Skip Navigation

CylanceOPTICS
known issues

Errors can occur when the
CylanceOPTICS
agent for
macOS
communicates with the
CylancePROTECT Desktop
Desktop agent on the XPC channel. This issue can occur on macOS 12 (Monterey) and later. (EDR-20258)
The
CylanceOPTICS
agent for
Linux
version 3.3 may return higher degredation than expected for nginx performance. (EDR-20098)
If you send the "Cylance - Browser History" package to
CylanceOPTICS
devices, the data collection does not work on
macOS
or
Linux
devices that have the
Chrome
or
Safari
browser open. (EDR-18709)
Workaround:
Instruct device users to close the browser session and send the package again.
The
CylanceOPTICS
agent version 3.3 added support for the
CylanceOPTICS
network sensor on
Linux
operating systems. Older distributions such as RHEL/CentOS 7.9 and earlier or
Oracle
Linux
Server (non-UEK) 7.9 and earlier that use kernels prior to 4.4 will not record IGMP or DNS. (EDR-17963, EDR-17964)
Due to a defect in
macOS
Ventura 13.0.0, if the
CylanceOPTICS
agent is installed on a device with
macOS
13.0.0 or a
CylanceOPTICS
device is upgraded to
macOS
13.0.0, the
CylanceOPTICS
agent may not be able to detect events. (EDR-14879)
Workaround:
To prevent this issue from occurring, install the agent on
macOS
Ventura 13.0.1 or later or upgrade directly to
macOS
Ventura 13.0.1 or later instead of 13.0.0. If you upgrade from 13.0.0 to 13.0.1 or later, remove the agent and install it again. If installing on 13.0.1 or later or upgrading to 13.0.1 or later is not possible at this time, remove full disk access for CyOptics and CyOpticsESFLoader then add full disk access for both again and restart the device.
Detection notifications do not work on devices with the following
Linux
distros:
  • CentOS 8.x
  • RHEL 8.x
  • Oracle
    Linux
    Server 8
  • Oracle
    Linux
    Server UEK 8
  • SUSE
    Linux
    Enterprise Server 12 and later
  • Ubuntu
    18.04 and later
(EDR-11155)
When you try to unlock a partially locked device from the management console, it may not unlock as expected. This issue occurs intermittently. (EDR-9690)
Workaround:
Try to unlock the device again from the management console (Select Action > Unlock device), or use the unlock key.
If you try to download a large file from InstaQuery results by clicking the Request File Download button, the request might not complete as expected (the button does not change to "Download File"). (EDR-7702)
The refract package for browser history that is available in the management console does not collect the expected data on
Linux
devices. (EDR-6917)
When you view the status of a package deploy job and you filter the results by name, the operator displays as "Equals" even though it works as "Contains", and the filter is case sensitive. (EDR-6689)