Environment Maintenance Tasks

This article describes the maintenance tasks you can perform from the Environment maintenance screen after deployment.

Maintenance tasks

Maintenance tasks include typical day two actions, such as changing the password for the cybereason user, replacing server certificates, or backing up your environment.


Because the tasks described in this section may cause service interruption, Cybereason recommends that you perform these tasks during non-peak times in your network.

To perform maintenance tasks, follow these steps:

  1. In a web browser, type the IP address of the Configuration management server on port 443. For example: https://x.x.x.x.

  2. Click Environment maintenance. The Environment maintenance screen is visible:

    Environment maintenance

  3. Perform one of the following maintenance tasks as needed:

Install certificates

For increased security, you can replace the Cybereason certificates used for communication between the sensors and the Cybereason servers with your organization’s certificates.


Certificate names cannot contain spaces. Uploading certificates with spaces in the name will fail.

To install certificates, follow these steps:

  1. From the Environment maintenance screen, click Install certificates, and in the Replace WebApp certificate screen, do one of the following:

    • To replace the WebApp server certificate used for the UI connection, click Replace WebApp certificate.

    • To replace the certificate for communication between sensors and the Detection and Registration servers, click Replace sensor certificate.

  2. In the next screen, click the Upload sensor certificate checkbox.

  3. Click Choose file and upload your certificate. Ensure there are no spaces in the certificate name.

  4. Type the certificate password in the Certificate password field.

  5. Click Upload.

For information on the different certificates used, see Communication certificates.

Update password

You use the cybereason user when you deploy and configure the servers. The default password is cybereason.

To change the default password, follow these steps:

  1. From the Environment maintenance screen, click Update password.

  2. In the Update password screen, type a new password in the Type new password for the ‘cybereason’ user field, and retype the password in the Retype new password field.

  3. Click Apply.


The password does not support special characters. Please use only numbers and English lowercase or uppercase Letters.

To learn how to manually define an uninstall password, see Manually Define an Uninstall Password.

Block and unblock sensors

To avoid data loss during upgrade or other maintenance tasks, you can block network traffic between the sensors and the Detection servers. To do this, click Block sensors from the Environment maintenance screen.

When you have completed the maintenance task, click Unblock sensors from the Environment maintenance screen. After you click this option, the sensor resumes its communication with the Detection servers.

Enable backups

To enable backups for your environment, click Enable backup.

Cybereason On-Prem enables local backups by default.

To enable and configure backups to a Network File Sharing (NFS) server, select the NFS option.

If you choose not to enable backups at this stage, you can enable backups after the deployment.

For more information about backing up your environment, see Back Up Your Cybereason On-Prem Environment.

Configure NTP

To configure NTP for your environment:

  1. Click Configure NTP.

  2. Add the IP address of the NTP server/s (supports up to 6 NTP servers).

  3. Enable the service and click Confirm.

For more information, see How to Configure NTP for On-Prem

Configure SSO

To configure SSO for your environment:

  1. Click SSO Configuration.

  2. Set the Domand controller name (FQDN) and port, and the Domain controller IP.

  3. Enable SSO and click Confirm.

To use the SSO feature, you will need to generate a custom certificate for the Configuration Management server.

For more information refer to Replace configuration management server certificate.

Add Detection servers

Cybereason platform provides the option to add a new Detection server to the environment after the initial deployment of the system.

For more information refer to Add Detection Servers.