William & Mary Information Technology has implemented a new security software called Cylance Protect. Cylance Protect is a cloud based security service that analyzes executables for abnormal behavior in real time. Their database catalogues known good or excluded executables allowing them to execute in a normal manner.
Cylance has been used successfully on SecureNet computers at W&M and has recently been added to all fac/staff computers that use BigFix. These computers show a small green icon in the system tray when Cylance is installed.
Cylance has replaced Sophos Antivirus at W&M. Cylance will identify and quickly quarantine files with abnormal or malicious behavior.
Blocked by Cylance?
Cylance has proven to be extremely effective and is generally unobtrusive. However, if a necessary application is prevented from executing by Cylance, please contact the Technology Support Center (TSC).
When contacting the TSC, please include the business use and as much additional information about the file/program as possible (vendor name, URL for download, etc.). Security engineers will review the application and decide whether or not it contains malicious content.
A common tactic is for legitimate programs to be 'repackaged' with additional unwanted add-ons by 3rd parties. These repackaged executables will need to be evaluated and analyzed before execution if they have not been previously 'catalogued' and approved.
Mac Users (Non-IT Managed Computers)
For all non-managed Mac computers (that means computers that do not have the Jamf software installed) you may need to allow Cylance extensions or make approvals after updates.
When this is needed, you will see a red dot on top of the Cylance icon (on the top right of the screen) or you will prompted by macOS.
Note: When upgrading to Big Sur, you will need to allow Cylance extensions to update Cylance to 2.1.1580.
Contact the Technology Support Center (TSC)
757-221-4357 (HELP) | [[support]] | Jones 201, Monday - Friday, 8:00 am - 5:00 pm