Android anti-phishing using Tunnel app

Once you have Enabling additional MTD anti-phishing protection for Android devices through the MTD threat management console, you will need to provision Android clients with the Tunnel app, to provide a VPN pathway. See Deploying Tunnel app to Android and Android Enterprise devices.

Deploying Tunnel app to Android and Android Enterprise devices

The Ivanti Tunnel application needs to be distributed in Ivanti MDM and the Ivanti Sentry Access configuration needs to be set up along with the Split DNS URL.

  • Ensure that private DNS is not configured if the administrator is going to use the Ivanti Tunnel for Android app to provide VPN and anti-phishing functionality. When Ivanti Tunnel for Android is running and private DNS is enabled on the device, the internet will be not be connected.

  • Ensure that Wi-Fi proxy is not configured if the administrator is going to use the Ivanti Tunnel for Android app to provide anti-phishing. If Wi-Fi proxy is configured, Ivanti Tunnel for Android will not receive any network traffic.

  • Ensure Tunnel version is 4.9 or above. If the Tunnel version is 4.8 or below, Tunnel cannot provide anti phishing. Mobile@Work cannot act as Proxy VPN if theTunnel app is present.

CORE

  1. From the Apps > App Catalog page, click Add+. A selection of public app catalog opens.

  2. Click Google Play.

  3. In the Application Name field, enter Tunnel app and click Search.

  4. From the available options, click Tunnel app and click Next.

  5. Click Next again.

  6. Click Finish.

  7. Apply the Tunnel app to labels to make it available to the devices with the label.

For more information about the App Catalog, see "Managing mobile apps for Android" in the Ivanti EPMM Apps@Work Guide.

Ivanti EPMM

  1. In the Ivanti EPMM portal, go to Apps >App Catalog.

  2. Find the app in the Google Play Store.

  3. Click the app entry.

  4. Accept permissions on behalf of Android Enterprise users.

  5. Click Next.

  6. Select a distribution option.

  7. Expand Advanced Options & App Configuration.

  8. Use the following guidelines to complete the options:

    Table 8.  Available app settings
    Setting Description
    Install on Device Select this option to start installation immediately after registration. The user will be prompted to confirm installation of the app except when the device is a Samsung Knox device and the silent installation option below has been selected.
    Do not show app in end user App Catalog Select this option if you do not want the user to see the app in the app catalog on the device.
    Silently install on Samsung Knox devices Select this option if you do not want the user prompted to confirm installation on Samsung Knox devices.
    Set App Install Priority For Android Enterprise apps you can prioritize downloading of specific apps before other apps. For example, you can prioritize the download of Tunnel and Email apps before other noncritical apps. The following are the available priority level options:
    • High This setting is for critical or high-priority apps.
    • Medium (selected by default)
    • Low This setting is applicable for In-House, Public, Private and Web apps. The in-house apps are installed via the client and the public and private are installed via Google. The app priority is applied only to those apps that are installed via the same channel.
    Install only when connected to Wi-Fi Select this option to install the app only when the device is connected to the Wi- Fi.
    Install only when charging Select this option to install the app only when the charging of the device is in progress.
    Install only when idle Select this option to install the app only when the device is in idle (not actively used by the user).

  9. Click Next.

  10. Select a promotion option.

  11. Click Done.

To complete Android anti-phishing for Android Enterprise clients, continue to Creating an Ivanti Tunnel app configuration for AE devices.

Related topics