Network threats can be mitigated using a sinkhole VPN profile in the MTD Local Actions
Ivanti, Inc recommends selecting the Network Sinkhole action ONLY for network-related threats. Use of Network Sinkhole action for device and application threats can result in disabling network connectivity to the device without the ability to restore network connectivity.
Before you begin
- Make sure you have reviewed Creating MTD local actions in Ivanti EPMM.
- From the Ivanti EPMM Policies & Configs > Policies page, create or edit an MTD local action policy.
From a threat in the Network Threats section, select Network Sinkhole from the Local Action iOS column.
Figure 1. Network Sinkhole option in Actions menu.
For Apple User Enrollment, if Network Sinkhole is enabled in the Local Actions policy, the sinkhole will not work. This is an Apple limitation.
Finish your configuration choices, and click Save. The Policy page displays, with your updated configuration.
Figure 2. The VPN policy cannot be edited. To remove the configuration, remove the Network Sinkhole options from the policy.
- To push this policy to devices, select the policy.
- Click Actions > Apply to Label. The Apply to Label menu displays.
- Select the device labels that will receive the policy.
- Click Apply. The policy is pushed to labeled devices.