- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Configuring a new Cylance Endpoint Security tenant
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Connecting Cylance Endpoint Security to external services
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- Appendix: Using RMM solutions to install the Cylance agents on devices
Manage evidence collection
You can customize how data exfiltration events are collected in
CylanceAVERT
. Data collection settings allow you to configure the evidence that you want to be collected during a data exfiltration event for auditing purposes. By configuring data collection settings, you can make decisions such as including file snippets of the exfiltration event, saving full copies of the files involved in the exfiltration event, managing uploads to the evidence locker, selecting times for file uploads, and specifying the length of time data evidence should be retained.- In the management console, on the menu bar, clickSettings > Information Protection.
- Click theData Collectiontab.
- Perform any of the following to configure information protection settings:ItemStepsFile SnippetsClick theGenerate File Snippetstoggle to turn on or off file snippet collection. WhenGenerate File Snippetsis turned on, a file snippet of the data exfiltration event will be saved in the events details. By default,Generate File Snippetsis set to off.Evidence File Collection
- Click theEnable evidence file collectiontoggle to turn on or off evidence file collection. By default,Enable evidence file collectionis set to off. WhenEnable evidence file collectionis turned on, a full copy of the files involved in a data exfiltration event will be saved in the event details. See Viewing CylanceAVERT event details for more information.
- Click theDisk spacetext field and enter a value to specify the maximum amount of free disk space that you can allocate to caching evidence files on remote devices or evidence locker. By default,Disk spaceis set to 10%.
File UploadClick theFile Upload Methoddrop-down menu and select a method. By selectingDirect, devices on your network will be able to upload files directly to your evidence locker. If direct access to your evidence locker is blocked (for example, by your firewall),BlackBerrywill upload the files through its cloud by selectingBlackBerry Proxy Service. By default,Directis selected.Evidence File RetentionClick theData retentiondrop-down menu and select the length of time you would like evidence files to be stored in your evidence locker. The values for the length of time that evidence files can be stored is 30, 60, or 90 days. By default,Data retentionis set to 30 days.