Cylance Endpoint Security requirements
Logging in to the management console
- Custom authentication
- Enhanced authentication sign in
  - Sign in to the Cylance Endpoint Security management console using enhanced authentication
  - Generate a new SSO callback URL
Installing the BlackBerry Connectivity Node
Linking to your company directory
Setting up administrators
Adding users and devices
Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Create an enrollment policy
- Supported enrollment email variables
Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Add and configure a zone
Setting up CylancePROTECT Desktop
Setting up CylancePROTECT Mobile
Setting up CylanceOPTICS
- Install the CylanceOPTICS agent on devices
  - Configuration requirements for macOS 11.x and later
  - OS commands for the CylanceOPTICS agent
- Enable and configure CylanceOPTICS
Setting up CylanceGATEWAY
Setting up CylanceAVERT
Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Manage updates for the CylancePROTECT Desktop and CylanceOPTICS agents
Connecting Cylance Endpoint Security to external services
- Integrating Cylance Endpoint Security with Okta
  - Prerequisites for adding an Okta connector
  - Add and configure an Okta connector
- Integrating Cylance Endpoint Security with Mimecast
  - Prerequisites for adding a Mimecast connector
  - Add and configure a Mimecast connector
Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines

Device control

Device control protects devices by controlling USB mass storage devices connecting to devices in the organization. When you enable device control, you can allow full access, read-only, or block USB mass storage devices, such as USB flash drives, external hard drives, and smartphones. As part of the policy, you can also use exclusions to define the access level for specific mass storage devices using the vendor ID, product ID, and serial number. For example, you can block all USB mass storage devices, but create exclusions to allow full access to some authorized devices only.

Device control does not affect USB peripherals such as a mouse or keyboard. For example, when you create a policy to block all USB mass storage device types, a user can still use a USB keyboard.

Device control is available for

Windows

devices that are running agent version 2.1.1410 and later only.

When device control is enabled, all USB mass storage devices that are inserted are logged, along with the policy action that was applied (full access, read-only, or block). If the policy action is set to read-only or block, and desktop notifications are enabled on the device, a pop-up notification appears on the device when a USB mass storage device is connected. You can find the log of device control events on the

Protection > External Devices

screen in the console.

Device control policy action	Description
Block	This setting blocks the device from accessing external USB storage devices.
Read Only	This setting allows read-only access to external USB storage devices. Read-only access allows devices to view the contents of an external USB device but does not allow write or delete access to the USB device. The following USB device types can be configured for read-only access: Still image USB CD/DVD RW USB drive VMWare USB passthrough Windows portable device
Full Access	This setting allows read, write, and delete access to the external USB storage devices.

Supported device types	Description
Android	This is a portable device running Android OS, such as a smartphone or a tablet. When an Android device is connected, its device type might be identified as Android , Still Image, or Windows Portable Device. If you want to block Android devices, consider blocking Still Image and Windows Portable Device as well.
iOS	This is an portable Apple device running iOS , such as an iPhone or iPad . Some iOS devices will not charge when device control is enabled and set to block unless the device is powered off. Apple includes their charging capability within functions of the device that are required for our iOS device blocking capability. Non- Apple devices do not bundle their charging capability in this manner and are not impacted.
Still Image	This device class includes scanners, digital cameras, multi-mode video cameras with frame capture, and frame grabbers. The agent sees Canon cameras as a Windows Portable Device, not as a Still Image device.
USB CD DVD RW	This is a USB optical drive.
USB Drive	This is a USB hard drive or USB flash drive.
VMware USB Passthrough	This is a VMware virtual machine client that has USB devices connected to the host.
Windows Portable Device	These are portable devices that use the Microsoft Windows Portable Device (WPD) driver technology, such as mobile phones, digital cameras, and portable media players.

Device control is not supported for SD cards at this time. However, if utilized with a USB card reader device, device control might detect the USB device.

Section:

Using device policies to manage CylancePROTECT Desktop devices

Add an external storage exclusion

Bulk import of device control exclusions