Managing Ivanti Mobile Threat Defense through the MTD console and local actions

Detected threats can be remediated through a combination of local- and server-initiated mitigation and compliance actions. Applied together, they provide the highest level of client threat protection.

The process works this way:

  • If mitigation is implemented using Local Actions, the threat is remediated based on the Local Actions configuration and does not need connection to Ivanti Neurons for MDM or MTD console.

  • If the device is connected to Ivanti Neurons for MDM and MTD console (server-initiated), any threats detected on the device informs the MTD console of threat status. MTD console instructs Ivanti Neurons for MDM that a policy violation has been triggered. Ivanti Neurons for MDM assigns the compromised device to the appropriate label, which can trigger a custom enforcement workflow.

  • When the threat is remediated on the device, the client passes this state change to the MTD console. The MTD console tells Ivanti Neurons for MDM that the policy violation has been removed and removes the label that triggered a custom enforcement workflow from the device. Ivanti Neurons for MDM then restores the device back to normal operations.