Key features of CylanceGATEWAY Skip Navigation

Key features of
CylanceGATEWAY

Feature
Description
Continuous evaluation of network destinations
BlackBerry
uses machine learning, IP reputation, and risk scoring to maintain an ever-evolving list of malicious Internet destinations.
CylanceGATEWAY
blocks devices from connecting to known and unknown phishing domains and associated IP and FQDN destinations, saving your organization the work of manually compiling and maintaining its own list.
Continuous identity risk analysis
The identity risk engine uses machine learning to continuously evaluate user behavior.
  • Network anomaly events are detected when a
    CylanceGATEWAY
    user's network usage pattern is not consistent with past behavior. When an unusual network event is detected,
    CylanceGATEWAY
    can dynamically override the user's ACL rules and block the connection.
  • Behavioral anomaly events are detected when a
    CylanceGATEWAY
    user's upload and download behavior pattern is not consistent with past behavior. When behavioral anomalies are detected, the anomaly is displayed on
    CylanceGATEWAY
    Events page. Behavioral anomalies do not block user traffic.
Threat protection
CylanceGATEWAY
uses machine learning to continuously protect your organization's network from threats by continuously monitoring network connections for potential threats. When an anomaly is identified, it is subsequently blocked or alerted upon based on the risk level that is set in the network protection settings.
  • Endpoints are protected against newly emerging network threats and established malicious destinations. Identified anomalies (for example, zero day, phishing domains, and command and control (C2) beacons)
  • DNS tunneling anomalies are detected based on CylanceGateway's analysis on the DNS traffic from the client to the attacker's DNS server.
Segmented private network access
You can install
CylanceGATEWAY Connectors
on-premises and on private cloud networks to provide network access to remote devices without changing network topology or routing, and without opening firewall holes for incoming traffic. Access through
CylanceGATEWAY
offers strong isolation; only the parts of the network you choose are exposed to endpoints, and endpoints are not exposed to the whole private network. The
CylanceGATEWAY Connector
can be deployed in an
AWS
,
vSphere
,
ESXi
,
Microsoft Azure
, or
Hyper-V
environment.
Monitor network access and traffic patterns
The
CylanceGATEWAY
dashboard in the management console displays multiple widgets that show connections, usage patterns, and alerts to help you monitor network traffic.
One touch SaaS configuration
You can easily configure access to SaaS applications using the network services.
CylanceGATEWAY
streamlines SaaS app support and reduces the time required to enable SaaS app connectivity in the ACL rules that you configure for your environment. For more information on network services, see Define network services.
Content filtering
The ACL rules and the network protection settings that you configure for your environment filter the content and destinations that your users can access. This uses machine learning and ACL rules to ensure that users comply with your organization's acceptable use and regulatory requirements. 
Web access firewall
CylanceGATEWAY
protects devices and your private network by filtering, monitoring, and blocking traffic to potentially suspicious destinations.
CylanceGATEWAY
completes this by applying ACL rules that are configured for your environment and the network protection settings that you have specified. See the following for more information:
Support for IP-pinned services
Most SaaS applications allow source IP pinning to limit access only to connections from a specific range of trusted IP addresses. By limiting users to connections only through trusted entry points, organizations have an additional level of verification that the user is entitled to use the service. Your organization may already use this method to limit access to a SaaS application to connections from IP addresses used by devices connected to your organization's network. For users working remotely without using
CylanceGATEWAY
, this means that all traffic between remote devices and a SaaS application must travel over VPN to your network and then to the SaaS application.
CylanceGATEWAY
allows you to reserve
CylanceGATEWAY
IP addresses that are dedicated to your organization. You can use these IP addresses for source IP pinning in addition to your organization's IP addresses, providing the same level of security without requiring remote users to be connected to your organization's VPN.
Industry-leading tunnel technology
CylanceGATEWAY
provides advanced layer 3 encryption for IP tunnels carrying TCP, UDP, ICMP, and real-time, low-latency traffic.
Android
and
iOS
support
The
CylancePROTECT Mobile
app sends traffic through the tunnel to the
CylanceGATEWAY
cloud services and provides users with connection statistics, status information, and the ability to disable work mode and stop using
CylanceGATEWAY
for connections.
Windows 10
,
Windows
11, and
macOS
support
The
CylanceGATEWAY
agent that you install on devices sends traffic through the tunnel to the
CylanceGATEWAY
cloud services and provides users with connection statistics, status information, and the ability to disable work mode and stop using
CylanceGATEWAY
for connections.
Split tunneling
You can allow remote users to connect to safe public Internet sites directly over the Internet without tunneling through
CylanceGATEWAY
.