Skip to main content
Skyhigh Security

Use EDM (Enhanced) Fingerprints in Policies Synchronized from Trellix ePO to Skyhigh

When using EDM (Enhanced) fingerprints in policies synchronized from Trellix ePO On-Prem to Skyhigh, there are some additional steps to follow.

  1. Define a matching EDM (Enhanced) fingerprint in Skyhigh CASB, following the instructions in Create an Exact Data Match (EDM) Fingerprint.  

IMPORTANT: The fingerprint name must be EXACTLY the same as that used when creating the ePO On-Prem fingerprint. Capitalization, punctuation, and spaces must all be identical.

The commands for each will look similar to the following:

Trellix ePO

C:\Program Files\shnDlpIntegrator\edm-tool\edmtrain.exe" -h -d U+0009 -i C:\EDMTrain\mydata.tsv -o
C:\EDMTrain\output\my_fingerprint_name

Skyhigh CASB

C:\Program Files\shnDlpIntegrator\edm-tool\edmtrain.exe" -h -d U+0009 -i C:\EDMTrain\mydata.tsv -o
C:\EDMTrain\output.salt\my_fingerprint_name -f C:\EDMTrain\salt.txt

Note that the output directory is different, but the fingerprint name is the same in both cases. Also, the Skyhigh CASB version also requires the salt file path. 

  1. Upload the fingerprint database using the edmupload program.
  2. Once the fingerprint is saved and the database is uploaded, push the policy from Trellix ePO On-Prem. 

Important: Pushing the policy from Trellix ePO On-Prem will fail if the fingerprint name does not match EXACTLY for Trellix ePO On-Prem fingerprint training and Skyhigh CASB fingerprint training.

  1. Go back to the fingerprint to the edit screen. If the Trellix ePO policy matches the Skyhigh CASB fingerprint, then the on-prem classifications will be listed in the Additional Info box on the right.
    additional_info.png
  • Was this article helpful?