Environment

• Carbon Black Cloud (Formerly PSC) Console: All Versions
• Endpoint Standard (Formerly CB Defense) Sensor: All Versions
• Microsoft Windows: All Supported Versions
• Apple MAC OS: All Versions

Question

Answer

• Configure the Firewall
• Configure a Proxy

Additional Notes

• If "Submit unknown binaries for analysis" is enabled, all traffic goes through CB Defense Device Services before it is routed to the Carbon Black Cloud. The Carbon Black Cloud only uses third-party vendor, Avira Operations GmbH & Co. KG (“Avira”), as a subprocessor to assist with the threat analysis. The sensor will never directly communicate with Avira, so there are no additional network changes required.
• To determine whether the agent is "onsite" or "offsite" the sensor sends a ICMP echo to see if the each DNS suffix address is reachable. In this case you may observe outbound connections to your Domain Controllers from the Sensor Service (RepMgr).

Related Content

Carbon Black Cloud: What’s the static IP address or hostname used by the back-end?
Carbon Black Cloud: What URLs are used to access the APIs?
Cb Defense: Sensor Will Not Register Or Receive Updates When Behind Proxy Or Firewall
CB ThreatHunter: What Ports must be opened on the Firewall and Proxy Servers?
CB Defense: What is the New Signature Update Server URL?