CylanceOPTICS known issues
CylanceOPTICS
known issuesErrors can occur when the CylanceOPTICS agent for macOS communicates with the CylancePROTECT Desktop Desktop agent on the XPC channel. This issue can occur on macOS 12 (Monterey) and later. (EDR-20258) |
The CylanceOPTICS agent for Linux version 3.3 may return higher degredation than expected for nginx performance. (EDR-20098) |
If you send the "Cylance - Browser History" package to CylanceOPTICS devices, the data collection does not work on macOS or Linux devices that have the Chrome or Safari browser open. (EDR-18709)Workaround: Instruct device users to close the browser session and send the package again. |
The CylanceOPTICS agent version 3.3 added support for the CylanceOPTICS network sensor on Linux operating systems. Older distributions such as RHEL/CentOS 7.9 and earlier or Oracle Linux Server (non-UEK) 7.9 and earlier that use kernels prior to 4.4 will not record IGMP or DNS. (EDR-17963, EDR-17964) |
Due to a defect in macOS Ventura 13.0.0, if the CylanceOPTICS agent is installed on a device with macOS 13.0.0 or a CylanceOPTICS device is upgraded to macOS 13.0.0, the CylanceOPTICS agent may not be able to detect events. (EDR-14879)Workaround: To prevent this issue from occurring, install the agent on macOS Ventura 13.0.1 or later or upgrade directly to macOS Ventura 13.0.1 or later instead of 13.0.0. If you upgrade from 13.0.0 to 13.0.1 or later, remove the agent and install it again. If installing on 13.0.1 or later or upgrading to 13.0.1 or later is not possible at this time, remove full disk access for CyOptics and CyOpticsESFLoader then add full disk access for both again and restart the device. |
Detection notifications do not work on devices with the following Linux distros:
(EDR-11155) |
When you try to unlock a partially locked device from the management console, it may not unlock as expected. This issue occurs intermittently. (EDR-9690) Workaround: Try to unlock the device again from the management console (Select Action > Unlock device), or use the unlock key. |
If you try to download a large file from InstaQuery results by clicking the Request File Download button, the request might not complete as expected (the button does not change to "Download File"). (EDR-7702) |
The refract package for browser history that is available in the management console does not collect the expected data on Linux devices. (EDR-6917) |
When you view the status of a package deploy job and you filter the results by name, the operator displays as "Equals" even though it works as "Contains", and the filter is case sensitive. (EDR-6689) |