Symptoms

VMware Carbon Black Cloud is a software-as-a-service (SaaS) solution that provides next-generation anti-virus (NGAV), endpoint detection and response (EDR), advanced threat hunting, and vulnerability management within a single console using a single sensor. Affected Products: VMware Carbon Black Cloud PreventionVMware Carbon Black Cloud Endpoint StandardVMware Carbon Black Cloud Endpoint AdvancedVMware Carbon Black Cloud Endpoint EnterpriseVMware Carbon Black Cloud Audit & RemediationVMware Carbon Black Cloud Enterprise EDRVMware Carbon Black Cloud Enterprise Host-Based FirewallVMware Carbon Black Cloud Enterprise XDR Affected Operating Systems: WindowsMacLinux

Cause

Not applicable

Resolution

What products make up VMware Carbon Black Cloud? The VMware Carbon Black Cloud (formerly Predictive Security Cloud) hosts various modules that allow an administrator to manage endpoints with the VMware Carbon Black Cloud Endpoint sensor. For more information about these modules and their differences, reference What are the Differences Between VMware Carbon Black Cloud Versions? How do I log in to the VMware Carbon Black Cloud for the first time? When a new VMware Carbon Black Cloud tenant is provisioned, you receive an email from noreply@carbonblack.com. The subject of this email is Activate Your VMware Carbon Black Account. To activate your account, click the Activate Now button in the email. You are redirected to the appropriate instance of VMware Carbon Black Cloud to create and confirm your password. How do I access the VMware Carbon Black Cloud? VMware Carbon Black Cloud has instances that are region-specific. The login URL for a customer is typically associated with the region with the most active endpoints. Americas: https://defense-prod05.conferdeploy.net Europe, Middle East, Africa: https://defense-eu.conferdeploy.net Asia, Pacific: https://defense-prodnrt.conferdeploy.net Australia and New Zealand: https://defense-prodsyd.conferdeploy.net All connections to the VMware Carbon Black Cloud are over 443 (https) using TLS 1.2. How do I add administrators to the VMware Carbon Black Cloud? VMware Carbon Black Cloud allows for multiple administrators to help manage the policies, events, and overall health of the environment. Extra Roles can be customized to allow for granular role-based access for specific administrative groups. To add additional administrators, expand Settings and select the Users option. Select the Add User option in the upper right corner of the page. Fill out the relevant information and assign a role for the user on the proceeding page. For more information about adding administrators, reference How to Add VMware Carbon Black Cloud Administrators.For more information about managing administrator roles, reference How to Create Custom VMware Carbon Black Cloud Roles. What are the requirements for VMware Carbon Black Cloud Endpoint? The VMware Carbon Black Cloud Endpoint sensor has specific network, software, and hardware requirements. For more information, reference VMware Carbon Black Cloud Endpoint Sensor System Requirements. How do I download the VMware Carbon Black Cloud Endpoint sensor? VMware Carbon Black Cloud Endpoint sensor is available within the VMware Carbon Black Cloud, though permissions are required for the administrator to be able to download the sensor installation kits. When logging into the VMware Carbon Black Cloud as an administrator with the console, go to Endpoints. In the upper right, select the Sensor Options drop-down, then select Download sensor kits. Downloads for all operating systems (Windows, macOS, and Linux) along with a prepackaged anti-virus signature pack are available to download here. For more information, reference How to Download the VMware Carbon Black Cloud Endpoint Sensor. How do I install VMware Carbon Black Cloud? The VMware Carbon Black Cloud Endpoint sensor can be installed on Windows, Mac, and Linux. For more information, reference How to Install VMware Carbon Black Cloud Endpoint. Where can I find the activation code for VMware Carbon Black Cloud Endpoint? VMware Carbon Black Cloud Endpoint requests an activation code for users on Windows and macOS endpoints. This activation code is delivered by email to an individual user or users through an option in the VMware Carbon Black Cloud. This option is located under Sensor Options and then Send installation request. A request can be sent to a single user or multiple users. For more information, reference How to Obtain the VMware Carbon Black Cloud Endpoint Activation Code. Where can I find the company code for VMware Carbon Black