Managing Ivanti Mobile Threat Defense through the MTD console and local actions
Detected threats can be remediated through a combination of local- and server-initiated mitigation and compliance actions. Applied together, they provide the highest level of client threat protection.
- Setting up the MTD threat management console is done through the MTD threat management console.
- Setting up the UEM platform is done through the Admin Console.
The process works this way:
If mitigation is implemented using Local Actions, the threat is remediated based on the Local Actions configuration and does not need connection to
Ivanti EPMMor MTD console.
If the device is connected to
Ivanti EPMMand MTD console (server-initiated), any threats detected on the device informs the MTD console of threat status. MTD console instructs Ivanti EPMMthat a policy violation has been triggered. Ivanti EPMMassigns the compromised device to the appropriate label, which can trigger a custom enforcement workflow.
When the threat is remediated on the device, the client passes this state change to the MTD console. The MTD console tells
Ivanti EPMMthat the policy violation has been removed and removes the label that triggered a custom enforcement workflow from the device. Ivanti EPMMthen restores the device back to normal operations.