- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Configuring a new Cylance Endpoint Security tenant
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Connecting Cylance Endpoint Security to external services
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- Appendix: Using RMM solutions to install the Cylance agents on devices
- BlackBerry Docs
- Cylance Endpoint Security
- Setup
- Cylance Endpoint Security Setup Guide
- Linking to your company directory
- Connect to an LDAP directory
Connect to an LDAP directory
To connect to an on-premises LDAP directory, you must first install at least one instance of the
BlackBerry Connectivity Node
.- In theBlackBerry Connectivity Nodeconsole (http:/localhost:8088), clickGeneral settings > Company directory.
- Click .
- SelectLDAP.
- In theConnection namefield, type a name for this company directory connection.
- In theLDAP server discoverydrop-down list, click one of the following: If you want to use automatic discovery, clickAutomatic.
- If you want to use automatic discovery, clickAutomaticthen in theDNS domain namefield, type the DNS domain name.
- If you want to specify the LDAP computer, clickSelect server from list below. Click and type the FQDN of the computer. Repeat this step to add more computers.
- In theEnable SSLdrop-down list, select whether you want to enable SSL authentication for LDAP traffic. If you clickYes, clickBrowseand select the SSL certificate for the LDAP computer.
- In theLDAP portfield, type the port number of the LDAP computer.
- In theAuthorization requireddrop-down list, select whether authentication is required with the LDAP computer. If you clickYes, type the username and password of the LDAP account. The username must be in DN format (for example, CN=Megan Ball,OU=Sales,DC=example,DC=com).
- In theSearch basefield, type the search base that you want to access (for example, OU=Users,DC=example,DC=com).
- In theLDAP user search filterfield, type the filter that you want to use for LDAP users. For example: (&(objectCategory=person)(objectclass=user)). If you want to restrict searching to all members of a single group for the entireCylance Endpoint Securitytenant, you can use the following example: (&(objectCategory=person)(objectclass=user)(memberOf=CN=Local,OU=Users,DC=example,DC=com)).
- In theLDAP user search scopedrop-down list, click one of the following: If you want user searches to apply to all levels below the base DN, clickAll levels. If you want to limit user searches to one level below the base DN, clickOne level.
- In theUnique identifierfield, type the attribute for each user’s unique identifier (for example, uid). The attribute must be immutable and globally unique for every user.
- In theFirst namefield, type the attribute for each user’s first name (for example, givenName).
- In theLast namefield, type the attribute for each user’s last name (for example, sn).
- In theLogin attributefield, type the attribute for each user’s login attribute (for example, cn).
- In theEmail addressfield, type the attribute for each user’s email (for example, mail).
- In theDisplay namefield, type the attribute for each user’s display name (for example, displayName).
- To synchronize more user details from your company directory, select theSynchronize additional user detailscheck box. The additional details include company name and office phone.
- To enable directory-linked groups, select theEnable directory-linked groupscheck box.Specify the following information:
- In theGroup search basefield, type the value to use as the base DN for group information searches.
- In theLDAP group search filterfield, type the LDAP search filter that is required to find group objects in your company directory.
- In theGroup Unique Identifierfield, type the attribute for each group's unique identifier. This attribute must be immutable and globally unique.
- In theGroup Display namefield, type the attribute for each group's display name.
- In theGroup Membership attributefield, type the name of the attribute for group membership. The attribute values must be in DN format.
- In theTest Group Namefield, type an existing group name for validating the group attributes specified.
- ClickSave.
- If you want to configure automatic onboarding forCylance Endpoint Security, see Configure onboarding and offboarding.
- If you want to add a directory synchronization schedule, see Configure directory synchronization schedules.
- If you have more than one instance of theBlackBerry Connectivity Node, you can copy directory connection configurations from one instance into the others.