Cloud Endpoint? VMware Carbon Black Cloud Endpoint Sensor for Windows (version 3.6.0 and later) and Mac (version 3.5.0 and later) have added the ability to leverage the company code found within the VMware Carbon Black Cloud console for activation. For more information, reference How to Obtain the VMware Carbon Black Cloud Endpoint Company Code. How do I apply a policy to an endpoint within VMware Carbon Black Cloud? Policies can be manually and automatically assigned to a VMware Carbon Black Cloud Endpoint sensor. For more information, reference How to Apply a VMware Carbon Black Cloud Endpoint Policy. How do I create inclusions or exclusions with VMware Carbon Black Cloud? Inclusions and exclusions in VMware Carbon Black Cloud are configured through Permissions, Blocking and Isolation rules, and Reputation. For more information, reference How to Create Exclusions or Inclusions for VMware Carbon Black Cloud. How do I enable or reset 2FA (two-factor authentication) for VMware Carbon Black Cloud? VMware Carbon Black Cloud supports DUO Security and Google Authenticator for 2FA. For more information about how to enable or reset 2FA, reference How to Manage 2FA (Two-Factor Authentication) for VMware Carbon Black Cloud. What is VMware Carbon Black Cloud Host-based Firewall? VMware Carbon Black Cloud Host-based Firewall is an add-on feature to the Carbon Black Cloud software as a service (SaaS) solution. This feature provides the ability to create rules that govern the network behaviors of applications across endpoints in your environment. For more information, reference What is VMware Carbon Black Cloud Host-Based Firewall. For more information about using VMware Carbon Black Cloud Host-Based Firewall, reference How to Use VMware Carbon Black Cloud Host-Based Firewall. What is VMware Carbon Black Cloud XDR? Carbon Black Cloud XDR is an add-on feature to the Carbon Black Cloud software as a service (SaaS) solution. It is a consolidation of endpoint and workload security capabilities that provide critical visibility into the network and cloud - reducing blind spots, detecting threats faster, and automating remediation using authoritative context across these domains. For more information, reference What is VMware Carbon Black Cloud XDR. How do I enable Full Disk Access for VMware Carbon Black Cloud Endpoint on macOS? Full Disk Access is required to backup all data on macOS Mojave (10.14.5) and later. For more information, reference How to Grant Full Disk Access for VMware Carbon Black Cloud Endpoint. How do I confirm the signature version for VMware Carbon Black Cloud? When VMware Carbon Black Cloud’s NGAV functionality is enabled, signature updates (if enabled) are automatically updated based on the set policy. For more information about how to determine the signature updates are current, reference How to Determine the Signature Version for VMware Carbon Black. How do I get support for VMware Carbon Black Cloud? Customers who have purchased VMware Carbon Black Cloud through Dell are provided support by Dell ProSupport for Software. For more information, reference How to Get Support for VMware Carbon Black Products Sold at Dell. How do I collect logs for VMware Carbon Black Cloud Endpoint? Logs for VMware Carbon Black Cloud Endpoint are consolidated into numerous local datastores for local deduplication and to ensure data integrity before information is transmitted to the VMware Carbon Black Cloud. A local administrator account is required to generate a log bundle on the endpoint. The log collection process for VMware Carbon Black Cloud Endpoint differs depending on the operating system in use. For more information, reference How to Collect Logs for the VMware Carbon Black Cloud Endpoint Sensor. How do I remotely collect logs for VMware Carbon Black Cloud Endpoint? VMware Carbon Black Cloud’s Live Response feature is a method to collect sensor logs remotely from Microsoft Windows endpoints. For more information Live Response, reference How to Collect VMware Carbon Black Endpoint Sensor Logs Using Live Response. How do I capture a HAR file to troubleshoot VMware Carbon Black Cloud? VMware Carbon Black support may request an HTTP Archive (HAR) format file to help with investigating issues within the VMware Carbon Black Cloud. For more information, reference How to Capture a HAR File for VMware Carbon Black Cloud. To contact support, reference Dell Data Security International Support Phone Numbers.Go to TechDirect to generate a technical support request online.For additional insights and resources, join the Dell Security Community Forum.

Support Cases