Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: What is the order of operations for how Endpoint Standard Sensors connect to cloud infrastructure if connection fails?

Endpoint Standard: What is the order of operations for how Endpoint Standard Sensors connect to cloud infrastructure if connection fails?

Environment

  • Carbon Black Cloud Sensor: All Versions

Question

What is the order of operations for how the Carbon Black Cloud Sensor connects to the cloud infrastructure if it fails to connect?

Answer

 

The sensor will do the following steps to connect to the cloud.

  1. Statically configured proxy server from installation

  2. Direct connection to cloud with no proxy

  3. Direct connection to cloud using alternate port 54443 with no proxy

  4. Dynamic proxy (Internet / Network settings) if present without credentials.

  5. If no other way works and if a proxy is found and credentials are required, the sensor will try this as a last resort

  6. LAST_ATTEMPT_PROXY_ SERVER

 

For every proxy server connection tried in the steps above, the sensor will attempt to connect with:

  1. The proxy port that is configured

  2. Alternate port 54443; if this has been configured at install.


Additional Notes

The Carbon Black Cloud Sensor retries network discovery only if it fails talking to the cloud (back end infrastructure).  Once it has established a way to connect it does not retry until the next failure.

The Sensor will try the last known good settings that worked previously; starting with the most recent ones.  This includes proxy, no proxy, credentials, no credentials, proxy used at install time, direct connection, alternate 54443 port.


Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎10-08-2020
Views:
382
Contributors