Update - VMware Carbon Black Engineering teams are monitoring the progress of the applied fix. More updates will be provided in the next 2 hours or as soon as more information is available.
Sep 28, 2023 - 12:57 EDT
Identified - VMware Engineering teams have identified the issue and applied a fix to mitigate it. We are observing improvement and recovery of the services. More updates will be provided in the next 1 hour or as soon as more information is available.
Sep 28, 2023 - 11:51 EDT
Investigating - Description: ENDPOINT STANDARD Backend may take longer than normal to process latest events uploaded from an endpoint by ENDPOINT STANDARD Sensor. Events and/or Alerts in ENDPOINT STANDARD Dashboard may populate with a delay.
Security Impact: Prevention capabilities of ENDPOINT STANDARD are unaffected. Visibility of events and alerts related to Prevention and Detection may be temporarily delayed until normal operation of Event Processing is restored.
The following impact may be experienced if this service was not operational.
Description: Some elements of the interface may take longer than normal to populate or fail to load intermittently. The organization's administrators may be unable to log in. The dashboard may be unavailable.
Security Impact: The prevention capabilities are unaffected.
Operational
Device Services
The following impact may be experienced if this service was not operational.
Connection from the server to backend may be unavailable or fail intermittently; registering or installing sensors may fail. The sensor may be unable to upload latest events from an endpoint, look up the reputation of a new file, or receive configuration change from the backend.
Security Impact: Depending on your policy settings, prevention capabilities may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services Processing is restored.
Operational
Event Processing
The following impact may be experienced if this service was not operational.
Description: The backend may take longer than normal to process the latest events uploaded from an endpoint by the sensor. Events and/or alerts in the dashboard may populate with a delay.
Security Impact: The prevention capabilities are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Notification Services
The following impact may be experienced if this service was not operational.
Description: Email and/or SIEM notifications may not be sent, or may be sent with a delay.
Security Impact: The prevention capabilities are unaffected.
Operational
API Services
The following impact may be experienced if this service was not operational.
Description: Connection to API Services may be unavailable or fail intermittently. Integrations based on APIs, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security impact: The prevention capabilities are unaffected.
Operational
CDC Reputation - Services
The following impact may be experienced if this service was not operational.
Description: Cloud Reputation Services may be unavailable or in a degraded state. The sensor may be unable, or take longer than normal, to look up the reputation of a new file found on an endpoint.
Customer Impact: Depending on policy settings, detection and prevention capabilities may be temporarily weakened until normal operation of Cloud Reputation Services is restored.
Operational
VMware AppDefense Integration Service
The following impact may be experienced if this service was not operational.
Description: The detection and prevention capabilities will function as expected. AppDefense and Endpoint Standard / Prevention integrations, including VMware metadata synchronization, may be delayed or fail without an error message until the incident has been resolved. AppDefense actions triggered from AppDefense should work as expected on Endpoint Standard- / Prevention-related alerts. However, “Last remediation status” in Endpoint Standard / Prevention may not reflect actions taken from the AppDefense console during the incident.
Security Impact: The detection and prevention capabilities are unaffected. Ability to investigate Endpoint Standard / Prevention alerts related to VMware Virtual Machines may be temporarily impacted, until normal operation of VMware AppDefense Integration Service is restored.
Operational
Cloud Analysis Service
The following impact may be experienced if Cloud Analysis Service were degraded or unavailable. If “Submit Unknown Binaries for Analysis by Avira” policy setting is enabled, Endpoint Standard / Prevention may be unable, or take longer than normal, to determine the reputation of unknown binaries. Otherwise, there is no impact.
Security Impact: Depending on policy settings, the detection and prevention capabilities may be slightly weakened until normal operation of Cloud Analysis Service is restored. Increase in blocking / termination actions may be observed for policies that utilize Blocking and Isolation rules based on Not Listed reputation.
Operational
Content Delivery Services
The following impact may be experienced if this service was not operational. Description: The sensor may experience delays from our content distribution network or it may fail to download new content.
Security Impact: The prevention capabilities may be temporarily weakened.
Operational
Managed Detection - Endpoint Standard Only
The following impact may be experienced if this service was degraded.
Description: Managed Detection may take longer than normal to process the latest events uploaded from an endpoint by Endpoint Standard sensor.
Security impact: Managed Detection analysts may be temporarily delayed in reviewing priority alerts until normal operation of Event Processing is restored and the backlog of alerts has been processed.
Security Impact: Carbon Black Cloud Managed Detection Analysts may be temporarily delayed in reviewing priority alerts until normal operation of Event Processing is restored and the backlog of alerts has been processed.
Operational
ENDPOINT STANDARD / PREVENTION - US 2
Formerly "CB Defense - 02"
Operational
Dashboard
The following impact may be experienced if this service was not operational.
Description: Some elements of the interface may take longer than normal to populate or fail to load intermittently. The organization's administrators may be unable to log in. The dashboard may be unavailable.
Security Impact: The prevention capabilities are unaffected.
Operational
Device Services
The following impact may be experienced if this service was not operational.
Connection from the server to backend may be unavailable or fail intermittently; registering or installing sensors may fail. The sensor may be unable to upload latest events from an endpoint, look up the reputation of a new file, or receive configuration change from the backend.
Security Impact: Depending on your policy settings, prevention capabilities may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services Processing is restored.
Operational
Event Processing
The following impact may be experienced if this service was not operational.
Description: The backend may take longer than normal to process the latest events uploaded from an endpoint by the sensor. Events and/or alerts in the dashboard may populate with a delay.
Security Impact: The prevention capabilities are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Notification Services
The following impact may be experienced if this service was not operational.
Description: Email and/or SIEM notifications may not be sent, or may be sent with a delay.
Security Impact: The prevention capabilities are unaffected.
Operational
API Services
The following impact may be experienced if this service was not operational.
Description: Connection to API Services may be unavailable or fail intermittently. Integrations based on APIs, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security impact: The prevention capabilities are unaffected.
Operational
CDC Reputation - Services
The following impact may be experienced if this service was not operational.
Description: Cloud Reputation Services may be unavailable or in a degraded state. The sensor may be unable, or take longer than normal, to look up the reputation of a new file found on an endpoint.
Customer Impact: Depending on policy settings, detection and prevention capabilities may be temporarily weakened until normal operation of Cloud Reputation Services is restored.
Operational
VMware AppDefense Integration Service
The following impact may be experienced if this service was not operational.
Description: The detection and prevention capabilities will function as expected. AppDefense and Endpoint Standard / Prevention integrations, including VMware metadata synchronization, may be delayed or fail without an error message until the incident has been resolved. AppDefense actions triggered from AppDefense should work as expected on Endpoint Standard- / Prevention-related alerts. However, “Last remediation status” in Endpoint Standard / Prevention may not reflect actions taken from the AppDefense console during the incident.
Security Impact: The detection and prevention capabilities are unaffected. Ability to investigate Endpoint Standard / Prevention alerts related to VMware Virtual Machines may be temporarily impacted, until normal operation of VMware AppDefense Integration Service is restored.
Operational
Cloud Analysis Service
The following impact may be experienced if Cloud Analysis Service were degraded or unavailable. If “Submit Unknown Binaries for Analysis by Avira” policy setting is enabled, Endpoint Standard / Prevention may be unable, or take longer than normal, to determine the reputation of unknown binaries. Otherwise, there is no impact.
