- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop agent
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Connecting Cylance Endpoint Security to external services
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- BlackBerry Docs
- Cylance Endpoint Security
- Setup
- Cylance Endpoint Security Setup Guide
- Setting up CylanceAVERT
- Managing information protection policies
- Best practices for policy consolidation
Best practices for policy consolidation
CylanceAVERT
has two policy compliance types that can be used in an information protection policy.Regulatory compliance refers to a finite set of sensitive data that is used to protect sensitive information related to industry or government regulations. Regulatory data is data that does not change over time. The pre-defined data types in the CylanceAVERT settings are all regulatory and are provided to you by
BlackBerry
to accelerate and simplify product setup. You can create your own regulatory data types and templates for use in a policy that encapsulates all of the regulatory data that your organization requires. For example, instead of using the BlackBerry
provided template, you can create a Canada Health regulatory policy, that combines a Canadian SIN number, PHIN, health service number, Driver's license, bank account number, and passport number in a single policy. CylanceAVERT
will use regular expression or keyword matching to determine if a file contains relevant regulatory information as stated in the policy.Organizational compliance refers to a set of infinite data where the content and the people who can access the data changes from organization to organization is constantly changing based on organizational situations. As a result, organizational compliance should be used to protect sensitive data that contains information on company IP or other information relevant to your organization.
There is a possibility that multiple policies can apply to the same sensitive file, where the policies will conflict in their remediation action that they will take when a sensitive file is discovered. In this case,
CylanceAVERT
will apply remediation reconciliation for these policies.When policy collisions occur,
CylanceAVERT
will automatically apply reconciliation. The reconciliation action will differ if the file violates a regulatory policy, an organizational policy, or both. If a file is classified as only organizational, the least restrictive remediation action is taken. If a file is classified as regulatory and/or organizational, the most restrictive action is taken. For example, if a file is subject to an organizational policy that determines the file is sensitive if it contains 2 occurrences of the word “confidential”, and a second organizational policy that determines sensitivity based on 3 occurrences of the word, the file will be determined as sensitive for 3 occurrences (least restrictive). However, if one or both of these policies were regulatory, then the file would be sensitive with 2 occurrences (most restrictive).