Endpoint Standard: Sensor Will Not Register Or Receive Updates When Behind Proxy Or Firewall
Article ID: 288891
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
- System has a valid internet connection and meets installation requirements set forth in the User Guide
- Sensor does not register at time of installation
- Sensor does not receive signature update
- Firewall logs show outbound connections to "*.conferdeploy.net" (using various IPs) over port 443 and then immediately followed by attempts to communicate over port 54443.
Environment
- Endpoint Standard (formerly Cb Defense) Sensor: All Versions
- Microsoft Windows: All Supported Versions
- Apple macOS: All Supported Versions
Cause
Some proxy and or firewall devices break the SSL communication path or require proxy authentication between sensors and the cloud backend. These symptoms may occur even if a firewall rule is in place to allow traffic to the destination "*.conferdeploy.net".
Resolution
- Create an SSL whitelist (no decryption) exception to any proxy and or firewall devices inline of the communication path to "*.conferdeploy.net".
- If the environment is using proxy authentication follow the steps outlined here: Cb Defense: Does the sensor support proxy server authentication?
Additional Information
- The sensor by design always initiates communication. When an agent action is performed in the Carbon Black Cloud Console the action does not occur until the agent has checked in and accepted the change.
- Here are a few links to common firewall appliance SSL settings:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEzCAK
https://www.websense.com/content/support/library/web/v80/wcg_troubleshooting/ts_sites_dont_transit.aspx
Feedback
Yes
No
Powered by
