- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Logging in to the management console
- Configuring a new Cylance Endpoint Security tenant
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Setting up administrators
- Adding users and devices
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Using device policies to manage CylancePROTECT Desktop devices
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylancePROTECT Mobile
- Setting up CylanceOPTICS
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Setting up CylanceAVERT
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Connecting Cylance Endpoint Security to external services
- Appendix: Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
Add and configure a zone
If you want to add a zone rule to the zone, you need to create and save a query from the Assets > Devices screen. The list of devices in the results of the saved query indicates the devices that will be automatically added to the zone.
- In the management console, on the menu bar, clickZones.
- ClickAdd New Zone.
- In theZone Namefield, type a name for the zone.
- In thePolicydrop-down list, click a device policy to associate with the zone.
- In theValuefield, click the appropriate priority level for the zone. This setting has no impact on managing zones or devices.
- ClickSave.
- In the zones list, click the name of the zone that you created.
- Do any of the following:TaskStepsAdd a zone rule to automatically add devices.You need a saved query to add a zone rule.
- ClickCreate Rule.
- Select a saved query. The query can contain any of the following fields only; if a query contains a field that is not in this list, you cannot use it:
- Device name
- DNS name
- IP addresses
- MAC addresses
- OS version
- OS build/kernel version
- Distinguished Name
- Member of (LDAP)
- If you want to automatically apply the device policy that's associated with the zone, selectApply zone policy to devices when they are added to the zone.
- If you want to automatically remove devices that do not match the criteria of the zone rule from the zone, selectRemove devices automatically from this zone. This only affects devices that follow the zone rules.
- ClickSave.
Manually add devices to the zone.When you manually add a device to a zone, the device ignores the zone rules by default. A device that ignores the zone rules will remain in the zone even when it doesn't match the zone rule criteria.- On theDevicestab, clickAdd Device to Zone.
- Select the devices that you want to add. You can apply filters to find devices.
- If you want to apply the zone device policy to those devices, select theApply zone policy to selected devicescheck box.
- ClickSave.
Apply the zone device policy to all the users in the zone.This action replaces any device policies that are currently assigned to devices with the device policy that is currently assigned to the zone.- Select theApply to all devices in this zonecheck box.
- ClickSave.
Set a device to follow or ignore a zone rule.In the list of devices in a zone, devices that follow that zone rule can be identified from the Zone Rule column. Devices that follow the zone rules are subject to automatic removal from the zone. Devices that ignore the zone rules will remain in the zone (unless you remove them manually).- On theDevicestab, select one or more devices.
- ClickFollow Zone RuleorIgnore Zone Rule.
- ClickYes.
Copy devices to another zone.- On theDevicestab, select one or more devices.
- ClickCopy Device.
- Select one or more zones.
- ClickSave.
Remove devices from the zone.- On theDevicestab, select one or more devices.
- ClickRemove Device from Zone.
- ClickYes.