Issue Description

CC unable to integrate with SAAS ES

Error/Warning Information

Chose NDR on platform x instead of SIP, causing integration error.

Handling Process

1. Platform X → make sure SAAS ES is online, add device as SIP using manual input (enable EDR)
   

2. Enable integration on ES SAAS for 1440 minutes
   

3. Cybercommand → add device as SAAS ES but using auth from SIP
   

4. Check ES SAAS will automatically integrate with CC
   

5. Add SIP auth from platform x into cyber command response app (CC will only appear as online after it is added to response app)
   

6. Test connectivity
   

Root Cause

Due to limiteation on Platform X, for CC integrate with ES SAAS must use SIP and manual input.

Solution

Use SIP instead of NDR.

Reference

NA