New features summary
These are cumulative release notes. If a release does not appear in this section, then there are no associated new features and enhancements.
Product nomenclature: This is cumulative documentation and the product names you encounter in this documentation were accurate at the time of publication. Ivanti updates each new section to reflect evolving product nomenclature, but leaves legacy citations intact to ensure proper frame of reference for the reader.
- New threat protection for apps with Debug functionality enabled: Apps with Debug functionality enabled can be used by an attacker to control and manipulate the underlying app functions on a device. This release supports Zimperium zIPS SDK for Android version 4.22.8 or later, which can detect and mitigate this threat. For more information, contact your Ivanti MTD representative.
- MTD attributes and status are reported to Ivanti EPMM at every device check-in.
- Branding update: MobileIron Mobile@Work app is now re-branded to Ivanti Mobile@Work on Android and iOS platforms.
- Added new Zimperium SDK:
- The Zimperium SDK version 4.22.8 was integrated for Android clients.
- The Zimperium SDK version 4.22.4 was integrated for iOS clients.
- Product Name change: As part of re-branding, the following product name changes have occurred:
- "Core" name has been changed to "Ivanti Endpoint Manager Mobile (EPMM)."
- "MTD for Core" name has been changed to "Ivanti Mobile Threat Defense for EPMM" or "Ivanti MTD for EPMM"
Access Control List now applicable for Android devices on Tunnel: The access control option in the MTD management console released for iOS devices in Core 18.104.22.168, is now also compatible with Android devices running over the Tunnel VPN. You can apply the threat category as either Phishing or Safe to websites from an Access Control List (ACL) in the Management > Access Control tab. Administrators can add URLs one at a time, or use the Comma Separated Values (CSV) file template to import a bulk list. For more information, see Allow or block iOS device access to specific URLs.
New MTD management console options for iOS devices: In this release, the Zimperium 4.20.x Software Development Kit (SDK) is integrated with MTD, providing administrators with two new options:
Custom DNS settings for Local VPN: Under the Local VPN section, administrators can define custom Domain Name System (DNS) settings they want to use when a device connects to their corporate Wi-Fi network. No changes are required on the client side.
Note the following caveats:
- The server must be available from public networks to use this feature.
- If you change the default DNS server, make sure that the MobileIron Services are reachable from the custom DNS network.
Access control for custom URLs: There is a new access control option in the MTD management console Management > Access Control tab that enables you to apply a custom threat category (Phishing or Safe) to websites from an Access Control List (ACL). This feature gives administrators the opportunity to allow corporate infrastructure links that might otherwise be blocked, and a similar opportunity to block the websites restricted by company policy. Administrators can add URLs one at a time, or use the Comma Separated Values (CSV) file template to import a bulk list. For more information, see Allow or block iOS device access to specific URLs.
For more information, see Defining a custom DNS server.
Due to limitations in the Zimperium Application Programming Interface (API), some features in the MTD management portal (also known as the zConsole) are not yet supported.
Additional information available to iOS client users with Risky Link notifications: When an iOS Mobile@Work user clicks on a site or an app that is linked to a phishing URL, the user sees a "Link is Risky!" notification. With this release, a user can expand the notification to view the information about the actual phishing URL. To enable, uncheck the option Block detected phishing URLs in the MTD console > Policy > Phishing Policy page. See Advanced phishing protection for managed devices.