Skip Navigation

Key features of
CylanceGATEWAY

Feature	Description
Continuous evaluation of network destinations	BlackBerry uses machine learning, IP reputation, and risk scoring to maintain an ever-evolving list of malicious Internet destinations. CylanceGATEWAY blocks devices from connecting to known and unknown phishing domains and associated IP and FQDN destinations, saving your organization the work of manually compiling and maintaining its own list.
Continuous identity risk analysis	The identity risk engine uses machine learning to continuously evaluate user behavior. Network anomaly events are detected when a CylanceGATEWAY user's network usage pattern is not consistent with past behavior. When an unusual network event is detected, CylanceGATEWAY can dynamically override the user's ACL rules and block the connection. Behavioral anomaly events are detected when a CylanceGATEWAY user's upload and download behavior pattern is not consistent with past behavior. When behavioral anomalies are detected, the anomaly is displayed on CylanceGATEWAY Events page. Behavioral anomalies do not block user traffic.
Threat protection	CylanceGATEWAY uses machine learning to continuously protect your organization's network from threats by continuously monitoring network connections for potential threats. When an anomaly is identified, it is subsequently blocked or alerted upon based on the risk level that is set in the network protection settings. Endpoints are protected against newly emerging network threats and established malicious destinations. Identified anomalies (for example, zero day, phishing domains, and command and control (C2) beacons) DNS tunneling anomalies are detected based on CylanceGateway's analysis on the DNS traffic from the client to the attacker's DNS server.
Segmented private network access	You can install CylanceGATEWAY Connectors on-premises and on private cloud networks to provide network access to remote devices without changing network topology or routing, and without opening firewall holes for incoming traffic. Access through CylanceGATEWAY offers strong isolation; only the parts of the network you choose are exposed to endpoints, and endpoints are not exposed to the whole private network. The CylanceGATEWAY Connector can be deployed in an AWS , vSphere , ESXi , Microsoft Azure , or Hyper-V environment.
Monitor network access and traffic patterns	The CylanceGATEWAY dashboard in the management console displays multiple widgets that show connections, usage patterns, and alerts to help you monitor network traffic.
One touch SaaS configuration	You can easily configure access to SaaS applications using the network services. CylanceGATEWAY streamlines SaaS app support and reduces the time required to enable SaaS app connectivity in the ACL rules that you configure for your environment. For more information on network services, see Define network services.
Content filtering	The ACL rules and the network protection settings that you configure for your environment filter the content and destinations that your users can access. This uses machine learning and ACL rules to ensure that users comply with your organization's acceptable use and regulatory requirements.
Web access firewall	CylanceGATEWAY protects devices and your private network by filtering, monitoring, and blocking traffic to potentially suspicious destinations. CylanceGATEWAY completes this by applying ACL rules that are configured for your environment and the network protection settings that you have specified. See the following for more information: Monitoring network connections in the Administration content. Controlling network access using ACL rules in the Setup content.
Support for IP-pinned services	Most SaaS applications allow source IP pinning to limit access only to connections from a specific range of trusted IP addresses. By limiting users to connections only through trusted entry points, organizations have an additional level of verification that the user is entitled to use the service. Your organization may already use this method to limit access to a SaaS application to connections from IP addresses used by devices connected to your organization's network. For users working remotely without using CylanceGATEWAY , this means that all traffic between remote devices and a SaaS application must travel over VPN to your network and then to the SaaS application. CylanceGATEWAY allows you to reserve CylanceGATEWAY IP addresses that are dedicated to your organization. You can use these IP addresses for source IP pinning in addition to your organization's IP addresses, providing the same level of security without requiring remote users to be connected to your organization's VPN.
Industry-leading tunnel technology	CylanceGATEWAY provides advanced layer 3 encryption for IP tunnels carrying TCP, UDP, ICMP, and real-time, low-latency traffic.
Android and iOS support	The CylancePROTECT Mobile app sends traffic through the tunnel to the CylanceGATEWAY cloud services and provides users with connection statistics, status information, and the ability to disable work mode and stop using CylanceGATEWAY for connections.
Windows 10 , Windows 11, and macOS support	The CylanceGATEWAY agent that you install on devices sends traffic through the tunnel to the CylanceGATEWAY cloud services and provides users with connection statistics, status information, and the ability to disable work mode and stop using CylanceGATEWAY for connections.
Split tunneling	You can allow remote users to connect to safe public Internet sites directly over the Internet without tunneling through CylanceGATEWAY .

What is CylanceGATEWAY?