- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Configuring a new Cylance Endpoint Security tenant
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Connecting Cylance Endpoint Security to external services
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- Appendix: Using RMM solutions to install the Cylance agents on devices
- BlackBerry Docs
- Cylance Endpoint Security
- Setup
- Cylance Endpoint Security Setup Guide
- Setting up CylanceGATEWAY
- Installing the CylanceGATEWAY agent
Installing the CylanceGATEWAY agent
CylanceGATEWAY
agentThe
CylanceGATEWAY
agent protects users’ Windows 10
, Windows 11
, and macOS
devices by allowing you to block connections to Internet destinations that you don’t want devices to reach, even when the device isn't connected to your network. BlackBerry
maintains an ever-growing list of unsafe Internet destinations that it can block endpoints from connecting to. If your organization also wants to block users from visiting specific sites that don't meet your acceptable use standards, you can create policies to specify additional destinations that all users or specific users or groups cannot access. The
CylanceGATEWAY
agent is installed on user's devices, allowing them to access network resources safely and protect their device from suspicious and potentially malicious network activity. When the CylanceGATEWAY
agent is installed and Work Mode is enabled, CylanceGATEWAY
establishes secure connections between the user’s device and your organization's network and the public Internet, analyzes your network activity, and applies network access policies that you manage. When you enable Safe Mode for macOS
and Windows
devices, CylanceGATEWAY
extends the tenant ACL rules and endpoint protection for devices when Work Mode is not enabled to ensure that devices are always protected for network traffic that does not use the tunnel. When you deploy a new installation of the
CylanceGATEWAY
agent, users' devices must be restarted, and users must manually complete the installation process and enable Work Mode or activate Safe Mode. When you deploy an upgrade of the CylanceGATEWAY
agent, users' devices must be restarted for the upgrade to complete. During the upgrade, the CylanceGATEWAY
agent retains all of the configurations. No additional action is required by users.When the
CylanceGATEWAY
agent installation is controlled by enterprise device management tools (for example, Microsoft
System Center Configuration Manager (SCCM) or another deployment tool), you can include the customDomain parameters to minimize user interaction when the agent is activated. You can obtain the custom domain name from the "Custom Domain Name" field in Settings > Application. You can supply the parameters for Windows
devices from the command line and for macOS
devices using a managed app configuration or MCX app preferences. You can also direct users to manually download and install the CylanceGATEWAY
agent to enable Work Mode or activate Safe Mode. - FormacOSdevices, include the following value to specify the custom domain name to be used when users activateCylanceGATEWAYagent 2.9 or later:<dict> <key>customDomain</key> <string>Your_custom_domain_name</string> </dict>
- ForWindowsdevices, include the following command to specify the custom domain name to be used when users activateCylanceGATEWAYagent 2.9 or later:CylanceGATEWAY-<version>.exe /v"CUSTOM_DOMAIN=<your_custom_domain_name>"To specify the custom domain name for a silent installation, see Perform a silent installation and upgrade of the CylanceGATEWAY agent.