Security Impact: Depending on policy settings, the detection and prevention capabilities may be slightly weakened until normal operation of Cloud Analysis Service is restored. Increase in blocking / termination actions may be observed for policies that utilize Blocking and Isolation rules based on Not Listed reputation.
Operational
Managed Detection - Endpoint Standard Only
The following impact may be experienced if this service was degraded.
Description: Managed Detection may take longer than normal to process the latest events uploaded from an endpoint by Endpoint Standard sensor.
Security impact: Managed Detection analysts may be temporarily delayed in reviewing priority alerts until normal operation of Event Processing is restored and the backlog of alerts has been processed.
Security Impact: Carbon Black Cloud Managed Detection Analysts may be temporarily delayed in reviewing priority alerts until normal operation of Event Processing is restored and the backlog of alerts has been processed.
Operational
Content Delivery Services
The following impact may be experienced if this service was not operational. Description: The sensor may experience delays from our content distribution network or it may fail to download new content.
Security Impact: The prevention capabilities may be temporarily weakened.
Operational
ENDPOINT STANDARD / PREVENTION - US 5
Formerly "CB Defense - 05"
Operational
Dashboard
The following impact may be experienced if this service was not operational.
Description: Some elements of the interface may take longer than normal to populate or fail to load intermittently. The organization's administrators may be unable to log in. The dashboard may be unavailable.
Security Impact: The prevention capabilities are unaffected.
Operational
Device Services
The following impact may be experienced if this service was not operational.
Connection from the server to backend may be unavailable or fail intermittently; registering or installing sensors may fail. The sensor may be unable to upload latest events from an endpoint, look up the reputation of a new file, or receive configuration change from the backend.
Security Impact: Depending on your policy settings, prevention capabilities may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services Processing is restored.
Operational
Event Processing
The following impact may be experienced if this service was not operational.
Description: The backend may take longer than normal to process the latest events uploaded from an endpoint by the sensor. Events and/or alerts in the dashboard may populate with a delay.
Security Impact: The prevention capabilities are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Notification Services
The following impact may be experienced if this service was not operational.
Description: Email and/or SIEM notifications may not be sent, or may be sent with a delay.
Security Impact: The prevention capabilities are unaffected.
Operational
API Services
The following impact may be experienced if this service was not operational.
Description: Connection to API Services may be unavailable or fail intermittently. Integrations based on APIs, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security impact: The prevention capabilities are unaffected.
Operational
CDC Reputation - Services
The following impact may be experienced if this service was not operational.
Description: Cloud Reputation Services may be unavailable or in a degraded state. The sensor may be unable, or take longer than normal, to look up the reputation of a new file found on an endpoint.
Customer Impact: Depending on policy settings, detection and prevention capabilities may be temporarily weakened until normal operation of Cloud Reputation Services is restored.
Operational
VMware AppDefense Integration Service
The following impact may be experienced if this service was not operational.
Description: The detection and prevention capabilities will function as expected. AppDefense and Endpoint Standard / Prevention integrations, including VMware metadata synchronization, may be delayed or fail without an error message until the incident has been resolved. AppDefense actions triggered from AppDefense should work as expected on Endpoint Standard- / Prevention-related alerts. However, “Last remediation status” in Endpoint Standard / Prevention may not reflect actions taken from the AppDefense console during the incident.
Security Impact: The detection and prevention capabilities are unaffected. Ability to investigate Endpoint Standard / Prevention alerts related to VMware Virtual Machines may be temporarily impacted, until normal operation of VMware AppDefense Integration Service is restored.
Operational
Cloud Analysis Service
The following impact may be experienced if Cloud Analysis Service were degraded or unavailable. If “Submit Unknown Binaries for Analysis by Avira” policy setting is enabled, Endpoint Standard / Prevention may be unable, or take longer than normal, to determine the reputation of unknown binaries. Otherwise, there is no impact.
Security Impact: Depending on policy settings, the detection and prevention capabilities may be slightly weakened until normal operation of Cloud Analysis Service is restored. Increase in blocking / termination actions may be observed for policies that utilize Blocking and Isolation rules based on Not Listed reputation.
Operational
Content Delivery Services
The following impact may be experienced if this service was not operational. Description: The sensor may experience delays from our content distribution network or it may fail to download new content.
Security Impact: The prevention capabilities may be temporarily weakened.
Operational
Managed Detection - Endpoint Standard Only
The following impact may be experienced if this service was degraded.
Description: Managed Detection may take longer than normal to process the latest events uploaded from an endpoint by Endpoint Standard sensor.
Security impact: Managed Detection analysts may be temporarily delayed in reviewing priority alerts until normal operation of Event Processing is restored and the backlog of alerts has been processed.
Security Impact: Carbon Black Cloud Managed Detection Analysts may be temporarily delayed in reviewing priority alerts until normal operation of Event Processing is restored and the backlog of alerts has been processed.
Operational
ENDPOINT STANDARD / PREVENTION - EU
Formerly "CB Defense - 06"
Degraded Performance
Dashboard
The following impact may be experienced if this service was not operational.
Description: Some elements of the interface may take longer than normal to populate or fail to load intermittently. The organization's administrators may be unable to log in. The dashboard may be unavailable.
Security Impact: The prevention capabilities are unaffected.
Operational
Device Services
The following impact may be experienced if this service was not operational.
Connection from the server to backend may be unavailable or fail intermittently; registering or installing sensors may fail. The sensor may be unable to upload latest events from an endpoint, look up the reputation of a new file, or receive configuration change from the backend.
Security Impact: Depending on your policy settings, prevention capabilities may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services Processing is restored.
Operational
Event Processing
The following impact may be experienced if this service was not operational.
Description: The backend may take longer than normal to process the latest events uploaded from an endpoint by the sensor. Events and/or alerts in the dashboard may populate with a delay.
Security Impact: The prevention capabilities are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Degraded Performance
Notification Services
The following impact may be experienced if this service was not operational.
Description: Email and/or SIEM notifications may not be sent, or may be sent with a delay.
Security Impact: The prevention capabilities are unaffected.
Operational
API Services
The following impact may be experienced if this service was not operational.
Description: Connection to API Services may be unavailable or fail intermittently. Integrations based on APIs, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security impact: The prevention capabilities are unaffected.
Operational
CDC Reputation - Services
The following impact may be experienced if this service was not operational.
Description: Cloud Reputation Services may be unavailable or in a degraded state. The sensor may be unable, or take longer than normal, to look up the reputation of a new file found on an endpoint.
Customer Impact: Depending on policy settings, detection and prevention capabilities may be temporarily weakened until normal operation of Cloud Reputation Services is restored.
Operational
Cloud Analysis Service
The following impact may be experienced if Cloud Analysis Service were degraded or unavailable. If “Submit Unknown Binaries for Analysis by Avira” policy setting is enabled, Endpoint Standard / Prevention may be unable, or take longer than normal, to determine the reputation of unknown binaries. Otherwise, there is no impact.
Security Impact: Depending on policy settings, the detection and prevention capabilities may be slightly weakened until normal operation of Cloud Analysis Service is restored. Increase in blocking / termination actions may be observed for policies that utilize Blocking and Isolation rules based on Not Listed reputation.
