the deletion of rules/connectors/journal-rules on the Office365 side to take effect However the rules can be manually deleted on O365.
CAS-SaaS Security UI shows as license expired but I have CAS licenses and it's displayed correctly my MySonicwall account.
This is an indication of tenant not being in sync with our license manager. Please contact support to do license synchronization
Not receiving phishing emails with warnings for O365 emails in inline mode.
Please ensure that the phishing emails with warnings are not landing in global quarantine box of o365/Gsuite.
Protection status for SaaS applications on dashboard updates the status in real time and the different color indications are listed below:
Blue - Onboarding is in progress.
Green - Protection On, working good condition.
Orange - Warning
Red - Error
Protection status for O365 errors out.
Please make sure that below settings on O365 are disabled for SonicWall service user ( auto-created user during initial integration) :
- Conditional access policies or MFA
- Legacy authentication is blocked
- The password was changed, or the user was deleted
Any or All of the above mentioned could be the cause for the issue however this is just an initial check to be performed at your end. If issues persists with all the above mentioned are disabled, please report to technical support.
How to disable MFA on O365 for SonicWall service user?
- Go to the O365 admin center.
- Navigate to Users> Active users.
- Choose More> Setup Azure multi-factor auth
- Click Disable on the right
How to disable conditional access policy on O365 for SonicWall service user?
This can be done in Azure Active Directory Admin center, screenshot for reference:
How do I give admin access to multiple users to access CAS?
On CAS there is no option to change user rights hence please add other users to whom you would like to give admin access as a sub user in the group on your MySonicwall account. Please refer the below article