Advanced phishing protection for managed devices
In
For Apple User Enrolled devices, Ivanti Mobile Threat Defense is limited. The Anti-Phishing policy will be pushed, however, the VPN will not function. This is a limitation due to Apple.
Before you begin
Review any relevant information in Setting up the MTD threat management console and Appendix A: Ivanti MTD portal integration - IP addresses.
Enable MTD console anti-phishing VPN
Procedure
- Log into MTD console.
- Click the Policy tab.
-
From the Policy page, click Phishing Policy. The phishing policy configuration page displays.
Figure 1. MTD console Phishing Policy page
-
In the Selected Group field, select the group to receive phishing protection.
-
Select from the following options:
-
Enable phishing protection and activate zIPS URL sharing – Enabled by default. Check this option to enable MTD console phishing protection.
Users who launch a device-level VPN app such as PulseSecure or GlobalProtect from their device will disconnect the MTD anti-phishing VPN, which disables the anti-phishing solution on the device. The device user must navigate back to Settings > VPN settings and re-select MobileIron anti-phishing VPN to re-enable anti-phishing protection.
-
Local VPN for Phishing
-
Enable phishing protection and activate zIPS local VPN – Enabled by default. Check this option to enable a local phishing VPN.
-
Allow user control – Disabled by default. This option cannot be enabled.
-
Block detected phishing URLs – Enabled by default. Check this option to block phishing URLs when they are detected on a device.
Do not disable Phishing Policy option "Block detected phishing URLs." If disabled, users will see a non-working notification.
-
-
Enable content inspection on remote server - Disabled by default. This option allows the MTD console to access a much larger database of blacklisted sites than the sites available on the device, providing multilevel protection.
-
-
Click Deploy to distribute the phishing protection policy to the selected device group. For iOS clients, anti-phishing is enabled.
-
For Android clients, proceed to Android anti-phishing using Tunnel app.