Phishing and Content Protection (PCP)

In the MTD Management Console, you can enable Phishing & Content Protection to MTD-enabled iOS and Android devices. This feature protects your fleet’s devices from unwanted content by analyzing network traffic from installed apps and web browsing. You can configure different Phishing and Content Protection settings for each group in your organization.

Before you begin 

Review any relevant information in MDM preconfigurations.

Enabling phishing and content protection

Procedure 

  1. Log into the MTD Management Console.
  2. From the menu, select the Protections option.
  3. Select your device group.

  4. Select Phishing and Content Protection.

  5. At the top of the page, in Manage Settings, select the Default settings or device group settings. TIP: Configure the Default settings first, and then make the device groups inherit from the Default settings. Alternately, configure Default settings specifically for each device group.

  6. In Enable Phishing and Contention Protection, move the slider to ON.

  7. Select Secure DNS.

  8. Do not select the On-device VPN check box. Select Save Changes.

  9. Keep Make Phishing and Content Protection mandatory disabled.
  10. The Configure content policies link should be selected to enable the Web and Content threats.
  11. Set the Risk Level to High, Medium, or Low.
  12. Ensure the Response is set to Block and alert Device

  13. Set up your Secure DNS Corporate Domain Skip List.

  14. Set up your Allowlisted Content.

  15. Set up your Denylisted Content.

  16. For Android devices, configure threat protection policies so that the threat "PCP Disabled" is not enabled.

  17. Select Save Changesto distribute the phishing protection policy to the selected device group. For clients, Anti-Phishing is enabled.

PCP disabled threats for iOS devices

There can be certain scenarios where your device user might receive a threat advising that the Phishing and Content Protection is not active. Refer to the table below for how to troubleshoot the issue.

Table 8.  Troubleshooting disabled threats
Scenario State of device

PCP disabled threat displayed on MTD console & device

Status in MTD console: PCP

Status in MTD console: Secure DNS
1 Anti-Phishing configuration has been pushed to the device, the client has been launched, DNS profile selected is not Ivanti Neurons MTD

Threat is displayed

Disabled

Disabled
2 DNS profile installed and selected.

Threat is resolved from Scenario 1.

Enabled

Enabled
3 Anti-Phishing configuration has been removed from the device.

Threat is displayed.

Disabled

Disabled
4

Anti-Phishing configuration has been re-pushed to the device, the DNS profile installed and selected from Scenario 3.

Threat is resolved from Scenario 3.

Enabled

Enabled

If you remove the anti-phishing configuration (see Enabling MTD Anti-Phishing protection in MDM), then you must also disable the threat in the MES console. If this is not done, then the PCP Disabled threat will continue to trigger.