- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop agent
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Azure environment
- Install the CylanceGATEWAY Connector to a Microsoft Azure environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Installing the CylanceAVERT agent
- Define sensitive content using information protection settings
- Managing information protection policies
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
Configure your firewall
The
CylanceGATEWAY Connector
runs inside your private network, behind your firewall, and has a private IP address. It connects to the CylanceGATEWAY
cloud service with HTTPS and UDP. The CylanceGATEWAY Connector
must be able to connect to CylanceGATEWAY
through your firewall (via NAT). The
CylanceGATEWAY Connector
must be able to use DNS to resolve public CylanceGATEWAY
FQDNs to Internet IP addresses. The CylanceGATEWAY Connector
uses your private DNS servers to do this.The
CylanceGATEWAY
agent communicates over secure websockets (WSS) with the management console and must be able to establish this connection directly. To allow the CylanceGATEWAY
agent to activate and periodically authenticate, you must allow access to the appropriate domains (for example, idp.blackberry.com and the domain for your region). If your environment uses an authentication proxy, you must allow the traffic on the proxy server. For more information about FQDNs, ports, IP address ranges and other firewall requirements, visit support.blackberry.com/community to read article 79017. For more information on network requirements for
Cylance Endpoint Security
, see Cylance Endpoint Security network requirements.