MTD limitations

MTD Limitations tracks issues with MTD that are dependent upon our MTD threat management console vendor. These are cumulative release notes. If a release does not appear in this section, then there are no associated limitations.

  • TA-1488: Some URLs are not being blocked as expected, when added to the Access Control List (ACL).

  • TA-1476: After Tunnel with MTD is installed, the blocking of phishing websites can take between 5 and 20 minutes to become active.

    Workaround: Toggle the Tunnel VPN off and back on to start anti-phishing working immediately.

  • TA-1462: When Tunnel is configured for MTD only (without Sentry or Access), blocked phishing URL notifications sometimes do not display as expected.

  • AIOS-5528: When pushing policy changes from the MTD console to devices, expect a delay of one to two hours for the changes to take effect. This is due to vendor limitations. Ivanti is tracking the issue.

  • AIOS-5520: When an iOS client user tries to access a risky URL on their MTD-enabled device, a notification appears, explaining the potential risk. The message asks the user to select either Go Back or Allow this Link. Due to a vendor limitation, the Allow this Link option continues to block access to the risky URL. Ivanti is tracking the issue.

  • AIOS-5458: Due to limitations in the Zimperium Application Programming Interface (API), some features in the MTD management portal (also known as the zConsole) are not yet supported. Ivanti is tracking the issue.

  • AW-58499: Managed Android apps distributed to a device quarantined by a local Mobile Threat Defense (MTD) action are reinstalling during quarantine. Ivanti is working with the vendor to resolve the problem.

  • AIOS-5355: Due to an MTD console vendor limitation, threat detection strings are not localized into Hungarian or Swedish languages when the Custom Notification option is enabled in the MTD Local Action configuration.
    Workaround    : Disable Custom Notification to localize the strings.

  • ACP-11779: If Enable Phishing Protection and Activate zIPS for VPN is enabled (checked), and Phishing threats are enabled on the MTD console, device users may see an unnecessary pop-up message requesting a VPN connection during enrollment. To avoid this limitation, administrators should take the following actions before upgrades and new registrations: From the MTD console Phishing Policy page:

    1. Disable (uncheck) Enable Phishing Protection and Activate zIPS for VPN.
    2. Enable (check) Enable Phishing Protection and activate zIPS URL sharing.
    3. Enable (check) Enable content inspection on remote server. Should the pop-up appear, device users should select OK to proceed.