Skip Navigation

Enable and configure
CylanceOPTICS

When you enable
CylanceOPTICS
in a device policy and assign that policy to devices and zones, the
CylanceOPTICS
agent on each device collects events and stores data in the
CylanceOPTICS
database. The agent does not collect data until you enable
CylanceOPTICS
.
Verify that the
CylancePROTECT Desktop
application control feature is not enabled. Application control is designed for fixed function devices that do not change after setup (for example, point-of-sales machines). If application control is enabled, the
CylanceOPTICS
agent will not function as expected.
  1. In the management console, on the menu bar, click
    Policies > Device Policy
    .
  2. Create a new policy or click an existing policy.
  3. On the
    CylanceOPTICS Settings
    tab, enable
    CylanceOPTICS
    .
  4. If you want to enable the automatic upload of threat-related focus data from the
    CylanceOPTICS
    database to the console, enable
    Auto-upload focus data for threats
    . If you do not select this option, you must use the console to request focus data for devices.
  5. If you want to enable the automatic upload of memory-related focus data from the
    CylanceOPTICS
    database to the console, enable
    Auto-upload focus data for memory protection
    .
    If you do not select this option, you must use the console to request focus data for devices.
  6. In the
    Max storage size
    field, specify the maximum amount of storage, in MB, that the
    CylanceOPTICS
    agent can access on the device. The default value is 1000 MB.
  7. In the
    Configurable sensors
    section, select the optional CylanceOPTICS sensors that you want to enable. Note that the optional sensors are supported for 64-bit operating systems only.
  8. If you want to associate a detection rule set with the device policy, in the
    Detection rule set
    drop-down list, click a rule set.
  9. If you want to allow the
    CylanceOPTICS
    agent to provide OS notifications to the user on
    Windows
    or
    macOS
    devices, enable
    Desktop notifications
    .
  10. Click
    Save
    .
  • Assign the policy to devices or zones.
  • If you want to prevent users from being able to stop the services for the
    CylanceOPTICS
    agent for
    Windows
    (
    CylanceOPTICS
    3.1 or later with
    CylancePROTECT Desktop
    3.0 or later) and
    macOS
    (
    CylanceOPTICS
    3.3 or later with
    CylancePROTECT Desktop
    3.1 or later), in the device policy, on the
    Agent Settings
    tab, enable
    Prevent service shutdown from device
    . When this setting is enabled, a
    macOS
    user can only stop the service if the Self Protection Level in the device properties is set to Local Admin (Assets > Devices > click the device).
    Windows
    users cannot stop the agent service as long as this setting is enabled.
  • If you want users to have to provide a password to uninstall the
    CylancePROTECT Desktop
    agent, the
    CylanceOPTICS
    agent for
    Windows
    version 3.1 or later, and the
    CylanceOPTICS
    agent for
    macOS
    version 3.3 or later, in
    Settings > Application
    , turn on
    Require Password to Uninstall Agent
    . Using this feature for the
    CylanceOPTICS
    agent for
    macOS
    also requires
    CylancePROTECT Desktop
    version 3.1 or later.