Operational
VMware AppDefense Integration Service
The following impact may be experienced if this service was not operational.
Description: The detection and prevention capabilities will function as expected. AppDefense and Endpoint Standard / Prevention integrations, including VMware metadata synchronization, may be delayed or fail without an error message until the incident has been resolved. AppDefense actions triggered from AppDefense should work as expected on Endpoint Standard- / Prevention-related alerts. However, “Last remediation status” in Endpoint Standard / Prevention may not reflect actions taken from the AppDefense console during the incident.
Security Impact: The detection and prevention capabilities are unaffected. Ability to investigate Endpoint Standard / Prevention alerts related to VMware Virtual Machines may be temporarily impacted, until normal operation of VMware AppDefense Integration Service is restored.
Operational
Content Delivery Services
The following impact may be experienced if this service was not operational. Description: The sensor may experience delays from our content distribution network or it may fail to download new content.
Security Impact: The prevention capabilities may be temporarily weakened.
Operational
ENDPOINT STANDARD / PREVENTION - JAPAN
Formerly "CB Defense - NRT"
Operational
Dashboard
The following impact may be experienced if this service was not operational.
Description: Some elements of the interface may take longer than normal to populate or fail to load intermittently. The organization's administrators may be unable to log in. The dashboard may be unavailable.
Security Impact: The prevention capabilities are unaffected.
Operational
Device Services
The following impact may be experienced if this service was not operational.
Connection from the server to backend may be unavailable or fail intermittently; registering or installing sensors may fail. The sensor may be unable to upload latest events from an endpoint, look up the reputation of a new file, or receive configuration change from the backend.
Security Impact: Depending on your policy settings, prevention capabilities may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services Processing is restored.
Operational
Event Processing
The following impact may be experienced if this service was not operational.
Description: The backend may take longer than normal to process the latest events uploaded from an endpoint by the sensor. Events and/or alerts in the dashboard may populate with a delay.
Security Impact: The prevention capabilities are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Notification Services
The following impact may be experienced if this service was not operational.
Description: Email and/or SIEM notifications may not be sent, or may be sent with a delay.
Security Impact: The prevention capabilities are unaffected.
Operational
API Services
The following impact may be experienced if this service was not operational.
Description: Connection to API Services may be unavailable or fail intermittently. Integrations based on APIs, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security impact: The prevention capabilities are unaffected.
Operational
CDC Reputation - Services
The following impact may be experienced if this service was not operational.
Description: Cloud Reputation Services may be unavailable or in a degraded state. The sensor may be unable, or take longer than normal, to look up the reputation of a new file found on an endpoint.
Customer Impact: Depending on policy settings, detection and prevention capabilities may be temporarily weakened until normal operation of Cloud Reputation Services is restored.
Operational
Cloud Analysis Service
The following impact may be experienced if Cloud Analysis Service were degraded or unavailable. If “Submit Unknown Binaries for Analysis by Avira” policy setting is enabled, Endpoint Standard / Prevention may be unable, or take longer than normal, to determine the reputation of unknown binaries. Otherwise, there is no impact.
Security Impact: Depending on policy settings, the detection and prevention capabilities may be slightly weakened until normal operation of Cloud Analysis Service is restored. Increase in blocking / termination actions may be observed for policies that utilize Blocking and Isolation rules based on Not Listed reputation.
Operational
VMware AppDefense Integration Service
The following impact may be experienced if this service was not operational.
Description: The detection and prevention capabilities will function as expected. AppDefense and Endpoint Standard / Prevention integrations, including VMware metadata synchronization, may be delayed or fail without an error message until the incident has been resolved. AppDefense actions triggered from AppDefense should work as expected on Endpoint Standard- / Prevention-related alerts. However, “Last remediation status” in Endpoint Standard / Prevention may not reflect actions taken from the AppDefense console during the incident.
Security Impact: The detection and prevention capabilities are unaffected. Ability to investigate Endpoint Standard / Prevention alerts related to VMware Virtual Machines may be temporarily impacted, until normal operation of VMware AppDefense Integration Service is restored.
Operational
Content Delivery Services
The following impact may be experienced if this service was not operational. Description: The sensor may experience delays from our content distribution network or it may fail to download new content.
Security Impact: The prevention capabilities may be temporarily weakened.
Operational
ENDPOINT STANDARD / PREVENTION - SYD
Operational
Device Services
The following impact may be experienced if this service was not operational.
Connection from the server to backend may be unavailable or fail intermittently; registering or installing sensors may fail. The sensor may be unable to upload latest events from an endpoint, look up the reputation of a new file, or receive configuration change from the backend.
Security Impact: Depending on your policy settings, prevention capabilities may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services Processing is restored.
Operational
Dashboard
The following impact may be experienced if this service was not operational.
Description: Some elements of the interface may take longer than normal to populate or fail to load intermittently. The organization's administrators may be unable to log in. The dashboard may be unavailable.
Security Impact: The prevention capabilities are unaffected.
Operational
Event Processing
The following impact may be experienced if this service was not operational.
Description: The backend may take longer than normal to process the latest events uploaded from an endpoint by the sensor. Events and/or alerts in the dashboard may populate with a delay.
Security Impact: The prevention capabilities are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Notification Services
The following impact may be experienced if this service was not operational.
Description: Email and/or SIEM notifications may not be sent, or may be sent with a delay.
Security Impact: The prevention capabilities are unaffected.
Operational
API Services
The following impact may be experienced if this service was not operational.
Description: Connection to API Services may be unavailable or fail intermittently. Integrations based on APIs, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security impact: The prevention capabilities are unaffected.
Operational
CDC Reputation - Services
The following impact may be experienced if this service was not operational.
Description: Cloud Reputation Services may be unavailable or in a degraded state. The sensor may be unable, or take longer than normal, to look up the reputation of a new file found on an endpoint.
Customer Impact: Depending on policy settings, detection and prevention capabilities may be temporarily weakened until normal operation of Cloud Reputation Services is restored.
Operational
VMware AppDefense Integration Service
The following impact may be experienced if this service was not operational.
Description: The detection and prevention capabilities will function as expected. AppDefense and Endpoint Standard / Prevention integrations, including VMware metadata synchronization, may be delayed or fail without an error message until the incident has been resolved. AppDefense actions triggered from AppDefense should work as expected on Endpoint Standard- / Prevention-related alerts. However, “Last remediation status” in Endpoint Standard / Prevention may not reflect actions taken from the AppDefense console during the incident.
Security Impact: The detection and prevention capabilities are unaffected. Ability to investigate Endpoint Standard / Prevention alerts related to VMware Virtual Machines may be temporarily impacted, until normal operation of VMware AppDefense Integration Service is restored.
Operational
Cloud Analysis Service
The following impact may be experienced if Cloud Analysis Service were degraded or unavailable. If “Submit Unknown Binaries for Analysis by Avira” policy setting is enabled, Endpoint Standard / Prevention may be unable, or take longer than normal, to determine the reputation of unknown binaries. Otherwise, there is no impact.
Security Impact: Depending on policy settings, the detection and prevention capabilities may be slightly weakened until normal operation of Cloud Analysis Service is restored. Increase in blocking / termination actions may be observed for policies that utilize Blocking and Isolation rules based on Not Listed reputation.
