Defining an MTD security policy in Ivanti EPMM
To define an MTD security policy in Ivanti EPMM, you must create an MTD security policy for the labels you created in Creating MTD labels in Ivanti EPMM for Android and iOS devices.
Before you begin
Be sure you have completed Defining app control rules in Ivanti EPMM.
- In the Ivanti EPMM Admin Portal, select Policies & Configs > Policies.
- Select Add New > Security. The New Security Policy dialog box opens.
- Enter a descriptive name in the Name field, such as MTD–Security Policy.
- Change the Status to Active. Set the priority if needed.
- Scroll down to the Access Control section.
- Under For All Platforms, select the compliance action that you created in Setting up the MTD threat management console, for the when a device violates the App Control roles field. (Quarantine, for example.)
- In the Rule Type: Required section, move Always True to the Enabled column. (You created the rule type in Defining app control rules in Ivanti EPMM.)
Scroll down to the For iOS devices section:
- Select Quarantine as the compliance action for the when a compromised iOS device is detected field.
- Select Quarantine for the when device MDM is deactivated field.
- Scroll down to the For Android devices section, select Quarantine as the compliance action in the when a compromised Android device is detected field.
- Click Save.
- In the Policies & Configs > Compliance Policies page, select the check box next to the MTD security policy.
- Select Actions > Apply to Label. This applies the threat label you configured in Creating MTD labels in Ivanti EPMM for Android and iOS devices to the MTD security policy. (MTD–ExploitDetected, MTD–Malwareinfected, and MTD–NetworkThreat, for example)
Proceed to Creating event notifications.