Cylance Endpoint Security proxy requirements Skip Navigation
  1. BlackBerry Docs
  2. Cylance Endpoint Security
  3. Setup
  4. Cylance Endpoint Security Setup Guide
  5. Cylance Endpoint Security requirements
  6. Cylance Endpoint Security proxy requirements

Cylance Endpoint Security
 proxy requirements

Configuring a proxy for the
CylancePROTECT Desktop
 and
CylanceOPTICS
 agents

  • If you want to configure both the
    CylancePROTECT Desktop
     agent and the
    CylanceOPTICS
     agent on a device to use a proxy server for outbound communication to
    BlackBerry
     servers, in the Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Cylance\Desktop and create String Value REG_SZ:
    • Value Name = ProxyServer
    • Value Data = <proxyIP:port> (for example, http://123.45.67.89:8080)
  • The proxy must accept unauthorized requests. SSL inspection is not supported and must be bypassed for all agent traffic (*.cylance.com).

Proxy options for the
CylanceOPTICS
 agent

  • The
    CylanceOPTICS
     agent is proxy aware and will query the .NET framework to identify and use the available proxy settings. If you configured the ProxyServer value in the registry, the
    CylanceOPTICS
     agent will use the specified proxy. The
    CylanceOPTICS
     agent will try to communicate first as the Local System, then as the currently logged in user.
  • If you configure the
    CylanceOPTICS
     agent to use a proxy and the agent cannot communicate with the cloud services, the agent will attempt to bypass the proxy to make a direct connection. On
    Windows
     devices, you can disable this proxy bypass. Before you install the
    CylanceOPTICS
     agent on a device, in HKLM\SOFTWARE\Cylance\Optics\, create String Value REG_SZ:
    • Value Name = DisableProxyBypass
    • Value Data = True
  • When
    CylanceOPTICS
     creates a detection event that involves a signed file as an artifact, it uses a command from the
    Windows
     API to validate the signature or certificate. The command sends a validation request to an OCSP server. The OCSP server address is determined by
    Windows
    . If your proxy server reports attempts to send external traffic to an OCSP server, update the proxy settings on devices to allow connections with the OCSP server.

Linux
: Configure the
CylancePROTECT Desktop
 and
CylanceOPTICS
 agents to use an unauthenticated proxy server

Use the following commands to configure the agents to use an unauthenticated proxy. You can use these commands before you install the agents. The commands below configure a proxy for the
CylancePROTECT Desktop
 agent. To set a proxy for the
CylanceOPTICS
 agent:
  • Replace all instances of "cylancesvc" with "cyoptics"
  • Duplicate each http_proxy line and replace "http_proxy" with "https_proxy". In most cases https_proxy will use the same value as http_proxy because HTTPS traffic is tunneled using TCP Connect, but if your organization uses an HTTPS termination proxy server, specify the appropriate value for https_proxy.
Platform
Commands
RHEL/CentOS 7.x and 8.x
mkdir /etc/systemd/system/cylancesvc.service.d
echo "[Service]" > /etc/systemd/system/cylancesvc.service.d/proxy.conf
echo "Environment=http_proxy=http://proxyaddress:port" >> /etc/systemd/system/cylancesvc.service.d/proxy.conf
systemctl stop cylancesvc
systemctl daemon-reload
systemctl start cylancesvc
Ubuntu
 18.04, 20.04, and 22.04
mkdir /etc/systemd/system/cylancesvc.service.d
echo "[Service]" > /etc/systemd/system/cylancesvc.service.d/proxy.conf
echo "Environment=http_proxy=http://proxyaddress:port" >> /etc/systemd/system/cylancesvc.service.d/proxy.conf
systemctl stop cylancesvc
systemctl daemon-reload
systemctl start cylancesvc
Amazon
Linux
 2 and SUSE 15
mkdir /etc/systemd/system/cylancesvc.service.d
echo "[Service]" > /etc/systemd/system/cylancesvc.service.d/proxy.conf
echo "Environment=http_proxy=http://proxyaddress:port" >> /etc/systemd/system/cylancesvc.service.d/proxy.conf
systemctl stop cylancesvc
systemctl daemon-reload
systemctl start cylancesvc

Linux
: Configure the
CylancePROTECT Desktop
 and
CylanceOPTICS
 agents to use an authenticated proxy server

Use the following commands to configure the agents to use an authenticated proxy. You can use these commands before you install the agents. The commands below configure a proxy for the
CylancePROTECT Desktop
 agent. To set a proxy for the
CylanceOPTICS
 agent:
  • Replace all instances of "cylancesvc" with "cyoptics"
  • Duplicate each http_proxy line and replace "http_proxy" with "https_proxy". In most cases https_proxy will use the same value as http_proxy because HTTPS traffic is tunneled using TCP Connect, but if your organization uses an HTTPS termination proxy server, specify the appropriate value for https_proxy.
Platform
Commands
RHEL/CentOS 7.x and 8.x
mkdir /etc/systemd/system/cylancesvc.service.d
echo "[Service]" > /etc/systemd/system/cylancesvc.service.d/proxy.conf
echo "Environment=http_proxy=user:password@proxyaddress:port" >> /etc/systemd/system/cylancesvc.service.d/proxy.conf
systemctl stop cylancesvc
systemctl daemon-reload
systemctl start cylancesvc
Ubuntu
 18.04, 20.04, and 22.04
mkdir /etc/systemd/system/cylancesvc.service.d
echo "[Service]" > /etc/systemd/system/cylancesvc.service.d/proxy.conf
echo "Environment=http_proxy=user:password@proxyaddress:port" >> /etc/systemd/system/cylancesvc.service.d/proxy.conf
systemctl stop cylancesvc
systemctl daemon-reload
systemctl start cylancesvc
Amazon
Linux
 2 and SUSE 15
mkdir /etc/systemd/system/cylancesvc.service.d
echo "[Service]" > /etc/systemd/system/cylancesvc.service.d/proxy.conf
echo "Environment=http_proxy=user:password@proxyaddress:port" >> /etc/systemd/system/cylancesvc.service.d/proxy.conf
systemctl stop cylancesvc
systemctl daemon-reload
systemctl start cylancesvc