Configuration overview

The steps required to configure AppConnect depend on which aspects you intend to enable and deploy.

Basic configuration

Complete the following steps to implement a basic AppConnect configuration:

  1. Add the Ivanti secure apps you intend to deploy.

    These are AppConnect apps provided by Ivanti. See Adding secure apps for deployment.

  2. Configure the AppConnect global policy.

    See AppConnect global policy.

  3. Configure the AppConnect container policy.

    See AppConnect container policies.

  4. Enable any Ivanti secure apps you intend to deploy.

    See Enabling secure apps.

  5. Configure the app-specific configuration if required by the app.

    See AppConnect app configuration.

  6. If you are using AppConnect-enabled email clients, configure the email attachment control option called Open With Secure Email App.

    See Configuring the Open With Secure Email App option

Adding third-party and in-house secure apps

If you intend to deploy secure apps developed by your organization or a third-party provider, complete the following steps:

  1. Complete the steps in Configuration overview.

  2. Enable AppConnect third-party and in-house apps.

    See Enabling secure apps.

  3. If you are using AppConnect-enabled email clients, configure the email attachment control option called Open With Secure Email App.

    See Configuring the Open With Secure Email App option

Adding AppTunnel support

Add AppTunnel support to secure the data that moves between your secure apps and your corporate data sources.

Before you begin 

Ensure that you have a Standalone Sentry configured to support AppTunnel. The required steps include:

  • Setting up the Standalone Sentry connectivity settings, which include the Sentry host name or IP address, and the port number MobileIron Core uses to access the Sentry.
  • Enabling the Standalone Sentry for AppTunnel.
  • Configuring the Standalone Sentry for device authentication, which is how the device authenticates to the Standalone Sentry. This authentication includes setting up certificates if you require them.

Procedure 

The high-level tasks for configuring AppTunnel are:

  1. Complete the steps in Basic configuration.

  2. Complete the steps in Adding third-party and in-house secure apps, if applicable.

  3. Enable AppTunnel on MobileIron Core, if you are deploying third-party or in-house apps.

    See Enabling AppTunnel.

  4. Configure an AppTunnel service on Standalone Sentry.

    See Configuring an AppTunnel service.

  5. Configure the AppTunnel rules in an AppConnect app configuration for each app using AppTunnel.

    See AppConnect app configuration.

  • “Configuring Standalone Sentry for AppTunnel” in the Sentry Guide for Core
  • “Working with app tunnels” in the Sentry Guide for Core for actions you can take on an app tunnel. For example, you can block an app tunnel, so that an AppConnect app on a device cannot access the backend resource.

Adding compliance actions

You have the option of specifying AppConnect compliance actions as part of a security policy. To specify these compliance actions:

  1. Complete the steps in Configuration overview.
  2. Complete the steps in Configuration overview, if applicable.
  3. Complete the steps in Configuration overview, if applicable.
  4. Configure compliance actions.See Configuring compliance actions.