Creating and applying multi-tier compliance actions
This section discusses how to create and apply compliance actions that are initiated by the MTD threat management console. (For MTD local actions, see Creating MTD local actions in Ivanti EPMM.) User devices can trigger a check-in with MTD console, but it is initiated by MTD console to Ivanti EPMM and then Ivanti EPMM sends a command to the device to do the check-in. This way, the devices are protected from zero-day malware, device, network and application threats without having to wait for the next scheduled check-in event. The compliance actions are evaluated during the client check-in event and the selected compliance actions are enforced on the client by Ivanti EPMM, when the device is determined to be non-compliant with policy.
In order for the multi-tiered compliance actions feature to work, device users must have [email protected] 10.0.0.0 through the most recently released version as supported by MTD installed.
With custom compliance actions, you can create actions to better manage access control. With tiered compliance actions, you can customize them to include up to 4 levels of action to better manage compliance actions: Critical, Elevated, Normal and Low.
By default, there are two existing compliance actions available – Block Email, AppConnect Apps, and Send Alert, and Send Alert. It is a best practice to create additional compliance actions that will be used specifically for MTD, for example:
- MTD – Notify (based on the "Send Alert" compliance action)
- MTD – Block (based on the "Block Email, App Connect apps and Send Alert" compliance action)
- MTD – Quarantine (see Quarantine compliance action)
- MTD – Tiered Compliance 4 hours (see Tiered compliance action - 4 hours)
Before you begin
Be sure that you have completed Creating MTD labels in Ivanti EPMM for Android and iOS devices.