Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Trellix ePO Managed Classifications with Data Identifiers

  1. Last updated
  2. Save as PDF

Users who manage classifications using Trellix ePO cannot manage classifications directly in the cloud. All classification management must be conducted on their on-premise ePO server. Hence, the following options are available for users who have cloud policies that make use of legacy Data Identifiers and associated legacy content-based features like keywords, patterns/regular expressions, file name, file size, file type and legacy EDM/IDM rules along with ePO managed classifications.

Manage Classifications with Trellix ePO

Follow these manual steps to continue managing classifications with Trellix ePO and migrate cloud policies using Data Identifier based features:

  1. Create a Classification. On the on-premise ePO server, Identify a pre-canned classification that mirrors the functionality of the legacy Data Identifier or create a custom classification. To identify the appropriate classification to replace the legacy data identifier, refer to the migration guide. To create custom Trellix classifications, refer to the Documentation Support section.
  2. Push the Classification to the Cloud. Push the newly created classification from the ePO server to the Skyhigh cloud.
  3. Edit the Cloud CASB DLP Policy. Modify the policy to remove the Data Identifier and apply the new classification pushed from ePO in its place. 
  4. Save Cloud Policy. Ensure that the CASB policy now utilizes the new classification instead of the legacy Data Identifiers or related legacy content-matching features like keywords, patterns/regular expressions, file name, file size, file type, and legacy EDM/IDM rules.

NOTE: Data identifiers are specific to CASB policies and are not used in web DLP policies.

Documentation Support

Skyhigh Security does not maintain or provide documentation on creating classifications on the on-premise ePO server. For further information on how to create Trellix classifications,  refer to Trellix documentation.

DISCLAIMER: The Trellix documentation link is provided solely for convenience and informational purposes. Skyhigh Security makes no assurances regarding the accuracy, completeness, or reliability of the information contained in the linked topic.

Unlinking ePO Management

Skyhigh Security also offers a mechanism to unlink the ePO management scenario if users prefer to manage classifications entirely in Skyhigh Cloud. This allows you to discontinue ePO management without losing your policies and classifications previously configured in the cloud. Skyhigh can seamlessly unlink ePO, ensuring that on-premise managed classifications remain available in the cloud after the unlinking process.

Changes to Classification Management

Previously, when ePO management was unlinked, the pushed classifications would be lost. We have revised this approach to retain any classifications pushed from on-premise. If you have a policy (Policy A) that utilizes the on-premise pushed classification and you unlink ePO management, we will enable cloud classification management. This will allow the on-premise pushed classification to continue to be editable and manageable in the cloud.

You will then have the option to create custom classifications in the cloud or contact Skyhigh to get your policies automatically cloned.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.