Issue
Our Firewall is blocking the Carbon Black Endpoint Standard signature update URLs. We are getting alerts from our firewall that the Carbon Black Endpoint Standard Signature Update URLs are potentially malicious.
Environment
VMWare Carbon Black Endpoint Standard
Resolution
First, you will need to reference this Carbon Black article: Configure a Firewall.
Then, you will need to configure your firewall to allow communications (whitelist) all of the appropriate URLs. Specifically, you will need to make sure all of the URLs listed in the "All environments" section of the article are whitelisted in the firewall.
The URLs listed in the "Environment-specific URLs" section are specific to your Carbon Black Cloud console URL, which you can find by simply logging into your Carbon Black console and referencing the URL that is being used. You will only need to whitelist your specific console URL in the firewall.
Cause
The Carbon Black Defense (Endpoint Standard) signature update URLs may get blocked because they have not been properly whitelisted in your firewall.