Skip Navigation
  1. BlackBerry Docs
  2. Cylance products
  3. CylanceHYBRID
  4. Virtual appliance system requirements
  5. Import and configure the CylanceHYBRID virtual appliance
  6. Configure CylanceHYBRID

Configure
CylanceHYBRID

  1. Log in to the Cylance console and copy your Installation Token. The token is on the Application page (
    Settings > Application
    ).
  2. Start the
    CylanceHYBRID
     file (OVA). In VMware vSphere, click the Power On icon, or select
    Actions > Power > Power On
    .
    It is recommended to take a snapshot of the virtual appliance in the event configuration fails, including invalid SSL certificate uploads. This will allow reverting back to the snapshot instead of reimporting the appliance.
  3. Open a web browser and go to the following URL. Replace
    <fqdn>
     with the fully qualified domain name (FQDN) from the DNS entry. Example:
    https://login.hybrid-cylance.com/configui/config
    . For a web browser, use a system that can communicate with the
    CylanceHYBRID
     virtual appliance.
    • https://<fqdn>/configui/config
  4. From the welcome screen, click
    Let’s Get Started
    . The Secure Your Connection page displays with Generate a CSR enabled by default.
  5. To generate a certificate signing request (CSR) that will be submitted to a certificate authority (CA) to use with the
    CylanceHYBRID
     virtual appliance:
    To use an SSL certificate and key generated on a computer other than
    CylanceHYBRID
    , go to step 6.
    • Fill out the form.
      1. Common Name:
         Derived from the fully qualified domain name (FQDN) for the virtual appliance. For example, if the FQDN is
        https://hybrid.cylance.com
        , then the common name is
        hybrid.cylance.com
        .
      2. Subject Alternative Name:
         Any alternative names to use for the virtual appliance, such as
        hybrid-alt.cylance.com
        . Please note that the Common Name will be added automatically as a Subject Alternative Name. Click
        Add
         after typing an alternative name to add it.
      3. Organization Name:
         Enter the legal name of the organization.
      4. Organizational Unit:
         This could be a department name.
      5. City:
         Enter the city where the organization is located.
      6. State / Province:
         Enter the state or province where the organization is located. Do not use an abbreviation.
      7. Country:
         Enter the two letter ISO abbreviation for the country.
    • Click
      Generate CSR
      . This creates a
      cert_request.csr
       file in the Downloads folder. Send this to your CA who should then send back an SSL certificate.
      Example:
      hybrid.cylance.crt.
      After you generate the CSR, the text at the top of the page changes to a pending status and includes a link where you can re-download the CSR and Step 2 displays at the bottom of the page.
      If you click Generate CSR again, a new private key will be generated, and you will need to provide the latest CSR to the CA.
    • Upload the SSL certificate to the
      Step 2: Upload certificate from CA
       box.
    • Continue to step 7.
  6. To upload an SSL certificate and key generated on a computer other than
    CylanceHYBRID
    , turn off the
    Generate a CSR
     toggle.
    To generate a certificate signing request (CSR), go to step 5.
    • Drag the certificate to the
      Upload certificate
       box or click
      Browse for a file
       and select the certificate.
    • Drag the key to the
      Upload key
       box or click
      Browse for a file
       and select the key.
  7. Click
    Save & Continue
    . The Active Directory Integration page displays.
  8. To add Active Directory/LDAP Integration, enter your AD information.
    To disable Active Directory Integration, click the
    Use Active Directory
     toggle (green = enabled, grey = disabled). If needed, you can configure Active Directory after initial setup of the virtual appliance. For more information, see CylanceHYBRID Status page.
    • Active Directory Host:
       Active Directory configuration requires the FQDN due to a TLS requirement. Using an IP address for LDAP server configuration will fail. The FQDN must be configured on the Domain Server.
    • Port:
       The port number of the LDAP server.
    • Base DN:
       The base distinguished name (DN) used as a base for the LDAP search to look for the user DN.
    • Group DN:
       The group DN used to perform an LDAP search to check if the user is a member of the group DN.
    • Upload certificate to enable TLS:
       The secure socket layer (SSL) certificate used to perform a transport layer security (TLS) connection when binding to the LDAP server. The certificate must be Base64 encoded.
  9. Click
    Test Connection
    . A Test Active Directory Connection dialog displays.
  10. Enter a username and password in the fields, then click
    Test Connection
    . A message displays informing you that the connection was successful. If the connection failed, use the red text that appears on the dialog to troubleshoot and resolve the issue. A description of common configuration error messages and their meaning is available on the Knowledge Base at CylanceHybrid Active Directory Configuration Error Messages.
    To test the connection, use either the UPN Login or SAM Account Login:
    UPN Login Example:
     username@domainname.com (hadmin@onprem-cylance.com)
    SAM Account Login Example:
    domain\username
     (onprem-cylance\hadmin)
  11. Click
    Save & Continue
    . The Set a password to access
    CylanceHYBRID
     page displays.
  12. Type and confirm your new password, then click
    Save & Continue
    . Follow the password requirements. The Configuration Step 1 of 2: Enter
    CylanceHYBRID
     Info page displays.
  13. Type or paste your Installation Token.
  14. Type a Device Name. This name will appear in the console as a device. Allowed characters include letters, numbers, -, _, ., !, @, #, $, %, ^, &, *, (, ), {, }, [, ], +, $.
  15. Type in a fully qualified domain name (FQDN) for the
    CylanceHYBRID
    . The FQDN must match the one in the DNS entry. For example, a fully qualified domain name could be
    login.hybrid.com
    or
    hybrid.com
    .
  16. To include a proxy server, click the
    Connect Appliance to Proxy
     toggle to enable it. Enter the proxy server information, including a proxy username and password.
    CylanceHYBRID
     uses Tinyproxy for the web proxy server. Tinyproxy only supports lowercase letters, numbers, periods, dashes, and underscores for the proxy username and password.
  17. Click
    Save & Continue
    . The Configuration Step 2 of 2: Confirm Info page displays.
  18. If your
    CylanceHYBRID
     setup information is correct, click
    Confirm & Finish
    . The
    CylanceHYBRID
     Setup Complete page displays.
  19. Click
    Go to Status Page
    . You are automatically logged in to the
    CylanceHYBRID
     Status page. For future log ins, the
    CylanceHYBRID
     username is
    cylance
    .
When configuring the
CylanceHYBRID
 virtual appliance is complete, it will appear in your console, under Devices, with the Device Name you assigned in step 12.