Managing Ivanti Mobile Threat Defense through the MTD console and local actions
Detected threats can be remediated through a combination of local- and server-initiated mitigation and compliance actions. Applied together, they provide the highest level of client threat protection.
- Setting up the MTD threat management console is done through the MTD threat management console.
- Setting up the UEM platform is done through the Admin Console.
The process works this way:
If mitigation is implemented using Local Actions, the threat is remediated based on the Local Actions configuration and does not need connection to
Ivanti Neurons for MDMor MTD console.
If the device is connected to
Ivanti Neurons for MDMand MTD console (server-initiated), any threats detected on the device informs the MTD console of threat status. MTD console instructs Ivanti Neurons for MDMthat a policy violation has been triggered. Ivanti Neurons for MDMassigns the compromised device to the appropriate label, which can trigger a custom enforcement workflow.
When the threat is remediated on the device, the client passes this state change to the MTD console. The MTD console tells
Ivanti Neurons for MDMthat the policy violation has been removed and removes the label that triggered a custom enforcement workflow from the device. Ivanti Neurons for MDMthen restores the device back to normal operations.