Operational
Managed Detection - Endpoint Standard Only
The following impact may be experienced if this service was degraded.
Description: Managed Detection may take longer than normal to process the latest events uploaded from an endpoint by Endpoint Standard sensor.
Security impact: Managed Detection analysts may be temporarily delayed in reviewing priority alerts until normal operation of Event Processing is restored and the backlog of alerts has been processed.
Security Impact: Carbon Black Cloud Managed Detection Analysts may be temporarily delayed in reviewing priority alerts until normal operation of Event Processing is restored and the backlog of alerts has been processed.
Operational
Content Delivery Services
The following impact may be experienced if this service was not operational. Description: The sensor may experience delays from our content distribution network or it may fail to download new content.
Security Impact: The prevention capabilities may be temporarily weakened.
Operational
ENDPOINT STANDARD / PREVENTION - UK
Operational
Dashboard
The following impact may be experienced if this service was not operational.
Description: Some elements of the interface may take longer than normal to populate or fail to load intermittently. The organization's administrators may be unable to log in. The dashboard may be unavailable.
Security Impact: The prevention capabilities are unaffected.
Operational
Device Services
The following impact may be experienced if this service was not operational.
Connection from the server to backend may be unavailable or fail intermittently; registering or installing sensors may fail. The sensor may be unable to upload latest events from an endpoint, look up the reputation of a new file, or receive configuration change from the backend.
Security Impact: Depending on your policy settings, prevention capabilities may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services Processing is restored.
Operational
Event Processing
The following impact may be experienced if this service was not operational.
Description: The backend may take longer than normal to process the latest events uploaded from an endpoint by the sensor. Events and/or alerts in the dashboard may populate with a delay.
Security Impact: The prevention capabilities are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Notification Services
The following impact may be experienced if this service was not operational.
Description: Email and/or SIEM notifications may not be sent, or may be sent with a delay.
Security Impact: The prevention capabilities are unaffected.
Operational
API Services
The following impact may be experienced if this service was not operational.
Description: Connection to API Services may be unavailable or fail intermittently. Integrations based on APIs, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security impact: The prevention capabilities are unaffected.
Operational
CDC Reputation - Services
The following impact may be experienced if this service was not operational.
Description: Cloud Reputation Services may be unavailable or in a degraded state. The sensor may be unable, or take longer than normal, to look up the reputation of a new file found on an endpoint.
Customer Impact: Depending on policy settings, detection and prevention capabilities may be temporarily weakened until normal operation of Cloud Reputation Services is restored.
Operational
VMware AppDefense Integration Service
The following impact may be experienced if this service was not operational.
Description: The detection and prevention capabilities will function as expected. AppDefense and Endpoint Standard / Prevention integrations, including VMware metadata synchronization, may be delayed or fail without an error message until the incident has been resolved. AppDefense actions triggered from AppDefense should work as expected on Endpoint Standard- / Prevention-related alerts. However, “Last remediation status” in Endpoint Standard / Prevention may not reflect actions taken from the AppDefense console during the incident.
Security Impact: The detection and prevention capabilities are unaffected. Ability to investigate Endpoint Standard / Prevention alerts related to VMware Virtual Machines may be temporarily impacted, until normal operation of VMware AppDefense Integration Service is restored.
Operational
Cloud Analysis Service
The following impact may be experienced if Cloud Analysis Service were degraded or unavailable. If “Submit Unknown Binaries for Analysis by Avira” policy setting is enabled, Endpoint Standard / Prevention may be unable, or take longer than normal, to determine the reputation of unknown binaries. Otherwise, there is no impact.
Security Impact: Depending on policy settings, the detection and prevention capabilities may be slightly weakened until normal operation of Cloud Analysis Service is restored. Increase in blocking / termination actions may be observed for policies that utilize Blocking and Isolation rules based on Not Listed reputation.
Operational
Content Delivery Services
The following impact may be experienced if this service was not operational. Description: The sensor may experience delays from our content distribution network or it may fail to download new content.
Security Impact: The prevention capabilities may be temporarily weakened.
Operational
ENTERPRISE EDR - US
Formerly "CB ThreatHunter - US"
Operational
Enterprise EDR Event Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Events and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist Processing
The following impact may be experienced if this service is not operational. Watchlist and Report processing and alerting may experience latency for a subset of customers. Hits and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist and Reporting
The following impact may be experienced if this service is not operational. Some Watchlist and Reporting functionality may experience issues. Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR Search
The following impact may be experienced if this service is not operational. Some Search functionality may experience issues. Investigate, Process Analysis or Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR UBS
If this service is degraded metadata for binaries will not be available on the Binary Details page and the UBS /metadata API.
Operational
Enterprise EDR Event Ingestion
This component is responsible for collecting Enterprise EDR events from the sensors.
Operational
ENTERPRISE EDR - EU
Formerly "CB ThreatHunter - EU"
Degraded Performance
Enterprise EDR Event Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Events and/or Alerts in Dashboard may be delayed.
Degraded Performance
Enterprise EDR Watchlist Processing
The following impact may be experienced if this service is not operational. Watchlist and Report processing and alerting may experience latency for a subset of customers. Hits and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist and Reporting
The following impact may be experienced if this service is not operational. Some Watchlist and Reporting functionality may experience issues. Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR Search
The following impact may be experienced if this service is not operational. Some Search functionality may experience issues. Investigate, Process Analysis or Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR UBS
Metadata for binaries will not be available on the Binary Details page and the UBS /metadata API
Operational
Enterprise EDR Event Ingestion
This component is responsible for collecting Enterprise EDR events from the sensors.
Operational
ENTERPRISE EDR - Japan
Formerly "CB ThreatHunter - APJ"
Operational
Enterprise EDR Event Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Events and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist Processing
The following impact may be experienced if this service is not operational. Watchlist and Report processing and alerting may experience latency for a subset of customers. Hits and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist and Reporting
The following impact may be experienced if this service is not operational. Some Watchlist and Reporting functionality may experience issues. Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR Search
The following impact may be experienced if this service is not operational. Some Search functionality may experience issues. Investigate, Process Analysis or Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR UBS
Metadata for binaries will not be available on the Binary Details page and the UBS /metadata API
Operational
Enterprise EDR Event Ingestion
This component is responsible for collecting Enterprise EDR events from the sensors.
Operational
ENTERPRISE EDR - SYD
Operational
Enterprise EDR Event Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Events and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist Processing
The following impact may be experienced if this service is not operational. Watchlist and Report processing and alerting may experience latency for a subset of customers. Hits and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist and Reporting
The following impact may be experienced if this service is not operational. Some Watchlist and Reporting functionality may experience issues. Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR Search
The following impact may be experienced if this service is not operational. Some Search functionality may experience issues. Investigate, Process Analysis or Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR UBS
If this service is degraded metadata for binaries will not be available on the Binary Details page and the UBS /metadata API.
Operational
Enterprise EDR Event Ingestion
This component is responsible for collecting Enterprise EDR events from the sensors.
Operational
ENTERPRISE EDR - UK
Operational
Enterprise EDR Event Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Events and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist Processing
The following impact may be experienced if this service is not operational. Watchlist and Report processing and alerting may experience latency for a subset of customers. Hits and/or Alerts in Dashboard may be delayed.
