- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Configuring a new Cylance Endpoint Security tenant
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Connecting Cylance Endpoint Security to external services
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- BlackBerry Docs
- Cylance Endpoint Security
- Setup
- Cylance Endpoint Security Setup Guide
- Adding users and devices
- Create an authentication policy
Create an authentication policy
You create an authentication policy to specify the types of authentication that administrators must complete to sign in to the credentials before they receive a one-time password prompt.
Cylance Endpoint Security
management console and users must complete to activate Cylance Endpoint Security
apps or agents (for example, CylancePROTECT Mobile
or CylanceGATEWAY
). Users must complete the types of authentication in the order that you specify in the policy. For example, if you add Enterprise before One-Time Password, users enter their work or my
AccountIn a policy you can also configure app exceptions and specify different authenticators for specific apps. App exceptions take precedence over the authentication policy. Any authentication policies that are configured in your tenant are applied in the following order:
- App exceptions in authentication policies that are assigned to users or groups
- Authentication policies that are assigned to users or groups
- Tenant authentication policy
- On the menu bar, clickPolicies > User Policy.
- Click theAuthenticationtab.
- ClickAdd policy.
- Enter a name and description for the policy.
- In theAuthentication rulessection, clickAdd Authenticator.If your authenticator was created before December 2023, and you updatedCylance Endpoint Securitylogin request URL to enable the IDP-initiated Proxy to allow users to use single sign-on (SSO) to access the Cylance console after logging in to their users’ IDP portal, add the updated authenticator and remove the original authenticate that was created. For more information, see Enhanced authentication sign in.
- In theAdd authenticatordialog box, select an authenticator in the drop-down list.Repeat this step to add more authenticators to the policy. Users receive prompts from each authenticator in the order that they are listed in the policy. If you addDuoUniversal MFA to the policy, you should also add another authenticator so thatDuois used as a second factor for authentication. To change the order, clickSet Order, drag the authenticators to the order that you want, and clickSet Orderagain.
- If you want to add app exceptions, clickManage App Exceptions.
- In theManage App Exceptionsdialog box, select the apps that you want to include in theAvailable appspane.
- Click .
- ClickSave.
- In theManage app exceptionssection, click the tab for one of the apps that you added as an exception.
- ClickAdd Authenticator.
- In theAdd authenticatordialog box, select an authenticator from the drop-down list. ClickSave.Repeat this step to add more authenticators to the app exception. Users must complete the types of authentication in the order that you specify. To change the order, clickSet Order, drag the authenticators to the order that you want and clickSet Orderagain.
- To save the policy, clickSave.