CylanceProtect Exclusion Guide

  Antivirus (AV) Exclusion Guides

Two important notes for CylanceProtect antivirus exclusions: (1) Cylance requires a security certificate to establish trust. You will need to download the Interguard security certificate to successfully exclude the Windows agent. (2) You will also need to disable Cylance during agent installation.

Take the following steps before installing the Interguard agent on Windows devices where Cylance is active.

NOTE:  While we update this guide from time to time, we cannot guarantee compatibility as Antivirus software companies may make changes without informing us. Be sure to re-enable any antivirus settings that you disable during this process once the exclusions have been set.

Download and register the Interguard security certificate with Cylance

  1. Download the Interguard certificate.
    To download the product security certificate: Click here
  2. Open Cylance Settings from the left menu.
    Cylance Settings
  3. Select Certificates.
    Click Add Certificate. The Add Certificate window appears.
  4. Add the Interguard certificate.
    Click on browse for certificates to add and navigate to and select your saved Interguard security certificate. You can also drop the certificate file onto the dialog.
  5. Select Executable.
    In the Add Certificate window, next to “Applies to (Optional)” check Executable.
  6. Click Submit.
    The Interguard security certificate is now listed on the Cylance Certificates page. The certificate establishes trust with Interguard agents.

Add the Interguard folder exclusion to your Cylance device policy

  1. Before installing an agent, find your company’s Interguard installation folder.
    Log in Interguard at https://app.interguardsoftware.com go to the Admin | Company Account page. Under “Antivirus Exclusions” note the Windows folder to exclude. For example:
    C:\Windows\SysWOW64\yyyxxxx
  2. Add the folder to your Cylance Device policy.
    Open Cylance and select Settings > Device Policy from the left menu.
    Select the Default Policy and click Protection Settings.
    Check the Exclude Specific folders
    Check Allow Execution.
    Enter the unique installation path from your Company Account, for example:
    C:\Windows\SysWOW64\yyyxxxx\
    Click Save.
  3. Assign the policy to devices where you plan to install the Interguard agent.
    Select Devices from the left menu. Select all devices the Interguard agent exclusions will apply to and click Assign Policy.

Assign devices a non-protected Cylance policy to install the agent

  1. Temporarily disable Cylance before installing.
    The easiest way to temporarily disable Cylance is to create a Device Policy in the Devices section named something like “Temporarily Disable Protection.”  This policy has ALL protections disabled. Remove the device(s) where you want to install the Interguard agent from the current policy and assign it to the disabled policy. You will return the device(s) to the proper policy at the end of this procedure.
  2. Download and install the Interguard agent.
    In the Interguard app, select Admin | Download Agents and follow the wizard instructions to download the Windows “Silent Installer.”
  3. Deploy the installer to a test device.
    Run the *.exe file as Administrator on the test device, responding to the UAC prompt, if necessary.
  4. Press your hotkey sequence.
    Because the install is completely silent, after a few minutes, enter the hotkey sequence (found on Admin | Company Account page) to make sure the agent is installed. If the password prompt appears, you know it has been installed.
    Silent Installed password
    Enter your account password and press OK to open the Status panel. All recording is OFF, because the agent will not record until a licensed user logs in.
    Status panel recording disabled
  5. Restart the computer. 
    Repeat these steps for each device in the “Temporarily Disable Protection” policy.

Add monitored devices back into the Cylance policy with the exclusion

  1. Assign devices the proper Cylance policy to enable scanning. 
    Once Interguard is installed, and the devices are rebooted, re-assign the Cylance policy with the exclusion to re-enable protection. At this point, Cylance should not detect Interguard files.
  2. License users.
    When users log in, you can find the computer in the Interguard app in Admin | Endpoint Agents. The user appears in Groups & Policies > Users. Assign the user to a licensed group or assign a policy directly to the user to initiate recording and data uploads.

Updated: 09/22/2022