Adding Ivanti Neurons for MDM as your MDM server in MTD console

You must add Ivanti Neurons for MDM as your Mobile Device Management (MDM) server in MTD Management Console to enable Ivanti Neurons for Mobile Threat Defense.

You will need to select the MDM custom attributes required to identify the MTD-enabled devices and to set the MTD threat level. In Ivanti Neurons MTD’s MES console, make the following selections:

• Use the following custom attribute to identify devices that should have Lookout for Work app activated - IvantiMTDEnrolled. Please note that the Data Type field needs to be set to Text.

• Custom attribute used to convey issue state level, if any - IvantiMTDThreatLevel. Please note that the Data Type field needs to be set to Text.

The relevant devices, and apps from Ivanti Neurons for MDM are shown in the MTD console.

Before you begin 

• Locate the user name and password for the MTD console tenant you received after purchasing Ivanti Neurons for Mobile Threat Defense Solution for MDM.
• Be sure you have assigned an API administrator with appropriate roles.

Procedure 

1. Log in to your MTD console with the credentials provided by Ivanti, Inc. The username and password defined for the Ivanti Neurons for Mobile Threat Defense administrator are required to establish communication with Ivanti Neurons for MDM and synchronize the two servers.

2. Navigate to Integrations.

3. Select Ivanti Neurons for MDM to add it to the MTD console as an MDM server.

4. In the Ivanti Neurons for MDM Connector Settings page, enter the following required information:

   Item	Description
   Label for this MDM connection	Enter a name for your MDM connection.
   Ivanti Neurons for MDM URL (required)	Enter the FQDN or externally accessible URL for your Ivanti Neurons for MDM in secure hypertext protocol (HTTPS). For example: https://na2.ivanti.com You may need to allowlist Ivanti Neurons MTD IP addresses to establish connectivity.
   Username/Password	Enter the API user name and password created earlier. The administrator user should be assigned several roles, including API, as described in MDM preconfigurations.

5. Select Create Integration. The Connector Settings page expands to include more sections.

6. In the Enrollment Management > Device Enrollment section, make the following selections:

   1. Move the slider to ON in the Automatically drive Lookout for Work enrollment on Ivanti Neurons for MDM managed devices field.

   2. Enter IvantiMTDEnrolled in the Use the following custom attribute to identify devices that should have Lookout for Work app activated field.

   3. Select the number of minutes in the How often should Lookout check for new devices field. Ivanti recommends the following sync intervals for optimal performance:

      • 10K MTD device deployments - use 15 minute sync intervals

      • 20K MTD device deployments - use 30 minute sync intervals

      • 50K MTD device deployments - use 90 minute sync intervals

   4. Move the slider to ON in the Treat devices which are removed from the enrollment custom attribute as unenrolled from Ivanti Nuerons for MDM field.

7. In the State Sync > Risk Status section, move the slider to ON in the Custom attribute use to convey issue state level, if any field. In the text field that displays, enter IvantiMTDThreatLevel. This tells Ivanti Neurons MTD the custom attribute to use to convey the device threat level to MDM. These threat levels are low, medium, or high.

8. In the Group Management section, accept the Default Group setting of the Automatically assign new devices to field.

9. Select Save Changes.

Whenever MDM information is removed from the MTD console, be sure to manually disable or remove the Ivanti Neurons for Mobile Threat Defense Activation configuration from Ivanti Neurons for MDM.