Description of configurations in Ivanti Neurons for MDM

This section provides a more detailed description of the configuration steps referenced in Overview of configuration on Ivanti Neurons for MDM. The following configurations are described:

Configuring a custom HTTP service

You create an AppTunnel service in Standalone Sentry as part of the AppTunnel setup.

Before you begin 

Ensure that you have a Standalone Sentry that is set up for AppTunnel and the necessary device authentication is also configured. See “Configuring Standalone Sentry for app tunneling” in the Ivanti Sentry Guide for Ivanti Neurons for MDM.


1. In Ivanti Neurons for MDM, go to Admin > Sentry.
2. Edit the entry for the Standalone Sentry profile that supports AppTunnel.
3. In Services, click Custom HTTP to add a new service.
4. Use the following guidelines to configure the service:




Service Name

Enter a name to identify the service.

The Service Name is used in the Email+ app configuration.

Server Authentication

Select Pass through (Basic Authentication).

All destinations (forward proxy)

Selected by default.

5. Click Save.

See “Configuring Standalone Sentry for app tunneling” in the Ivanti Sentry Guide for Ivanti Neurons for MDM for more information on creating an AppTunnel service.

Configuring Identity certificate setting

You need to create the SCEP setting if your Exchange server and the EWS service require certificate authentication. You will reference the name of SCEP setting in the AppConnect configuration for Email+ to generate the login certificate for Email+, so that the Exchange server and EWS trust the device.

Before you begin 

Create a certificate authority in Admin > Certificate Authority.


1. In Ivanti Neurons for MDM, go to Configurations.
2. Click Add > Identity Certificate.
3. Fill in the following fields for the certificate configuration:

Name: Enter brief text that identifies this certificate setting.

Description: Enter additional text that clarifies the purpose of this SCEP setting.

Certificate Distribution: Select Dynamically Generated.

Source: Select the Certificate Authority you created in Admin > Certificate Authority.

Subject: CN=${EMAIL}

Key size: 2048

4. Test the configuration, and click Next.
5. Click Done to save the configuration.

You will reference the certificate configuration in the app configuration for Email+ using the key email_login_certificate.

Updating the app configuration for Ivanti Email+

Update the app configuration for Email+ for iOS with key-value pairs, so that Email+ on iOS devices is authorized to get real-time notifications from CNS.


1. In Ivanti Neurons for MDM, go to Apps > App Catalog.
2. In the App Catalog, click on Email+.
3. Click App Configurations.
4. In App Configurations Summary, click on AppTunnel to add an AppTunnel rule.

Enter a name for the configuration.

Select the Sentry profile in which you configured the custom HTTP service.

Select the custom HTTP service you created for real-time push notifications in the Sentry configuration.

For URL Wildcard, enter the Exchange server’s IP address or FQDN.

Select the distribution for this configuration.

Click Save.

5. In App Configurations Summary, click on Email+ Configuration to add the necessary key-value pairs in AppConnect Custom Configuration.
6. Select the app distribution.
7. Click Update.

See Key-value pairs for real-time push notifications for a list of key-value pairs.