CylanceON-PREM must be configured to use an external database if users exceed 30,000.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-272637 | SRG-APP-000357 | CYLN-OP-000705 | SV-272637r1113525_rule | 2025-06-11 | 1 |
| Description |
|---|
| Exhausting audit log storage will introduce failures in audit logging, which will result in loss of security monitoring information. Satisfies: SRG-APP-000357, SRG-APP-000359 |
| ℹ️ Check |
|---|
| If there are less than 30,000 users, this requirement is Not Applicable. Verify external database. Administrator privileges are required. 1. Log in to the admin console. 2. Navigate to CONFIGURATION >> Settings. 3. View Database Connection Settings. If no database settings are found, the system was installed with the local database, and default size settings are used, this is a finding. |
| ✔️ Fix |
|---|
| If there are less than 30,000 users, this requirement is Not Applicable. To install CylanceON-PREM with an external database, configure the virtual appliance during setup to use the chosen external database, specifying details such as the database server address, credentials, and database name, instead of relying on the default internal database included with the appliance. After reinstalling, verify with the database administrator (DBA) that the requirement is met. Refer to https://docs.blackberry.com/en/unified-endpoint-security/cylanceonprem/cylance-on-prem-administration-guide/Configure_CylanceON-PREM_Virtual_Appliance/External_Database_Overview. |