Two important notes for CylanceProtect antivirus exclusions: (1) Cylance requires a security certificate to establish trust. You will need to download the Veriato Vision security certificate to successfully exclude the Windows agent. (2) You will also need to disable Cylance during agent installation.
Take the following steps before installing the Veriato Vision agent on Windows devices where Cylance is active.
NOTE: While we update this guide from time to time, we cannot guarantee compatibility as Antivirus software companies may make changes without informing us. Be sure to re-enable any antivirus settings that you disable during this process once the exclusions have set.
Download and register the Veriato Vision security certificate with Cylance
- Download the Veriato Vision certificate.
To download the product security certificate: Click here
- Open Cylance Settings from the left menu.
- Select Certificates.
Click Add Certificate. The Add Certificate window appears.
- Add the Veriato Vision certificate.
Click on browse for certificates to add and navigate to and select your saved Veriato Vision security certificate. You can also drop the certificate file onto the dialog.
- Select Executable.
In the Add Certificate window, next to “Applies to (Optional)” check Executable.
- Click Submit.
The Veriato Vision security certificate is now listed on the Cylance Certificates page. The certificate establishes trust with Veriato agents.
Add the Veriato Vision folder exclusion to your Cylance Device policy
- Before installing an agent, find your company’s InVeriato Vision installation folder.
Log in to Veriato Vision and go to the Admin | Company Account page. Under “Antivirus Exclusions” note the Windows folder to exclude. For example:
- Add the folder to your Cylance Device policy.
Open Cylance and select Settings > Device Policy from the left menu.
Select the Default Policy and click Protection Settings.
Check the Exclude Specific folders.
Check Allow Execution.
Enter the unique installation path from your Company Account, for example:
- Assign the policy to devices where you plan to install the Veriato Vision agent.
Select Devices from the left menu. Select all devices the Veriato Vision agent exclusions will apply to and click Assign Policy.
Assign devices a non-protected Cylance policy to install the agent
- Temporarily disable Cylance before installing.
The easiest way to temporarily disable Cylance is to create a Device Policy in the Devices section named something like "Temporarily Disable Protection." This policy has ALL protections disabled. Remove the device(s) where you want to install the Veriato Vision agent from the current policy and assign it to the disabled policy. You will return the device(s) to the proper policy at the end of this procedure.
- Download and install the Veriato Vision agent.
In the Verito Vision app, select Admin | Download Agents and follow the wizard instructions to download the Windows "Silent Installer."
- Deploy the installer to a test device.
Run the *.exe file as Administrator on the test device, responding to the UAC prompt, if necessary.
- Press your hotkey sequence.
Because the installation is completely silent, after a few minutes, enter the hotkey sequence (found on Admin | Company Account page) to make sure the agent is installed. If the password prompt appears, you know it has been installed.
Enter your account password and press OK to open the Status panel. All recording is OFF because the agent will not record until a licensed user logs in.
- Restart the computer.
Repeat these steps for each device in the "Temporarily Disable Protection" policy.
Add monitored devices back into the Cylance policy with the exclusion
- Assign devices the proper Cylance policy to enable scanning.
Once Veriato is installed, and the devices are rebooted, re-assign the Cylance policy with the exclusion to re-enable protection. At this point, Cylance should not detect installed Veriato files.
- License users.
When users log in, the computer will appear Admin | Endpoint Agents. The user will appear in Groups & Policies > Users. Assign the user to a licensed group or assign a policy directly to the user to initiate recording and data uploads.