Legacy Android phishing configuration tasks
These legacy Android clients require their users to select the [email protected] client as the default browser, and some additional tasks.
|AppConnect (Android 5.0+)||
In Android AppConnect container configuration, administrators should distribute [email protected] and enable the following lockdowns for the phishing protection:
This will ensure that on URL clicks inside and outside the container, Ivanti Mobile Threat Defense client can intercept the URL for phishing protection and use the installed [email protected] to display the safe URLs.
Kiosk Device Admin mode (Samsung devices from Android 5.x to 8.x and non-Samsung devices from Android 5.x to 7.x) and Kiosk Android Enterprise Device Owner mode (Android 5.0+)
When URL clicks are inside the kiosk, if the URL is safe, it will be displayed with browsers available in the kiosk mode. Kiosk mode remains active and functional if the phishing protection was enabled outside the kiosk and then removed while the device is in kiosk mode. Exiting in and out of kiosk mode keeps the phishing protection functional inside and outside the kiosk.
When a user clicks a URL:
- If the URL is not safe, it will be blocked.
If the URL is safe, Ivanti Mobile Threat Defense client will render the URL with the browser available or display a list of browsers. The end user is asked whether they want to use this browser Just Once or Always.
- For Just Once, Ivanti Mobile Threat Defense will continue to show a list of browsers, if there are multiple browsers.
- For Always, Ivanti Mobile Threat Defense client will save the selected browser, and use it to render safe URLs going forward.
Once the user selects "Always" through the client's list of browsers, the user cannot change the default browser for rendering safe URLs. As a workaround, install a new browser. On clicking the next safe URL, the user will be again shown a list of browsers, including the new browser.