Skip Navigation

Cylance Endpoint Security service updates
Management console and platform services
- Management console and platform services fixed issues
- Management console and platform services known issues
CylancePROTECT Desktop release notes
CylancePROTECT Mobile release notes
- CylancePROTECT Mobile fixed issues
- CylancePROTECT Mobile known issues
CylanceOPTICS release notes
- CylanceOPTICS fixed issues
- CylanceOPTICS known issues
CylanceGATEWAY release notes
- CylanceGATEWAY fixed issues
- CylanceGATEWAY known issues
CylanceAVERT release notes
- CylanceAVERT fixed issues
- CylanceAVERT known issues

CylanceGATEWAY
release notes

Latest versions of the
CylanceGATEWAY
components

CylanceGATEWAY Connector

version 2.10.0.938

CylanceGATEWAY

agent for

Windows

version 2.10.0.13

CylanceGATEWAY

agent for

macOS

version 2.9.14

To download the agent, go to the BlackBerry Website and scroll down to the Download

CylanceGATEWAY

section.

What's new in the management console

Feature	Description	Date added
DNS Tunneling detection support enhancements	CylanceGATEWAY now supports detecting DNS tunneling connections using the DNS response that is associated with the TXT records of a destination that users try to access. The Event Details page displays the query type and resource record type as TXT and the SIEM solution or syslog server now includes the new field, rData. Detected anomaly events are sent to the Alerts view and sent to the SIEM solution or syslog server, if configured. For more information, see Viewing the Event Details page.	October 2024
Split tunneling enhancements	Now when you enable split tunneling, you can create an exclusive list that specifies the CIDRs for destinations that you do not want to use the tunnel. You might have an inclusive and exclusive option configured, but only the option that is selected and displayed in the console as active is applied to the network traffic. In environments that want all traffic to use the tunnel, except for few apps, this feature will save you time and administration by specifying only the CIDRs for the traffic that should not use the tunnel instead of specifying the traffic that must use the tunnel. FQDNs are not supported in the exclusive option. For more information, see the Gateway Service policy parameters in the Cylance Endpoint Security Setup content.	October 2024
Network Route enhancements	You can now add a description to each IP address, IP range, or CIDRs that you add to network routing for a connector group. This feature allows you to easily add notes to identify the part of your private network that each address represents. For more information, see Specify your private network in the Cylance Endpoint Security Setup content.	October 2024
Windows device posture validation on connect	Administrators can require Windows devices to be managed by Microsoft Intune . This feature requires devices are managed by Entra ID , and be Entra ID joined, before users can use CylanceGATEWAY . For more information, see CylanceGATEWAY service parameters in the Cylance Endpoint Security Setup content.	October 2024
Change to network anomaly detection of users' traffic patterns	CylanceGATEWAY has deprecated support for behavioral risk detections based on unusual user behavior such as upload volume and download volume that is not consistent with past behavior.	January 2024
DGA detection	CylanceGATEWAY now proactively detects domains that have been created using a Domain Generation Algorithm (DGA) when users attempt to access the domain. Identified DGA events are labelled as Zero Day Detection and categorized as a Dynamic Risk and subcategorized as DGA. The anomaly detection threat events are sent to the Alerts view, the Events page, and the SIEM solution or syslog server, if configured. This feature provides a continued evolution of CylanceGATEWAY network protection capabilities.	November 2023
Safe Mode enhancements	CylanceGATEWAY now extends Machine Learning-based network protection to Safe Mode. In addition to applying the tenant's ACL rules, the Network Protection settings applied to Safe Mode have, therefore, expanded from Destination Reputation to include the following types: DNS Tunneling Zero Day This feature provides additional protection to endpoints against newly emerging network threats and malicious destinations based on the network protection settings that you specify.	November 2023
Control the network traffic detections that are sent to the Alerts view	On the Network Protection settings screen, you can now specify the following detections that you want to enable and be displayed in the Alerts view: Signature detections: Blocked and allowed events Destination reputation: Blocked and allowed events based on the minimum risk level that you set DNS tunneling: Based on the minimum risk level that you set Zero Day: Based on the minimum risk level that you set Blocked and allowed ACL events are not shared to the Alerts view. This feature introduces a more granular control over the events that are shared to the Alerts view. For more information, see Configure network protection settings in the Cylance Endpoint Security Setup content.	November 2023
Evaluate the risk level of a network destination	You can use the management console to evaluate the risk level and identify the category and subcategory of a network destination, as analyzed, and determined by the CylanceGATEWAY cloud services. This feature provides you with insight into how CylanceGATEWAY would classify and assign a risk level to a destination. For example, when you configure your access control list (ACL) rules and network protection settings to allow or block destinations and you want to know how a specific destination might be categorized, you can now safely determine the category and risk level that CylanceGATEWAY has assigned to the destination. For more information, see Evaluate the risk level of a network destination page in the Cylance Endpoint Security Setup content.	November 2023
Domain classification enhancements	CylanceGATEWAY uses Machine Learning that applies categorization to previously uncategorized English destinations. This feature has been expanded to now classify previously uncategorized French, German, Italian, and Spanish-language web destinations (for example, General Interest – Business or Security Risk). For more information, see Destination content categories page in the Cylance Endpoint Security Setup content.	November 2023
Event Details page enhancements	DNS request and response : If the Events page displays a DNS event, the Events Details page will display the DNS request and all the response details for the event. This feature allows you to view the entire path that is associated with a DNS query. DNS request and responses are sent to the Alerts view and the SIEM solution or syslog server, if configured. Safe Mode telemetry enhancements : The Events Details page now displays additional metadata; process ID (PID) and process name (Pathname) to help administrators and SOC Analysts in their threat hunting and post incident review. The PID and pathname are sent to the Alerts view and the SIEM solution or syslog server, if configured. For more information, see Viewing the Event Details in the Cylance Endpoint Security Administration content.	November 2023

