- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Configuring a new Cylance Endpoint Security tenant
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Connecting Cylance Endpoint Security to external services
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- Appendix: Using RMM solutions to install the Cylance agents on devices
File actions
The following settings can be found in the
File Actions
tab in a device policy. They specify how the CylancePROTECT Desktop
agent handles a file when it detects a threat that it considers to be unsafe or abnormal. Option | Description |
---|---|
Auto Quarantine with Execution Control | This setting specifies whether to automatically quarantine unsafe or abnormal files to prevent them from executing. If you want to quarantine abnormal files, you must first select the option to quarantine unsafe files. Unsafe files contain significantly more malware attributes and are more likely to be malware than abnormal files. When a file is quarantined, the following occurs:
Some malware is designed to create files in other directories and continues to do so until it is successful. Instead of removing the files, CylancePROTECT Desktop modifies them so that the malware doesn't try to create them again and so that they could not be executed. |
Enable auto-delete for quarantined files | This setting specifies whether to automatically delete quarantined files after a specified number of days. For example, you can set it so that a file is deleted after it has been quarantined for 14 days. The number of days can range from 14 to 365. When the file is deleted, the following occurs:
|
Auto Upload | Make sure that you enable Auto Upload for all available file types. If the agent finds a file that CylancePROTECT cloud services has never analyzed before, it requests to upload the file for analysis.CylancePROTECT Desktop only uploads and analyzes unknown files such as Portable Executable (PE), Executable and Linkable Format (ELF) and Mach Object file format (Mach-O) files. If the same unknown file is discovered on multiple devices in the organization, CylancePROTECT Desktop uploads one file only from a single device for analysis, not one file per device. |
Policy Safe List | Add files that you consider to be safe to the policy safe list to allow them to run. The policy safe list takes precedence over the global safe list or global quarantine list. For example, a file that is added to the policy safe list is allowed to run on a device that is assigned the policy, even if that file is in the global quarantine list which blocks files from running on all devices. |