Configuring proxies lists for Internet access

Advanced EDR enables you to assign computers on the network one or more Internet connection methods, based on the resources available in the company’s IT infrastructure.

There are two lists of connection methods:

  • Access list: Contains the connection methods you configure.

  • Fallback list: This is a non-editable list included by default in Advanced EDR.

If a connection method appears in both lists, it is automatically removed from the fallback list.

Access list

This list contains the access methods you configure. The agent traverses the list from the start when it needs to connect to the Cytomic cloud. After it finds an access method that works, the agent continues to use it until it fails, at which point Advanced EDR traverses the list from the start again until it finds one that works. If the solution reaches the end of the list without finding an access method that works, it searches for one in the fallback list. See Fallback list.

The connection types supported in the access list are:

Proxy type Description

Do not use proxy

Direct access to the Internet. Computers access the Cytomic cloud directly to download updates and report their status. If you select this option, the Advanced EDR software communicates with the Internet using the computer settings.

Corporate proxy

Access to the Internet through a proxy installed on the company’s network.

  • Address: The proxy server IP address.

  • Port: The proxy server port.

  • The proxy requires authentication: Select this option if the proxy requires a user name and password.

  • User name: The user name of an existing proxy account.

  • Password: The proxy account password.

Automatic proxy discovery using the Web Proxy Auto-Discovery Protocol (WPAD)

Queries the network using DNS or DHCP to get the discovery URL that points to the PAC configuration file. Alternatively, you can directly specify the HTTP or HTTPS resource that hosts the PAC configuration file.

This option is not supported on Linux. It is ignored. We recommend that you do not use it for that operating system.

Advanced EDR proxy

Access to the Cytomic cloud through a computer on the network with the Cytomic proxy role assigned.

An access list can contain multiple Cytomic proxies.

For more information about the access limitations of a Cytomic proxy and how to assign that role to a computer on the network, see Cytomic proxy role.

Types of Internet access methods supported by Advanced EDR

Configuring an access list

To configure an access list, create a Network settings profile:

  • Click the Settings menu at the top of the console. Select Network settings from the side menu. Click the Add button or select an existing settings profile to edit it.

  • In the Proxy section, click the icon. A window opens with a list of all available connection types.

  • Select one of the connection types (Types of Internet access methods supported by Advanced EDR) and click the OK button. The connection type is added to the list.

  • To modify the order of the connection methods, select an item by clicking its checkbox and use the and arrows to move it up and down in the list.

  • To delete a connection method, click the icon.

  • To modify a connection method, select it by clicking its checkbox and click the icon. A window opens, where you can edit the method settings.

Fallback list

When the agent cannot connect to the Cytomic platform despite having tried all the connection methods in the access list you configured, it traverses the fallback list from the start. This list cannot be edited by you. After the Cytomic agent finds a connection method that works, it continues to use it until it fails, at which point the agent traverses the access list you configured from the start until it finds one that works. If none of the access methods in the access list or the fallback list works, the agent returns a communication error.

The fallback list is fixed and contains these access methods (not all access methods are available for all platforms):

  • Internet Explorer: Advanced EDR tries to retrieve the Internet Explorer proxy settings by impersonating the user account that logged in to the computer. This method is only available for Windows operating systems.

    • This method cannot be used if the proxy credentials have been explicitly defined.

    • If the Internet Explorer proxy settings have been configured using a proxy auto-config (PAC) file, the solution will obtain the URL of the configuration file only if the protocol for accessing the resource is HTTP or HTTPS.

  • Default proxy: Advanced EDR reads the operating system’s default proxy settings.

  • WPAD: Advanced EDR uses DNS or DHCP to query the network and get the discovery URL that points to the proxy auto-configuration (PAC) file. This option is not supported on Linux.

  • Direct connection: Advanced EDR tries to connect directly to the Cytomic cloud.