Operational
Enterprise EDR Watchlist and Reporting
The following impact may be experienced if this service is not operational. Some Watchlist and Reporting functionality may experience issues. Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR Search
The following impact may be experienced if this service is not operational. Some Search functionality may experience issues. Investigate, Process Analysis or Watchlist pages may fail to load or fail to load all expected data.
Operational
Enterprise EDR UBS
If this service is degraded metadata for binaries will not be available on the Binary Details page and the UBS /metadata API.
Operational
Enterprise EDR Event Ingestion
This component is responsible for collecting Enterprise EDR events from the sensors.
Operational
AUDIT & REMEDIATION - US 1
Formerly "CB LiveOps – US 1"
Operational
Audit & Remediation Result Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Query results in Dashboard and APIs may be delayed.
Operational
Audit & Remediation Public API
The following impact may be experienced if this service is not operational. Some Audit & Remediation APIs may experience issues. The Audit & Remediation builder, history and results may fail to load or fail to load all expected data. It may not be possible to run a new query.
Operational
Audit & Remediation Live Response
The following impact may be experienced if this service is not operational. Live Response sessions with endpoints may not connect or may fail intermittently. Command execution capabilities may not be available.
Operational
AUDIT & REMEDIATION - US 2
Operational
Audit & Remediation Result Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Query results in Dashboard and APIs may be delayed.
Operational
Audit & Remediation Public API
The following impact may be experienced if this service is not operational. Some Audit & Remediation APIs may experience issues. The Audit & Remediation builder, history and results may fail to load or fail to load all expected data. It may not be possible to run a new query.
Operational
Audit & Remediation Live Response
The following impact may be experienced if this service is not operational. Live Response sessions with endpoints may not connect or may fail intermittently. Command execution capabilities may not be available.
Operational
AUDIT & REMEDIATION - US 5
Operational
Audit & Remediation Result Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Query results in Dashboard and APIs may be delayed.
Operational
Audit & Remediation Public API
The following impact may be experienced if this service is not operational. Some Audit & Remediation APIs may experience issues. The Audit & Remediation builder, history and results may fail to load or fail to load all expected data. It may not be possible to run a new query.
Operational
Audit & Remediation Live Response
The following impact may be experienced if this service is not operational. Live Response sessions with endpoints may not connect or may fail intermittently. Command execution capabilities may not be available.
Operational
AUDIT & REMEDIATION - UK
Operational
Audit & Remediation Result Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Query results in Dashboard and APIs may be delayed.
Operational
Audit & Remediation Public API
The following impact may be experienced if this service is not operational. Some Audit & Remediation APIs may experience issues. The Audit & Remediation builder, history and results may fail to load or fail to load all expected data. It may not be possible to run a new query.
Operational
Audit & Remediation Live Response
The following impact may be experienced if this service is not operational. Live Response sessions with endpoints may not connect or may fail intermittently. Command execution capabilities may not be available.
Operational
AUDIT & REMEDIATION - EU
Formerly "CB LiveOps – EU"
Operational
Audit & Remediation Result Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Query results in Dashboard and APIs may be delayed.
Operational
Audit & Remediation Public API
The following impact may be experienced if this service is not operational. Some Audit & Remediation APIs may experience issues. The Audit & Remediation builder, history and results may fail to load or fail to load all expected data. It may not be possible to run a new query.
Operational
Audit & Remediation Live Response
The following impact may be experienced if this service is not operational. Live Response sessions with endpoints may not connect or may fail intermittently. Command execution capabilities may not be available.
Operational
AUDIT & REMEDIATION - Japan
Formerly "CB LiveOps – APJ"
Operational
Audit & Remediation Result Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Query results in Dashboard and APIs may be delayed.
Operational
Audit & Remediation Public API
The following impact may be experienced if this service is not operational. Some Audit & Remediation APIs may experience issues. The Audit & Remediation builder, history and results may fail to load or fail to load all expected data. It may not be possible to run a new query.
Operational
Audit & Remediation Live Response
The following impact may be experienced if this service is not operational. Live Response sessions with endpoints may not connect or may fail intermittently. Command execution capabilities may not be available.
Operational
AUDIT & REMEDIATION - SYD
Operational
Audit & Remediation Result Processing
The following impact may be experienced if this service is not operational.
Sensor data processing may experience latency for a subset of customers. Query results in Dashboard and APIs may be delayed.
Operational
Audit & Remediation Public API
The following impact may be experienced if this service is not operational. Some Audit & Remediation APIs may experience issues. The Audit & Remediation builder, history and results may fail to load or fail to load all expected data. It may not be possible to run a new query.
Operational
Audit & Remediation Live Response
The following impact may be experienced if this service is not operational. Live Response sessions with endpoints may not connect or may fail intermittently. Command execution capabilities may not be available.
Operational
DATA FORWARDER - EU
Data Forwarder for “ENDPOINT STANDARD - EU” and “ENTERPRISE EDR - EU”
Operational
Event Forwarder
The following may be experienced if this service were degraded or unavailable. Data may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
Alert Forwarder
The following may be experienced if this service were degraded or unavailable. Alerts may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
DATA FORWARDER - JAPAN
Data Forwarder for “ENDPOINT STANDARD - JAPAN” and “ENTERPRISE EDR - JAPAN”
Operational
Event Forwarder
The following may be experienced if this service were degraded or unavailable. Data may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
Alert Forwarder
The following may be experienced if this service were degraded or unavailable. Alerts may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
DATA FORWARDER - US
Data Forwarder for “ENDPOINT STANDARD - US 1”, “ENDPOINT STANDARD - US 2”, “ENDPOINT STANDARD - US 5”, and “ENTERPRISE EDR - US 1”, "ENTERPRISE EDR - US 2", "ENTERPRISE EDR - US 5"
Operational
Event Forwarder
The following may be experienced if this service were degraded or unavailable. Data may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
Alert Forwarder
The following may be experienced if this service were degraded or unavailable. Alerts may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
DATA FORWARDER - SYD
Data Forwarder for “ENDPOINT STANDARD - SYD” and “ENTERPRISE EDR - SYD”
Operational
Event Forwarder
The following may be experienced if this service were degraded or unavailable. Data may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
Alert Forwarder
The following may be experienced if this service were degraded or unavailable. Alerts may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
DATA FORWARDER - UK
Data Forwarder for “ENDPOINT STANDARD - UK” and “ENTERPRISE EDR - UK”
Operational
Event Forwarder
The following may be experienced if this service were degraded or unavailable. Data may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
Alert Forwarder
The following may be experienced if this service were degraded or unavailable. Alerts may take longer than normal to reach the configured destination.
Security Impact: The prevention and detection capabilities are unaffected.
Operational
WORKLOAD PROTECTION - US 1
Reduce the attack surface and protect critical assets with advanced security purpose-built for workloads.
https://www.carbonblack.com/products/vmware-carbon-black-cloud-workload/
Operational
API Services
The following may be experienced if this service was not operational. Connection to Workload API Services may be unavailable or fail intermittently; integrations based on Workload API Services, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Appliance Service
The following may be experienced if this service was not operational. Appliance installation or reconfiguration may fail; previously registered appliances may not display on Workloads or API Access pages; appliance health data may not display in vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Device Services
The following may be experienced if this service was not operational. Connection from Workload sensor to Workload backend may be unavailable or fail intermittently; registering or installing Workload sensors may fail; Workload sensor may be unable to upload latest events, look up the reputation of a new file, or receive a configuration change from Workload backend.
