How CylanceGATEWAY sends data using Safe Mode
CylanceGATEWAYsends data using Safe Mode
When your users try to access any public Internet destination, they are only able to access them if they are explicitly allowed to by the access control list (ACL) rules. When Safe Mode is enabled,
CylanceGATEWAYblocks users from accessing potentially malicious destinations and enforces acceptable use policy (AUP) by intercepting DNS requests. The
CylanceGATEWAYcloud services evaluate each DNS query against the configured ACL rules and network protection settings, and then instructs the agent to allow or block the request in real time. If the ACL rule blocks a destination,
CylanceGATEWAYprevents access. If allowed, the network DNS query is allowed to complete over the bearer network.
When Safe Mode is enabled on a device,
CylanceGATEWAYsends network traffic in the following ways.
Allowed Internet destination
Users can access any public Internet destination only if it is explicitly allowed by your ACL rules. ACL rules evaluate each network access attempt, and if a rule matches will allow access to the destination.
If you enable Safe Mode, traffic to safe Internet destinations is routed over the bearer network to the destination instead of through the
If you enable split tunneling, traffic to safe Internet destinations is routed over the bearer network to the destination and is protected by Safe Mode. This reduces the traffic sent through
CylanceGATEWAYby allowing traffic to safe public sites to route directly to the destination.
Blocked Internet destination
If a destination is explicitly blocked by your ACL rules or determined by
BlackBerryto be a potentially malicious destination,
CylanceGATEWAYwill block the DNS query. When users attempt to access a destination and it is blocked by an ACL rule, the attempt and reason is displayed on the Warning screen in the user's