Skip Navigation

Device policy: Agent Settings

Agent settings specify the agent features that you can use to protect devices.
Setting
Description
Prevent service shutdown from device
When enabled, device users cannot stop the service for the
CylancePROTECT Desktop
agent or for the following versions of the
CylanceOPTICS
agent:
  • CylanceOPTICS
    agent for
    Windows
    3.1 or later with
    CylancePROTECT Desktop
    3.0 or later
  • CylanceOPTICS
    agent for
    macOS
    3.3 or later with
    CylancePROTECT Desktop
    3.1 or later
When enabled, a
macOS
user can stop the services only if the Self Protection Level in the device properties is set to Local Admin (Assets > Devices > click the device).
Windows
users cannot stop the agent services as long as this setting is enabled.
CylancePROTECT Desktop
agent version 3.1 and later runs as a trusted service using Antimalware Protected Process Light (AM-PPL) technology from
Microsoft
, which also helps prevent the agent from being shut down. This feature requires the device to be running
Windows
10 1709 or later or
Windows
Server 2019 or later.
Auto-upload log files
When enabled, agent logs are uploaded to the management console where you can view them (Assets > Devices > click the device > Agent Logs tab). The log file name is the date of the log. Uploaded log files are stored for 30 days.
Desktop notifications
When enabled, the
CylancePROTECT Desktop
agent will display pop-up notifications to the device user. Note that device users can change this setting directly in the agent, and the user setting will take precedence over this device policy setting. In the agent on devices, the Events tab is cleared when the agent or device is restarted.
Auto-delete quarantined files
When enabled, quarantined files are deleted automatically from the device after a specified number of days (by default, 14). When a quarantined file is deleted, the action is included in the agent log file and the file is removed from the quarantine list in the agent.
Monitor installed applications
When enabled, the agent reports a list of applications that are installed on devices to the management console. This allows you to identify applications that may be a source of vulnerabilities and prioritize and manage actions against those vulnerabilities.
This feature requires
CylancePROTECT Desktop
for
Windows
version 3.2 or later. You can view the list of applications and their associated devices in Assets > Installed Applications. You can also view a list of applications that are installed on individual devices in Assets > Devices > Device details > Installed Applications.