Security Impact: Depending on your policy settings, the prevention capabilities of the Workload sensor may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services processing is restored.
Operational
Event Processing
The following may be experienced if this service was not operational. Workload backend may take longer than normal to process latest events uploaded from a Workload sensor, and events and/or alerts may populate with a delay.
Security Impact: The prevention capabilities of Workload sensors are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Inventory Service
The following may be experienced if this service was not operational. Workload inventory may take longer than normal to update, or be unavailable in Carbon Black Cloud and vSphere. Registering or installing Workload sensors may fail, or be delayed. Vulnerability Assessment for new virtual machines may not be available from vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Life Cycle Management Service
The following may be experienced if this service was not operational. Registering, installing, or uninstalling Workload sensors may fail. Registration, installation, and uninstallation statuses may not update in Carbon Black Cloud or vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Vulnerability Assessment Service
Operational
WORKLOAD PROTECTION - US 2
Reduce the attack surface and protect critical assets with advanced security purpose-built for workloads.
https://www.carbonblack.com/products/vmware-carbon-black-cloud-workload/
Operational
API Services
The following may be experienced if this service was not operational. Connection to Workload API Services may be unavailable or fail intermittently; integrations based on Workload API Services, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Appliance Service
The following may be experienced if this service was not operational. Appliance installation or reconfiguration may fail; previously registered appliances may not display on Workloads or API Access pages; appliance health data may not display in vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Device Services
The following may be experienced if this service was not operational. Connection from Workload sensor to Workload backend may be unavailable or fail intermittently; registering or installing Workload sensors may fail; Workload sensor may be unable to upload latest events, look up the reputation of a new file, or receive a configuration change from Workload backend.
Security Impact: Depending on your policy settings, the prevention capabilities of the Workload sensor may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services processing is restored.
Operational
Event Processing
The following may be experienced if this service was not operational. Workload backend may take longer than normal to process latest events uploaded from a Workload sensor, and events and/or alerts may populate with a delay.
Security Impact: The prevention capabilities of Workload sensors are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Inventory Service
The following may be experienced if this service was not operational. Workload inventory may take longer than normal to update, or be unavailable in Carbon Black Cloud and vSphere. Registering or installing Workload sensors may fail, or be delayed. Vulnerability Assessment for new virtual machines may not be available from vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Life Cycle Management Service
The following may be experienced if this service was not operational. Registering, installing, or uninstalling Workload sensors may fail. Registration, installation, and uninstallation statuses may not update in Carbon Black Cloud or vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Vulnerability Assessment Service
Operational
WORKLOAD PROTECTION - US 5
Reduce the attack surface and protect critical assets with advanced security purpose-built for workloads.
https://www.carbonblack.com/products/vmware-carbon-black-cloud-workload/
Operational
API Services
The following may be experienced if this service was not operational. Connection to Workload API Services may be unavailable or fail intermittently; integrations based on Workload API Services, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Appliance Service
The following may be experienced if this service was not operational. Appliance installation or reconfiguration may fail; previously registered appliances may not display on Workloads or API Access pages; appliance health data may not display in vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Device Services
The following may be experienced if this service was not operational. Connection from Workload sensor to Workload backend may be unavailable or fail intermittently; registering or installing Workload sensors may fail; Workload sensor may be unable to upload latest events, look up the reputation of a new file, or receive a configuration change from Workload backend.
Security Impact: Depending on your policy settings, the prevention capabilities of the Workload sensor may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services processing is restored.
Operational
Event Processing
The following may be experienced if this service was not operational. Workload backend may take longer than normal to process latest events uploaded from a Workload sensor, and events and/or alerts may populate with a delay.
Security Impact: The prevention capabilities of Workload sensors are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Inventory Service
The following may be experienced if this service was not operational. Workload inventory may take longer than normal to update, or be unavailable in Carbon Black Cloud and vSphere. Registering or installing Workload sensors may fail, or be delayed. Vulnerability Assessment for new virtual machines may not be available from vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Life Cycle Management Service
The following may be experienced if this service was not operational. Registering, installing, or uninstalling Workload sensors may fail. Registration, installation, and uninstallation statuses may not update in Carbon Black Cloud or vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Vulnerability Assessment Service
Operational
WORKLOAD PROTECTION - EU
Reduce the attack surface and protect critical assets with advanced security purpose-built for workloads.
https://www.carbonblack.com/products/vmware-carbon-black-cloud-workload/
Operational
API Services
The following may be experienced if this service was not operational. Connection to Workload API Services may be unavailable or fail intermittently; integrations based on Workload API Services, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Appliance Service
The following may be experienced if this service was not operational. Appliance installation or reconfiguration may fail; previously registered appliances may not display on Workloads or API Access pages; appliance health data may not display in vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Device Services
The following may be experienced if this service was not operational. Connection from Workload sensor to Workload backend may be unavailable or fail intermittently; registering or installing Workload sensors may fail; Workload sensor may be unable to upload latest events, look up the reputation of a new file, or receive a configuration change from Workload backend.
Security Impact: Depending on your policy settings, the prevention capabilities of the Workload sensor may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services processing is restored.
Operational
Event Processing
The following may be experienced if this service was not operational. Workload backend may take longer than normal to process latest events uploaded from a Workload sensor, and events and/or alerts may populate with a delay.
Security Impact: The prevention capabilities of Workload sensors are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Inventory Service
The following may be experienced if this service was not operational. Workload inventory may take longer than normal to update, or be unavailable in Carbon Black Cloud and vSphere. Registering or installing Workload sensors may fail, or be delayed. Vulnerability Assessment for new virtual machines may not be available from vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Life Cycle Management Service
The following may be experienced if this service was not operational. Registering, installing, or uninstalling Workload sensors may fail. Registration, installation, and uninstallation statuses may not update in Carbon Black Cloud or vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Vulnerability Assessment Service
Operational
WORKLOAD PROTECTION - JAPAN
Reduce the attack surface and protect critical assets with advanced security purpose-built for workloads.
https://www.carbonblack.com/products/vmware-carbon-black-cloud-workload/
Operational
API Services
The following may be experienced if this service was not operational. Connection to Workload API Services may be unavailable or fail intermittently; integrations based on Workload API Services, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Appliance Service
The following may be experienced if this service was not operational. Appliance installation or reconfiguration may fail; previously registered appliances may not display on Workloads or API Access pages; appliance health data may not display in vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Device Services
The following may be experienced if this service was not operational. Connection from Workload sensor to Workload backend may be unavailable or fail intermittently; registering or installing Workload sensors may fail; Workload sensor may be unable to upload latest events, look up the reputation of a new file, or receive a configuration change from Workload backend.
Security Impact: Depending on your policy settings, the prevention capabilities of the Workload sensor may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services processing is restored.
Operational
Event Processing
The following may be experienced if this service was not operational. Workload backend may take longer than normal to process latest events uploaded from a Workload sensor, and events and/or alerts may populate with a delay.
