Environment

• Carbon Black Cloud Console: All Versions
• Carbon Black Cloud Windows Sensor: 3.6.x.x and Higher
• Microsoft Windows: All Supported Versions

Question

Answer

• Enterprise EDR (was CB ThreatHunter) - Observe that sensor has not uploaded any data since upgrading to 3.6
• Device Control - Inability to block devices
• Checking RepCLI status output will display the following alarm: 

  C:\>"C:\Program Files\Confer\RepCLI.exe" status | findstr "ManifestDownloadFailure"
  
  ManifestDownloadFailure: x times LastTrigger[mm/dd/yyyy hh:mm:ss]

Additional Notes

• In sensor version 3.6.x.x and above, Enterprise EDR, AMSI Prevention, and Unified Binary Store must be able to access content.carbonblack.io in order to function correctly
• If a software or hardware firewall exists between the device and the internet, please ensure that outbound connections are allowed to content.carbonblack.io and inbound connections are allowed from content.carbonblack.io
• Device Control is available with Sensor 3.6.x.x and higher and Carbon Black Cloud Console November '20 Release (0.60) and higher

Related Content