- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop agent
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Azure environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Defining your private network
- Setting up CylanceAVERT
- Installing the CylanceAVERT agent
- Define sensitive content using information protection settings
- Managing information protection policies
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- BlackBerry Docs
- Cylance Endpoint Security
- Setup
- Cylance Endpoint Security Setup Guide
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- Deploy CylancePROTECT Desktop on virtual machines
Deploy CylancePROTECT Desktop on virtual machines
CylancePROTECT Desktop
on virtual machines- Create a device policy that you will use to prepare the VDI gold image. Configure the following options in the policy:Device policy categoryOptionsFile Actions
- Turn onAuto Quarantine with Execution Controlfor unsafe and abnormal file types
Protection Settings- Turn onBackground Threat Detection(Run Once)
- Turn onWatch for New Files
- Prepare the VDI gold image.
- Install the CylancePROTECT Desktop agent on the gold image.
- Apply the device policy that you created in step 1 to the gold image.Allow the background threat detection scan to complete. This can take several hours, depending on the size of the disk and the activity on the image as it is being scanned.
- Review the results of the background threat detection scan and, if necessary, add binaries detected on the gold image to the CylancePROTECT Desktop quarantine or safe lists.
- Create a device policy that is intended for production VDI workstations.BlackBerryrecommends the following options in the policy, in addition to the options that you want to enable for your production workstations:Device policy categoryOptionsFile Actions
- Turn onAuto Quarantine with Execution Controlfor unsafe and abnormal file types
- Turn onAuto Upload
Protection Settings- Turn onWatch for New Files
- Turn offBackground Threat Detection
- When the gold image is ready for production, apply the device policy from step 6 to the gold image.
- Deploy the gold image onto production machines. Deploy each cloned image with a unique UUID or ID that is different than the gold image.
For the cloned devices, configure zone-based agent updates to
Do Not Update
or to a specific version of the agent. Updates should be managed on the gold image. See Update CylancePROTECT Desktop on cloned devices.