Security Impact: The prevention capabilities of Workload sensors are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Inventory Service
The following may be experienced if this service was not operational. Workload inventory may take longer than normal to update, or be unavailable in Carbon Black Cloud and vSphere. Registering or installing Workload sensors may fail, or be delayed. Vulnerability Assessment for new virtual machines may not be available from vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Life Cycle Management Service
The following may be experienced if this service was not operational. Registering, installing, or uninstalling Workload sensors may fail. Registration, installation, and uninstallation statuses may not update in Carbon Black Cloud or vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Vulnerability Assessment Service
Operational
WORKLOAD PROTECTION - SYD
Reduce the attack surface and protect critical assets with advanced security purpose-built for workloads.
https://www.carbonblack.com/products/vmware-carbon-black-cloud-workload/
Operational
API Services
The following may be experienced if this service was not operational. Connection to Workload API Services may be unavailable or fail intermittently; integrations based on Workload API Services, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Appliance Service
The following may be experienced if this service was not operational. Appliance installation or reconfiguration may fail; previously registered appliances may not display on Workloads or API Access pages; appliance health data may not display in vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Device Services
The following may be experienced if this service was not operational. Connection from Workload sensor to Workload backend may be unavailable or fail intermittently; registering or installing Workload sensors may fail; Workload sensor may be unable to upload latest events, look up the reputation of a new file, or receive a configuration change from Workload backend.
Security Impact: Depending on your policy settings, the prevention capabilities of the Workload sensor may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services processing is restored.
Operational
Event Processing
The following may be experienced if this service was not operational. Workload backend may take longer than normal to process latest events uploaded from a Workload sensor, and events and/or alerts may populate with a delay.
Security Impact: The prevention capabilities of Workload sensors are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Inventory Service
The following may be experienced if this service was not operational. Workload inventory may take longer than normal to update, or be unavailable in Carbon Black Cloud and vSphere. Registering or installing Workload sensors may fail, or be delayed. Vulnerability Assessment for new virtual machines may not be available from vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Life Cycle Management Service
The following may be experienced if this service was not operational. Registering, installing, or uninstalling Workload sensors may fail. Registration, installation, and uninstallation statuses may not update in Carbon Black Cloud or vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Vulnerability Assessment Service
Operational
WORKLOAD PROTECTION - UK
Operational
API Services
The following may be experienced if this service was not operational. Connection to Workload API Services may be unavailable or fail intermittently; integrations based on Workload API Services, including SIEM connectors, two-factor authentication, and SAML logins may not function correctly.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Appliance Service
The following may be experienced if this service was not operational. Appliance installation or reconfiguration may fail; previously registered appliances may not display on Workloads or API Access pages; appliance health data may not display in vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected.
Operational
Device Services
The following may be experienced if this service was not operational. Connection from Workload sensor to Workload backend may be unavailable or fail intermittently; registering or installing Workload sensors may fail; Workload sensor may be unable to upload latest events, look up the reputation of a new file, or receive a configuration change from Workload backend.
Security Impact: Depending on your policy settings, the prevention capabilities of the Workload sensor may be temporarily weakened. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Device Services processing is restored.
Operational
Event Processing
The following may be experienced if this service was not operational. Workload backend may take longer than normal to process latest events uploaded from a Workload sensor, and events and/or alerts may populate with a delay.
Security Impact: The prevention capabilities of Workload sensors are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is restored.
Operational
Inventory Service
The following may be experienced if this service was not operational. Workload inventory may take longer than normal to update, or be unavailable in Carbon Black Cloud and vSphere. Registering or installing Workload sensors may fail, or be delayed. Vulnerability Assessment for new virtual machines may not be available from vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Life Cycle Management Service
The following may be experienced if this service was not operational. Registering, installing, or uninstalling Workload sensors may fail. Registration, installation, and uninstallation statuses may not update in Carbon Black Cloud or vSphere.
Security Impact: The prevention capabilities of Workload sensors are unaffected. New installation of Workload sensors may not be possible.
Operational
Vulnerability Assessment Service
Operational
CONTAINER SECURITY - US
Operational
Event Processing
The following may be experienced if this service was not operational. Container security backend may take longer than normal to process the latest events sent from the data-plane, and events and/or alerts may populate with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is returned.
Operational
Enforcement (Data-plane) API Services
The following may be experienced if this service was not operational. Container security data related to policy enforcement may take longer than normal to load or may not be available.
Security Impact: Depending on your policy settings, the prevention and detection capabilities of container security may be temporarily weakened.
Operational
State API Services
The following may be experienced if this service was not operational. Container security data may take longer than normal to load or may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Management API Services
The following may be experienced if this service was not operational. Management of the container security configs may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Notification Services
The following may be experienced if this service was not operational. Notifications for container security alerts may be published with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Notifications related to prevention and detection may be temporarily delayed until normal operation of Notification Services is returned.
Operational
Setup Wizard
The following may be experienced if this service was not operational. Adding a new cluster or data-plane may fail.
Security Impact: The prevention and detection capabilities of container security are unaffected.
Operational
Image Scanning API Services
The following may be experienced if this service was not operational. Container security data related to container image scanning may take longer than normal to load or may not be available.
Security Impact: Depending on your usage of the product, the prevention and detection capabilities of container image scanning may be temporarily weakened.
Operational
Network Connectivity Map
Operational
CONTAINER SECURITY - EU
Operational
Event Processing
The following may be experienced if this service was not operational. Container security backend may take longer than normal to process the latest events sent from the data-plane, and events and/or alerts may populate with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is returned.
Operational
Enforcement (Data-plane) API Services
The following may be experienced if this service was not operational. Container security data related to policy enforcement may take longer than normal to load or may not be available.
Security Impact: Depending on your policy settings, the prevention and detection capabilities of container security may be temporarily weakened.
Operational
State API Services
The following may be experienced if this service was not operational. Container security data may take longer than normal to load or may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Management API Services
The following may be experienced if this service was not operational. Management of the container security configs may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Notification Services
The following may be experienced if this service was not operational. Notifications for container security alerts may be published with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Notifications related to prevention and detection may be temporarily delayed until normal operation of Notification Services is returned.
Operational
Setup Wizard
The following may be experienced if this service was not operational. Adding a new cluster or data-plane may fail.
Security Impact: The prevention and detection capabilities of container security are unaffected.
Operational
Image Scanning API Services
The following may be experienced if this service was not operational. Container security data related to container image scanning may take longer than normal to load or may not be available.
Security Impact: Depending on your usage of the product, the prevention and detection capabilities of container image scanning may be temporarily weakened.
Operational
Network Connectivity Map
Operational
CONTAINER SECURITY - JAPAN
Operational
Event Processing
The following may be experienced if this service was not operational. Container security backend may take longer than normal to process the latest events sent from the data-plane, and events and/or alerts may populate with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is returned.
Operational
Enforcement (Data-plane) API Services
The following may be experienced if this service was not operational. Container security data related to policy enforcement may take longer than normal to load or may not be available.
Security Impact: Depending on your policy settings, the prevention and detection capabilities of container security may be temporarily weakened.
Operational
State API Services
The following may be experienced if this service was not operational. Container security data may take longer than normal to load or may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Management API Services
The following may be experienced if this service was not operational. Management of the container security configs may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Notification Services
The following may be experienced if this service was not operational. Notifications for container security alerts may be published with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Notifications related to prevention and detection may be temporarily delayed until normal operation of Notification Services is returned.
Operational
Setup Wizard
The following may be experienced if this service was not operational. Adding a new cluster or data-plane may fail.
