- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Configuring a new Cylance Endpoint Security tenant
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Connecting Cylance Endpoint Security to external services
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- Appendix: Using RMM solutions to install the Cylance agents on devices
- BlackBerry Docs
- Cylance Endpoint Security
- Setup
- Cylance Endpoint Security Setup Guide
- Setting up CylanceGATEWAY
- Configuring the Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify CylanceGATEWAY options on Android Enterprise devices
Specify CylanceGATEWAY options on Android Enterprise devices
CylanceGATEWAY
options on Android Enterprise
devicesFor
Android
devices, you can specify which apps send data through the CylanceGATEWAY
tunnel using the CylanceGATEWAY
service policy. If your organization manages Android Enterprise
devices using an EMM solution such as BlackBerry UEM
, you can configure settings in your EMM provider that affect CylanceGATEWAY
.You can use the IT policy in
BlackBerry UEM
to specify whether CylanceGATEWAY
is always enabled on devices and whether users can change VPN configurations in the work profile on the device. For more information on UEM
IT policy rules, download the UEM IT Policy Reference.- In theUEMmanagement console, create or edit an IT policy.
- Perform one of the following actions:
- To forceCylanceGATEWAYto always be enabled, set the following IT policy rules for theAndroidwork profile.IT policy ruleDescriptionForce always-on VPNSelectedUseBlackBerry Secure Connect Plusfor VPN connectionNot selectedVPN app package IDcom.blackberry.protectForce work apps to only use VPNNot selected. If this option is selected, theCylancePROTECT Mobileapp can't be activated on the device.Work apps exempt from VPNIf the "Force work apps to only use VPN" rule is selected,
- you must entercom.android.chrometo allow theChromebrowser to access the network and activate theCylancePROTECT Mobileapp on the device before the VPN is connected. This rule applies to devices running Android OS 10.0.0 or later.
- If you entercom.android.protect, theCylancePROTECT Mobileapp can access the network without using the VPN only when the VPN is not connected.
- To allow devices to send data through theCylanceGATEWAYtunnel ifForce always-on VPNis not selected, selectAllow user-configured VPN in workspace.
If neitherForce always-on VPNnorAllow user-configured VPN in workspaceis selected, the device will not allow work apps to send data through the tunnel. - Assign the IT policy to users.