Configuring the iOS sinkhole VPN local action

MTD Admins can configure an iOS sinkhole option to automatically redirect malicious client Internet traffic away from the Enterprise. From Core 10.6.0.0 through the most recently released version as supported by MobileIron, the MobileIron Local Actions configuration provides a Network Sinkhole option for iOS devices that can create and push a MobileIron Threat Defense VPN to client users immediately, without user confirmation.

NOTE:

MobileIron recommends selecting the Network Sinkhole action ONLY for network-related threats. Use of Network Sinkhole action for device and application threats can result in disabling network connectivity to the device without the ability to restore network connectivity.

Procedure 

1. From the MobileIron Cloud Configurations page, create or edit an MTD local action configuration.

2. From a threat in the Network Threats section, select Network Sinkhole from the Local Action iOS column.

   

3. Finish your configuration choices, and save the Local Actions configuration. The MobileIron Threat Defense VPN configuration displays in the Configurations page.

   

   The VPN configuration cannot be edited. To remove the configuration, remove the Network Sinkhole options from the configuration.

4. Push the configuration to selected devices.

   1. From the Devices page, select the iOS devices.
   2. Click the Actions menu.
   3. Select Force Check-in. Confirm the choice.