Skip Navigation
  1. BlackBerry Docs
  2. CylanceHYBRID
  3. CylanceHYBRID Administration Guide
  4. Configuring the CylanceHYBRID application
  5. Configure CylanceHYBRID

Configure
CylanceHYBRID

Take a snapshot of the virtual machine that hosts the application in case the configuration fails, including invalid SSL certificate uploads. This will allow you to revert to the snapshot instead of having to reinstall the application.
  1. In the
    Cylance Endpoint Security
     management console, click
    Settings > Application
    .
  2. In the
    Installation Token
     field, copy the token.
  3. In the
    CylanceHYBRID
     console (for example, login.hybrid.com:8800), in the
    Application
     section, click
    CylanceHYBRID
    . Make sure that the status is Ready.
  4. On the Welcome screen, click
    Let’s Get Started
    . The Import Hybrid Config page displays.
  5. If you want to import a
    CylanceHYBRID
     configuration file from an existing
    CylanceHYBRID
     instance, do the following sub-steps. For more information, see Importing a CylanceHYBRID configuration. Otherwise, continue to Step 6.
    1. Enable
      Import
      .
    2. Drag and drop your
      CylanceHYBRID
       configuration file, or browse to the file and select it.
    3. Click
      Save & Continue
      .
  6. Perform one of the following tasks:
    Task
    Steps
    Generate a certificate signing request (CSR) that will be submitted to a certificate authority (CA) to use with the
    CylanceHYBRID
     application.
    1. Fill in the form:
      1. In the
        Common Name
         field, enter the common name, derived from the fully qualified domain name (FQDN) for the application. For example, if the FQDN is https://hybrid.cylance.com, the common name is hybrid.cylance.com.
      2. In the
        Subject Alternative Name
         field, enter any alternative names to use for the application, such as hybrid-alt.cylance.com. The Common Name will be added automatically as a Subject Alternative Name.
      3. In the
        Organization Name
         field, enter the legal name of the organization.
      4. In the
        Organizational Unit
         field, enter the unit name. This could be a department name.
      5. In the
        City
         field, enter the city where the organization is located.
      6. In the
        State / Province
         field, enter the state or province where the organization is located. Do not use an abbreviation.
      7. In the
        Country
         field, enter the two-letter ISO abbreviation for the country.
    2. Click
      Generate CSR
      . This creates a
      cert_request.csr
       file in the Downloads folder. Send this file to your CA who should then send back an SSL certificate.
      Example:
      hybrid.cylance.crt.
      After you generate the CSR, the text at the top of the page changes to a pending status and includes a link where you can re-download the CSR and Step 2 displays at the bottom of the page.
      If you click
      Generate CSR
       again, a new private key will be generated, and you will need to provide the latest CSR to the CA.
    3. In the
      Step 2: Upload certificate from CA
       box, upload your SSL certificate.
    For more information on a possible certificate issue, visit support.blackberry.com/community to read article 98224.
    Upload an SSL certificate and key generated on a computer other than the one that hosts the
    CylanceHYBRID
     application.
    1. Turn off
      Generate private key and CSR
      . For more information on certificate guidelines, see our Certificate Guidelines.
    2. Drag and drop the certificate in the
      Upload certificate
       box, or click
      Browse for a file
       and select the certificate.
    3. Drag and drop the key in the
      Upload key
       box, or click
      Browse for a file
       and select the key.
    (Optional) To have the
    CylanceHYBRID
     application and status page use the same certificate as the
    CylanceHYBRID
     admin console:
    1. Turn off
      Generate private key and CSR
      .
    2. Turn on
      Use CylanceHYBRID admin console TLS certificate and key
      .
    3. Click
      Save
      .
  7. Click
    Save & Continue
    . The
    Active Directory
     Integration page displays.
  8. To disable
    Active Directory
     Integration or to configure it after the initial setup of the
    CylanceHYBRID
     application, turn off
    Use Active Directory
     and go to step 11. For more information, see Using the CylanceHYBRID Status page.
    To add
    Active Directory
    /LDAP Integration, do the following:
    1. In the
      Active Directory Host
       field, enter the FQDN of the server that hosts Active Directory. This is a TLS requirement. If you enter an IP address for an LDAP server or the hostname instead of an FQDN, the configuration will fail. The FQDN must be configured in DNS.
    2. In the
      Port
       field, enter the port number of the LDAP server.
    3. In the
      Base DN
       field, enter the base distinguished name (DN) used as a base for the LDAP search to look for the user DN.
    4. In the
      Group DN
       field, enter the group DN used to perform an LDAP search to check if the user is a member of the group DN.
    5. In the
      Upload certificate to enable TLS
       field, upload the SSL certificate used to perform a TLS connection when binding to the LDAP server. The certificate must be Base64 encoded.
    6. Click
      Test Connection
      . A Test
      Active Directory
       Connection dialog displays.
    7. Enter a username and password and click
      Test Connection
      . A message displays informing you that the connection was successful. If the connection failed, use the red text that appears on the dialog to troubleshoot and resolve the issue.
      To test the connection, use either the UPN login or sAMAccountName login:
      UPN Login Example:
      username@domainname.com
       (hadmin@onprem-cylance.com)
      sAMAccountName Login Example:
      domain\username
       (onprem-cylance\hadmin)
  9. Click
    Save & Continue
    . The Set a password to access the
    CylanceHYBRID
     Status page displays.
  10. Enter and confirm your new password, and click
    Save & Continue
    . Follow the password requirements. The
    Configuration Step 1 of 2: Enter Info
     page displays.
    Ensure that you note down this password. Currently, there is no mechanism to reset or recover the password.
  11. Enter or paste your Installation Token.
  12. Enter a Device Name. This name will appear in the
    Cylance Endpoint Security
     console as a device.
  13. Type an FQDN for the virtual machine that hosts the
    CylanceHYBRID
     application. The FQDN must match the one in the DNS entry. For example, an FQDN could be login.hybrid.com or hybrid.com.
  14. To include a proxy server, turn on
    Connect Appliance to Proxy
    . Enter the proxy-server information, including a proxy username and password.
  15. Click
    Save & Continue
    . The
    Configuration Step 2 of 2: Confirm Info
     page displays.
  16. If your
    CylanceHYBRID
     setup information is correct, click
    Confirm & Finish
    . The
    CylanceHYBRID
     Setup Complete page displays.
  17. Click
    Go to Status Page
    . You are automatically signed in to the
    CylanceHYBRID
     Status page. For future sign ins, the
    CylanceHYBRID
     username is
    cylance
    .
When you have finished configuring the
CylanceHYBRID
 application, it will appear in your
Cylance Endpoint Security
 management console, under Devices, with the Device Name that you assigned in Step 12.