What's new in
CylanceGATEWAY Connector

Feature	Description	Release date and version
Amazon Web Services (AWS) connector installation enhancements	This release of the CylanceGATEWAY Connector provides the CylanceGATEWAY Connector AMI image in AWS Marketplace. This reduces the number of tasks and time for you to set up the connector (for example, you do not need to import the file to the AWS environment, which can take up to 30 minutes to complete). For more information, see Setting up the CylanceGATEWAY Connector in the Cylance Endpoint Security Setup content. For a walkthrough on how to install the connector, see Install the CylanceGATEWAY Connector to an AWS environment.	April 2024 2.10.0.938
Support for future in-place upgrade of the CylanceGATEWAY Connector	You can perform future in-place upgrades of your CylanceGATEWAY Connector and your configurations will be retained. This feature is supported on CylanceGATEWAY Connector version 2.9 or later. This feature provides enhanced user experience in reducing the time required to upgrade the connector. The DEB file for the in-place upgrade will be available for download from my Account with the next release of the CylanceGATEWAY Connector that is currently scheduled to be released in early 2024. For more information, see Update a CylanceGATEWAY Connector in the Cylance Endpoint Security Setup content.	November 2023 2.9.0.895
Verify the CylanceGATEWAY Connector connectivity	Administrators can use a command line tool to initiate a connectivity test to verify the connection between the CylanceGATEWAY Connector and BlackBerry Infrastructure when the connector is enrolled, but its tunnel is not connected to the BlackBerry Infrastructure . This feature verifies whether the UDP packets sent from your private network have reached the BlackBerry Infrastructure and the UDP packets sent from the BlackBerry Infrastructure have been received by your private network. For more information, see Update a CylanceGATEWAY Connector in the Cylance Endpoint Security Setup content.	November 2023 2.9.0.895

What's new in
CylanceGATEWAY
agent for
macOS

Feature	Description	Release date and version
Activation enhancements	You can now include the custom domain when the installation process of the CylanceGATEWAY agent is controlled by enterprise device management tools, requiring users to only enter their username and password to activate the agent. This feature provides enhanced user experience by allowing the agent to be activated with minimal user interaction. For more information, see Installing the CylanceGATEWAY agent in the Cylance Endpoint Security Setup content.	November 2023 2.9.14

What's new in
CylanceGATEWAY
agent for
Windows

Feature	Description	Release date and version
Activation enhancements	You can now include the custom domain when the installation process of the CylanceGATEWAY agent is controlled by enterprise device management tools, requiring users to only enter their username and password to activate the agent. This feature provides enhanced user experience by allowing the agent to be activated with minimal user interaction. For more information, see Installing the CylanceGATEWAY agent in the Cylance Endpoint Security Setup content.	November 2023 2.9.0.7
Enhancements to “Automatically start CylanceGATEWAY when user signs in” and “Enable Work Mode Automatically” and Safe Mode policy settings	In the Gateway Service policy, when you configure the CylanceGATEWAY agent to automatically start and enable Work mode or enable Safe Mode, the agent is minimized in the system tray when it launches. This feature does not prevent users from opening the agent and enabling or disabling Work Mode after the agent starts or close the agent.	November 2023 2.9.0.7

CylanceGATEWAY fixed issues

CylanceGATEWAY known issues