Setting up CylanceGATEWAY Skip Navigation

Setting up
CylanceGATEWAY

If
CylanceGATEWAY
is not enabled for your tenant the menu options to configure it are not displayed in the management console. If a user with insufficient permissions logs in to the management console a no permissions error message is displayed when selecting a menu option. For more information about the error message, see support.blackberry.com/ community to read article 98223.
DNS resolution of IPv6 addresses is not supported. IPv6 addresses will not be returned to the
CylanceGATEWAY
agent.
Step
Action
Step 1
Install and set up the
BlackBerry Connectivity Node
and at least one
CylanceGATEWAY Connector
.
Step 2
Step 3
Step 4
Review the existing CylanceGATEWAY network services or define your own to make creating access control list (ACL) rules on tenants easier (optional).
Step 5
Configure ACL rules on tenants to manage which Internet and private network destinations
CylanceGATEWAY
allows and blocks access to.
Step 6
Configuring network protection to specify the threats that
CylanceGATEWAY
detects and how it responds.
Step 7
Step 8
Configure Gateway service options to specify OS-specific options.
Step 9
Configure enrollment policies to allow users to activate the
CylancePROTECT Mobile
app or
CylanceGATEWAY
agent on their devices.
Step 10
Assign policies to administrators, users, and groups. Users must be assigned an enrollment policy and Gateway Service policy before they can activate the
CylanceGATEWAY
agent.
Step 11
Device users install and activate the
CylancePROTECT Mobile
app on
iOS
,
Android
, and
Chromebook
devices and the
CylanceGATEWAY
agent on
Windows
and
macOS
devices.
You can download the agents from the BlackBerry web site. For more information on the
CylancePROTECT Mobile
app and
CylanceGATEWAY
agent, see the Cylance Endpoint Security User Guide.
Step 12
Bring your own IP addresses (BYOIP) to provide larger dedicated IP addresses to control traffic in ways, such as using your organization's own IP address for sourcing IP pinning and whitelisting a single IP address range or CIDR address instead of several non-continuous IP addresses. (Optional)