- Configuring a new Cylance Endpoint Security tenant
- Cylance Endpoint Security requirements
- Requirements: Cylance console
- Requirements: CylancePROTECT Desktop
- Requirements: CylanceOPTICS
- Requirements: CylancePROTECT Mobile app
- Requirements: BlackBerry Connectivity Node
- Requirements: CylanceGATEWAY Connector
- Requirements: CylanceGATEWAY agents
- Requirements: CylanceAVERT
- Cylance Endpoint Security network requirements
- Cylance Endpoint Security proxy requirements
- Accessing the management console and configuring authentication
- Setting up administrators
- Setting up zones to manage CylancePROTECT Desktop and CylanceOPTICS
- Setting up CylancePROTECT Desktop
- Testing your CylancePROTECT Desktop deployment
- Create and manage a device policy
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Require users to provide a password to remove the CylancePROTECT Desktop and CylanceOPTICS agents
- Setting up CylanceOPTICS
- Managing updates for the CylancePROTECT Desktop and CylanceOPTICS agents
- Best practices for deploying CylancePROTECT Desktop on Windows virtual machines
- Using RMM solutions to install the Cylance agents on devices
- Installing the BlackBerry Connectivity Node
- Linking to your company directory
- Adding users and devices
- Setting up CylancePROTECT Mobile
- Setting up CylanceGATEWAY
- Defining your private network
- Setting up the CylanceGATEWAY Connector
- Install the CylanceGATEWAY Connector to a vSphere environment
- Install the CylanceGATEWAY Connector to an ESXi environment
- Prerequisites to install CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Microsoft Entra ID environment
- Install the CylanceGATEWAY Connector to a Hyper-V environment
- Install the CylanceGATEWAY Connector to an AWS environment
- Configure the CylanceGATEWAY Connector in the VM environment
- Access the CylanceGATEWAY Connector using OpenSSH
- Configure your firewall for the CylanceGATEWAY Connector
- Enroll the CylanceGATEWAY Connector with the BlackBerry Infrastructure
- View details for an enrolled CylanceGATEWAY Connector
- Configure the CylanceGATEWAY Connector
- Managing CylanceGATEWAY Connectors
- Manage CylanceGATEWAY Connectors
- Update a CylanceGATEWAY Connector
- UDP connectivity test responses
- Specify your private network
- Specify your private DNS
- Specify your DNS suffixes
- Specify private CylanceGATEWAY agent IP ranges
- Bring your own IP addresses (BYOIP)
- Setting up the CylanceGATEWAY Connector
- Network Address Translation with CylanceGATEWAY
- Define network services
- Controlling network access
- Configuring network protection
- Searching ACL rules and Network Services
- Using source IP pinning
- Configuring the Gateway service options
- Gateway Service policy parameters
- Configure Gateway service options
- Specifying how devices activated with an EMM solution use the CylanceGATEWAY tunnel
- Specify which apps use CylanceGATEWAY on iOS devices
- Specify which apps use CylanceGATEWAY on iOS devices in a Microsoft Intune environment
- Specify CylanceGATEWAY options on Android Enterprise devices
- Specify CylanceGATEWAY options on Chromebook devices
- Specify CylanceGATEWAY options on Android Enterprise devices in your Microsoft Intune environment
- Connecting Cylance Endpoint Security to MDM solutions to verify whether devices are managed
- Installing the CylanceGATEWAY agent
- Defining your private network
- Enrolling CylancePROTECT Mobile and CylanceGATEWAY users
- Setting up CylanceAVERT
- Connecting Cylance Endpoint Security to external services
- BlackBerry Docs
- Cylance Endpoint Security
- Cylance Endpoint Security
- Cylance Endpoint Security Setup Guide
- Setting up CylanceOPTICS
- Enable and configure CylanceOPTICS
Enable and configure CylanceOPTICS
CylanceOPTICS
When you enable
CylanceOPTICS
in a device policy and assign that policy to devices and zones, the CylanceOPTICS
agent on each device collects events and stores data in the CylanceOPTICS
database. The agent does not collect data until you enable CylanceOPTICS
.Verify that the
CylancePROTECT Desktop
application control feature is not enabled. Application control is designed for fixed function devices that do not change after setup (for example, point-of-sales machines). If application control is enabled, the CylanceOPTICS
agent will not function as expected.- In the management console, on the menu bar, clickPolicies > Device Policy.
- Create a new policy or click an existing policy.
- On theCylanceOPTICS Settingstab, enableCylanceOPTICS.
- If you want to enable the automatic upload of threat-related focus data from theCylanceOPTICSdatabase to the console, enableAuto-upload focus data for threats. If you do not select this option, you must use the console to request focus data for devices.
- If you want to enable the automatic upload of memory-related focus data from theCylanceOPTICSdatabase to the console, enableAuto-upload focus data for memory protection.If you do not select this option, you must use the console to request focus data for devices.
- In theMax storage sizefield, specify the maximum amount of storage, in MB, that theCylanceOPTICSagent can access on the device. The default value is 1000 MB.
- In theConfigurable sensorssection, select the optional CylanceOPTICS sensors that you want to enable. Note that the optional sensors are supported for 64-bit operating systems only.
- If you want to associate a detection rule set with the device policy, in theDetection rule setdrop-down list, click a rule set.
- If you want to allow theCylanceOPTICSagent to provide OS notifications to the user onWindowsormacOSdevices, enableDesktop notifications.
- ClickSave.
- Assign the policy to devices or zones.
- If you want to prevent users from being able to stop the services for theCylanceOPTICSagent forWindows(CylanceOPTICS3.1 or later withCylancePROTECT Desktop3.0 or later) andmacOS(CylanceOPTICS3.3 or later withCylancePROTECT Desktop3.1 or later), in the device policy, on theAgent Settingstab, enablePrevent service shutdown from device. When this setting is enabled, amacOSuser can only stop the service if the Self Protection Level in the device properties is set to Local Admin (Assets > Devices > click the device).Windowsusers cannot stop the agent service as long as this setting is enabled.
- If you want users to have to provide a password to uninstall theCylancePROTECT Desktopagent, theCylanceOPTICSagent forWindowsversion 3.1 or later, and theCylanceOPTICSagent formacOSversion 3.3 or later, inSettings > Application, turn onRequire Password to Uninstall Agent. Using this feature for theCylanceOPTICSagent formacOSalso requiresCylancePROTECT Desktopversion 3.1 or later.