Skip to main content

Welcome to Skyhigh Security!

Skyhigh Security

Generate the Fingerprint File using the IDM Train Tool

When using IDM (Enhanced) fingerprints in policies synchronized from Trellix ePO On-Prem to Skyhigh, there are some additional steps to follow.

  1. Define a matching IDM (Enhanced) fingerprint in Skyhigh CASB, following the instructions in Create an Indexed Data Match (IDM) Fingerprint.  

IMPORTANT: The fingerprint name must be EXACTLY the same as that used when creating the ePO On-Prem fingerprint. Capitalization, punctuation, and spaces must all be identical.

  • The data structure (column names, column orders, and headings) should also be the same.
  • You can also write a script for the training, as described in Automate Updating an IDM Fingerprint using a Script.
  • Or see Trellix documentation at Options to generate the fingerprint file using the IDMTrain tool.  

The commands for each will look similar to the following:

Trellix ePO

C:\Program Files\shnDlpIntegrator\idm-tool\idmtrain.exe" -h -d U+0009 -i C:\IDMTrain\mydata.tsv -o

Skyhigh CASB

C:\Program Files\shnDlpIntegrator\idm-tool\idmtrain.exe" -h -d U+0009 -i C:\IDMTrain\mydata.tsv -o
C:\IDMTrain\output.salt\my_fingerprint_name -f C:\IDMTrain\salt.txt

Note that the output directory is different, but the fingerprint name is the same in both cases. Also, the Skyhigh CASB version also requires the salt file path. 

  1. Upload the fingerprint database using theidmupload program.
  2. Once the fingerprint is saved and the database is uploaded, push the policy from Trellix ePO On-Prem. 

Important: Pushing the policy from Trellix ePO On-Prem will fail if the fingerprint name does not match EXACTLY for Trellix ePO On-Prem fingerprint training and Skyhigh CASB fingerprint training.

  1. Go back to the fingerprint to the edit screen. If the Trellix ePO policy matches the Skyhigh CASB fingerprint, then the on-prem classifications will be listed in the Additional Info box on the right.
  • Was this article helpful?