Security Impact: The prevention and detection capabilities of container security are unaffected.
Operational
Image Scanning API Services
The following may be experienced if this service was not operational. Container security data related to container image scanning may take longer than normal to load or may not be available.
Security Impact: Depending on your usage of the product, the prevention and detection capabilities of container image scanning may be temporarily weakened.
Operational
CONTAINER SECURITY - SYD
Operational
Event Processing
The following may be experienced if this service was not operational. Container security backend may take longer than normal to process the latest events sent from the data-plane, and events and/or alerts may populate with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is returned.
Operational
Enforcement (Data-plane) API Services
The following may be experienced if this service was not operational. Container security data related to policy enforcement may take longer than normal to load or may not be available.
Security Impact: Depending on your policy settings, the prevention and detection capabilities of container security may be temporarily weakened.
Operational
State API Services
The following may be experienced if this service was not operational. Container security data may take longer than normal to load or may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Management API Services
The following may be experienced if this service was not operational. Management of the container security configs may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Notification Services
The following may be experienced if this service was not operational. Notifications for container security alerts may be published with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Notifications related to prevention and detection may be temporarily delayed until normal operation of Notification Services is returned.
Operational
Setup Wizard
The following may be experienced if this service was not operational. Adding a new cluster or data-plane may fail.
Security Impact: The prevention and detection capabilities of container security are unaffected.
Operational
Image Scanning API Services
The following may be experienced if this service was not operational. Container security data related to container image scanning may take longer than normal to load or may not be available.
Security Impact: Depending on your usage of the product, the prevention and detection capabilities of container image scanning may be temporarily weakened.
Operational
Network Connectivity Map
Operational
CONTAINER SECURITY - UK
Operational
Event Processing
The following may be experienced if this service was not operational. Container security backend may take longer than normal to process the latest events sent from the data-plane, and events and/or alerts may populate with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily delayed until normal operation of Event Processing is returned.
Operational
Enforcement (Data-plane) API Services
The following may be experienced if this service was not operational. Container security data related to policy enforcement may take longer than normal to load or may not be available.
Security Impact: Depending on your policy settings, the prevention and detection capabilities of container security may be temporarily weakened.
Operational
State API Services
The following may be experienced if this service was not operational. Container security data may take longer than normal to load or may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Management API Services
The following may be experienced if this service was not operational. Management of the container security configs may not be available.
Security Impact: The prevention and detection capabilities of container security are unaffected. Visibility of events and alerts related to prevention and detection may be temporarily unavailable.
Operational
Notification Services
The following may be experienced if this service was not operational. Notifications for container security alerts may be published with a delay.
Security Impact: The prevention and detection capabilities of container security are unaffected. Notifications related to prevention and detection may be temporarily delayed until normal operation of Notification Services is returned.
Operational
Setup Wizard
The following may be experienced if this service was not operational. Adding a new cluster or data-plane may fail.
Security Impact: The prevention and detection capabilities of container security are unaffected.
Operational
Image Scanning API Services
The following may be experienced if this service was not operational. Container security data related to container image scanning may take longer than normal to load or may not be available.
Security Impact: Depending on your usage of the product, the prevention and detection capabilities of container image scanning may be temporarily weakened.
Operational
APP CONTROL
Formerly "CB Protection"
Operational
CDC Reputation - Diagnostic Upload
Cb Protection uploading of log files
Operational
CDC Reputation - Platform Diagnostic Service
Monitoring the health, OER compliance and status of Cb Protection Servers
Operational
CDC Reputation - Services
Trust and Threat Reputation, Cyber Forensic Service, Data Sync Service
Operational
CDC - CB Inspection
Static and Dynamic File Analysis
Operational
EDR/H-EDR
Formerly "CB Response"
Operational
Diagnostics
Diagnostic Uploads and Support Metrics
Operational
Email service
Customer Email: VMware Carbon Black External Mail Server (Default)
Description: As part of scheduled infrastructure upgrade, we will be migrating Device Control services.
Customer Impact: Prevention capabilities of ENDPOINT STANDARD are unaffected. Customers may experience intermittent issues while using Device Control features including updating blocking policy, USB device Approvals etc.
Description: As part of scheduled infrastructure upgrade, we will be migrating Device Control services.
Customer Impact: Prevention capabilities of ENDPOINT STANDARD are unaffected. Customers may experience intermittent issues while using Device Control features including updating blocking policy, USB device Approvals etc.
Resolved -
Services remained stable during the monitoring period and there were no issues reported. This incident is resolved and there will be no further updates.
Sep 21, 14:17 EDT
Monitoring -
VMware Engineering teams mitigated the issue and are observing improvement and recovery of the services. However, to ensure stability we will monitor the services for the next 1 hour.
Sep 21, 13:07 EDT
Update -
We are continuing to investigate this issue.
Sep 21, 12:37 EDT
Investigating -
Description: CARBON BLACK CLOUD AUDIT & REMEDIATION - US Dashboard & Public API - Live Query is currently degraded. Some customers may experience requests returning more slowly than normal or some requests timing out.
Security Impact: Security efficacy is not compromised due to this issue.
Next Update: 60 minutes or upon earlier status change
Resolved -
VMware Engineering team has applied the fix successfully and the services are operational. This is the final notification for this incident.
Security Impact: Security efficacy is not compromised due to this issue.
Sep 20, 19:20 EDT
Investigating -
Description: CARBON BLACK CLOUD AUDIT & REMEDIATION - US Result Processing is currently degraded. Some customer may experience delays in receiving results from queries.
Security Impact Impact: Security efficacy is not compromised due to this issue.
Next Update: 60 minutes or upon earlier status change
Resolved -
VMware Carbon Black Engineering teams identified the issue and have applied the fix. Services are operational in all environments. This incident is resolved and there will be no further updates
Sep 18, 11:34 EDT
Update -
VMware Carbon Black Engineering teams are progressing toward resolving the issue at the earliest. More updates will be provided in the next 1 hour or as soon as more information is available.
Sep 18, 11:07 EDT
Investigating -
Description: CARBON BLACK CLOUD AUDIT & REMEDIATION Live Response - EU is currently unavailable. Customers will not be able to connect to the Live Response session and run commands.
Security Impact: Security efficacy is not compromised due to this issue.
Next Update: 60 minutes or upon earlier status change
Completed -
The scheduled maintenance has been completed.
Sep 17, 02:01 EDT
In progress -
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 16, 22:00 EDT
Scheduled -
During this maintenance period AUDIT & REMEDIATION - US (Live Query) may be unavailable. However, any AUDIT & REMEDIATION - US (Live Query) data sent to the Carbon Black Cloud backend during the maintenance period will be processed after maintenance completion.
Beginning: 16-Sept-2023, 10:00 PM ET Ending: 17-Sept-2023, 2:00 AM ET
Completed -
The scheduled maintenance has been completed.
Sep 16, 01:30 EDT
In progress -
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 15, 21:30 EDT
Scheduled -
During this maintenance period AUDIT & REMEDIATION - EU (Live Query) may be unavailable. However, any AUDIT & REMEDIATION - EU (Live Query) data sent to the Carbon Black Cloud backend during the maintenance period will be processed after maintenance completion.
Beginning: 15-Sept-2023, 9:30 PM ET Ending: 16-Sept-2023, 1:30 AM ET