Requirements for the proxy and language settings

Requirements for the proxy and language settings

By April 14, 2020November 3rd, 2022EDR, EPDR, Support
+34 900 840 407
support@cytomic.ai

Requirements for the proxy and language settings in products based on Advanced EPDR

Related Products_
  • Advanced EPDR

Advanced EPDR enables you to use the proxy installed on the organization’s network to access the Advanced EPDR cloud. We recommend that you use a computer with the Advanced EPDR proxy role assigned only for isolated computers which do not have access to a corporate proxy.

NOTE: Proxy computers cannot download patches or updates through the Cytomic Patch module. Only computers with direct access to the Advanced EPDR cloud or with indirect access through a corporate proxy can download patches.

Proxy computers can serve a variable number of devices, depending on the hardware resources installed. As a general rule, a proxy computer can serve a maximum of 100 computers.

Requirements for the proxy server
  • Windows operating system and Advanced EPDR product installed.
  • Support for the 8.3 filename format. For more information on file name requirements, see this MSDN article.
  • TCP port 3128 must not be in use by other applications.
  • Port 3128 open for inbound and outbound connections.
  • The proxy computer name must be resolved from the computer that uses it. For further information, see Internet connections through proxy in products based on Advanced EPDR article.
Configuring a computer as a proxy server
  1. Click the Network settings tab. Select an existing Proxy and language settings profile or create a new one.
  2. Expand the Proxy section and select Advanced EPDR proxy.
  3. Click Select computer…
  4. In the computer selection window, click Add proxy server. A list will be displayed with all managed computers that haven’t been designated as proxy server yet.
  5. Select the computers that will act as a proxy server for all other workstations and servers protected by Advanced EPDR.

NOTE: For Linux, it is not possible to add more than one machine as proxy, therefore, there is no fallback mechanism in place.

Revoking the proxy role
  • Click the Network settings tab. Select an existing Proxy and language settings profile or create a new one.
  • Expand the Proxy section and select Advanced EPDR proxy.
  • Click Select computer.
  • Click the icon of the computer that you want to stop acting as a proxy.
Fallback mechanism

When a Advanced EPDR agent cannot connect to the Advanced EPDR, the following fallback logic is applied to restore the connection via other means:

  • If the Internet connection is configured via corporate proxy or Advanced EPDR proxy and there is no response, an attempt is made to connect directly.
  • Internet Explorer: The Advanced EPDR agent tries to recover the Internet Explorer proxy settings with the profile of the user logged in to the computer.
    • If the configuration of the proxy credentials is defined explicitly, this method can?t be used.
    • If the Internet Explorer proxy settings use PAC (Proxy Auto-Config) the URL is obtained from the settings file, provided that the protocol is HTTP or HTTPS.
  • WinHTTP / WinInet: The default proxy settings are read.
  • WPAD (Web Proxy Auto-discovery Protocol): A request is sent to the network via DNS or DHCP to get the URL that points to the PAC settings file.