- Configuring a new Cylance Endpoint Security tenant
- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Accessing the management console and configuring authentication
- Setting up administrators
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Create and manage a device policy
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylanceOPTICS
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- Using RMM solutions to install the Cylance agents on devices
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Adding users and devices
- Setting up CylancePROTECT Mobile
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up CylanceAVERT
- Connecting Cylance Endpoint Security to external services
- BlackBerry Docs
- Cylance Endpoint Security
- Cylance Endpoint Security
- Cylance Endpoint Security Setup Guide
- Setting up CylanceGATEWAY
Setting up CylanceGATEWAY
CylanceGATEWAY
If
CylanceGATEWAY
is not enabled for your tenant the menu options to configure it are not displayed in the management console. If a user with insufficient permissions logs in to the management console a no permissions error message is displayed when selecting a menu option. For more information about the error message, see support.blackberry.com/ community to read article 98223.
DNS resolution of IPv6 addresses is not supported. IPv6 addresses will not be returned to the
CylanceGATEWAY
agent.Step | Action |
|---|---|
 | Install and set up the BlackBerry Connectivity Node and at least one CylanceGATEWAY Connector . |
 | Review the existing CylanceGATEWAY network services or define your own to make creating access control list (ACL) rules on tenants easier (optional). |
 | Configure ACL rules on tenants to manage which Internet and private network destinations CylanceGATEWAY allows and blocks access to. |
 | Configuring network protection to specify the threats that CylanceGATEWAY detects and how it responds. |
 | Configure Gateway service options to specify OS-specific options. |
 | Configure enrollment policies to allow users to activate the CylancePROTECT Mobile app or CylanceGATEWAY agent on their devices. |
 | Assign policies to administrators, users, and groups. Users must be assigned an enrollment policy and Gateway Service policy before they can activate the CylanceGATEWAY agent. |
 | Device users install and activate the CylancePROTECT Mobile app on iOS , Android , and Chromebook devices and the CylanceGATEWAY agent on Windows and macOS devices. Optionally, you can perform a silent installation or upgrade of the CylanceGATEWAY agent. You can download the agents from the BlackBerry web site. For more information on the CylancePROTECT Mobile app and CylanceGATEWAY agent, see the Cylance Endpoint Security User Guide. Optionally, you can integrate Cylance Endpoint Security with BlackBerry UEM or Microsoft Intune to verify whether iOS and Android devices are managed by UEM or Intune before they can use CylanceGATEWAY . For more information, see Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed. |
 | Bring your own IP addresses (BYOIP) to provide larger dedicated IP addresses to control traffic in ways, such as using your organization's own IP address for sourcing IP pinning and allowing a single IP address range or CIDR address instead of several non-continuous IP addresses. (Optional) |
Defining your private network
Network Address Translation with CylanceGATEWAY
Define network services
Controlling network access
Configuring network protection
Searching ACL rules and Network Services
Using source IP pinning
Configuring the Gateway service options
Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
Installing the CylanceGATEWAY agent