on Jun 2, 2017For communication to flow between the Malwarebytes console and endpoints, you must adjust your firewall and software exclusions. This article lists internal network recommendations, external access requirements, and recommended exclusions.
File and Printer Sharing
We recommend using Administrator shared folders to perform network tasks, such as installations. To use them, you must enable File and Printer Sharing on your endpoints.
The location of File and Printer Sharing options depends on which operating system your endpoint uses. Consult your operating system guide for additional information.
External Access Requirements
Allow the following addresses through your firewall or other security software. Endpoint Agents use the sites below to reach Malwarebytes services.
You must allow or exclude all addresses on port 443, outbound.
https://ark.mwbsys.com
https://blitz.mb-cosmos.com
https://cdn.mwbsys.com
https://cloud.malwarebytes.com
https://data-cdn-static.mbamupdates.com
https://detect-remediate.cloud.malwarebytes.com
https://hubble.mb-cosmos.com
https://keystone-akamai.mwbsys.com
https://keystone.mwbsys.com
https://nebula-agent-installers-mb-prod.s3.amazonaws.com
https://sirius.mwbsys.com
https://socket.cloud.malwarebytes.com
https://storage.gra3.cloud.ovh.net
https://telemetry.malwarebytes.com
Antivirus and Firewall Exclusions
If you use additional security software with Malwarebytes, we recommend adding specific software exclusions. These exclusions prevent your other software from conflicting with Malwarebytes. Conflicting security software may range from your network firewall to antivirus.
We recommend that you exclude the following folders and files in your antivirus, firewall, or other software. In addition to the items below, see our specific third-party antivirus software exclusions.
For more information on setting exclusions in Malwarebytes, see Add exclusions to Malwarebytes Cloud Platform.
For Windows Endpoints
%ProgramData%\Malwarebytes Endpoint Agent\
%ProgramData%\Malwarebytes\MBAMService\
%ProgramFiles%\Malwarebytes Endpoint Agent\
%ProgramFiles%\Malwarebytes Endpoint Agent\Plugins\Incident Response\Logs\
%ProgramFiles%\Malwarebytes\Anti-malware\
%SystemRoot%\system32\drivers\ESProtectionDriver.sys
%SystemRoot%\system32\drivers\MBAMChameleon.sys
%SystemRoot%\system32\drivers\MBAMSwissArmy.sys
%SystemRoot%\system32\drivers\farflt.sys
%SystemRoot%\system32\drivers\flightrecorder.sys
%SystemRoot%\system32\drivers\mbae.sys (mbae64.sys on an x64 system)
%SystemRoot%\system32\drivers\mbam.sys
%SystemRoot%\system32\drivers\mwac.sys
For Mac Endpoints
/Library/Application Support/Malwarebytes/Malwarebytes Endpoint Agent
/Library/Application Support/Malwarebytes/Malwarebytes Endpoint Agent/UserAgent.app
/Library/LaunchDaemons/com.malwarebytes.EndpointAgent.plist
See also
- Minimum requirements for Malwarebytes Cloud Platform
- Endpoint Protection Agent on Windows 2008 fails to register with Malwarebytes Cloud Platform if TLS is not enabled
- Configure Malwarebytes Endpoint Protection Windows server roles
- Add or edit exclusions in Malwarebytes Cloud Platform
Return to the Malwarebytes Cloud Platform Administrator Guide