TRM Configuration Options

Options

Description

Enable

Toggle to enable

Enable or disable threat detections The MTD console administrator has the option of disabling certain threat detections and, therefore, the collection of associated forensics. In the Severity column, you can disable the status of "Elevated" or "Lower" by clearing the radio button in the row of the event. This change is effective next time you click Deploy. After deploying /syncing with Ivanti Neurons for MDM, when a threat is detected, the MTD console instructs Ivanti Neurons for MDM to move the device to the chosen custom attribute in the TRM. The workflow assigned to that custom attribute determines the action that Ivanti Neurons for MDM takes on the device. The communication from the MTD console to Ivanti Neurons for MDM is performed securely through a MTD API call.

Severity

Select one of four levels

Severity threat levels Administrators have the option of changing the threat severity levels. This is useful for different business cases. The options are "Critical," "Elevated," "Low," and "Normal."

Threats auto-populated

Threat classes detected The threats listed in the Threat column represent the classes of threats that MTD detects. Threat classes are recognized by MTD, which is able to determine when a malicious event is happening.

Alert User Toggle to enable

Enable or disable user alerts. Administrators cannot manage MTD alerts through the MTD console. In order to implement and localize MTD alerts, use the Show Notifications option in the MTD Local Actions configuration in Ivanti Neurons for MDM

Device Actions Click the gear to open.

Select from these menu options to enable device actions on MTD console:

Android:

• Disconnect Wifi

• Network Sinkhole

• Tunnel unsecured traffic

iOS:

• Network Sinkhole

• Tunnel unsecured traffic

Samsung Knox :

• Isolate device from the network

• Disable App

• Uninstall App

• Block App

• Also use Android actions

Chrome Extensions:

• Disable extension

• Uninstall extension

Notification (Notify Me) Click an icon

You can set up an email or SMS notification process for each specific threat. SMS notifications require the administrator’s telephone information to be set up in the User page of a given administrator. Each email or SMS contains an event summary and a link to the actual event that can be viewed in a browser after log-in. Check if SMS is supported

Options	Description
Enable Toggle to enable	Enable or disable threat detections The MTD console administrator has the option of disabling certain threat detections and, therefore, the collection of associated forensics. In the Severity column, you can disable the status of "Elevated" or "Lower" by clearing the radio button in the row of the event. This change is effective next time you click Deploy. After deploying /syncing with Ivanti Neurons for MDM, when a threat is detected, the MTD console instructs Ivanti Neurons for MDM to move the device to the chosen custom attribute in the TRM. The workflow assigned to that custom attribute determines the action that Ivanti Neurons for MDM takes on the device. The communication from the MTD console to Ivanti Neurons for MDM is performed securely through a MTD API call.
Severity Select one of four levels	Severity threat levels Administrators have the option of changing the threat severity levels. This is useful for different business cases. The options are "Critical," "Elevated," "Low," and "Normal."
Threats auto-populated	Threat classes detected The threats listed in the Threat column represent the classes of threats that MTD detects. Threat classes are recognized by MTD, which is able to determine when a malicious event is happening.
Alert User Toggle to enable	Enable or disable user alerts. Administrators cannot manage MTD alerts through the MTD console. In order to implement and localize MTD alerts, use the Show Notifications option in the MTD Local Actions configuration in Ivanti Neurons for MDM
Device Actions Click the gear to open.	Select from these menu options to enable device actions on MTD console: Android: • Disconnect Wifi • Network Sinkhole • Tunnel unsecured traffic iOS: • Network Sinkhole • Tunnel unsecured traffic Samsung Knox : • Isolate device from the network • Disable App • Uninstall App • Block App • Also use Android actions Chrome Extensions: • Disable extension • Uninstall extension
Notification (Notify Me) Click an icon	You can set up an email or SMS notification process for each specific threat. SMS notifications require the administrator’s telephone information to be set up in the User page of a given administrator. Each email or SMS contains an event summary and a link to the actual event that can be viewed in a browser after log-in. Check if SMS is supported