Limitations

• AW-66674: MTD functionality is limited for User Enrolled devices. MTD Anti-Phishing VPN and sinkhole local actions are not supported.

  Workaround: None.

• AIOS-6229: On iOS 16.0 versions, phishing URL's are not blocked after the Go for iOS upgrade.

  Workaround: Upon rebooting the device, phishing URLs are successfully blocked.

• ACP-12597: On Samsung devices with OS v7, the Threat card in MTD was taking too long to display and the back button was not returning device user to the Go for Android client Home page. Additionally, the Phishing scan worked intermittently.

  Workaround: None.

Android limitations

• TA-1488: Some URLs are not being blocked (as expected) in the client when they are added to the Access Control List (ACL).
• TA-1476: After Tunnel with MTD is installed, the blocking of phishing websites can take between 5 and 20 minutes to become active.
  Workaround: Toggle the Tunnel VPN off and back on to start anti-phishing working immediately.
• TA-1462: When Tunnel is configured for MTD only (without Sentry or Access), blocked phishing URL notifications sometimes do not display as expected.

iOS limitations

• AIOS-5791: MTD Local Action policies allow you to customize the message that goes out to your users when a threat is detected and action is taken. There is also a default message for each threat type, in the event there is no custom message. Due to a Zimperium limitation, a customized local action message can only be received by a device that registered after the local action notification text was added. Existing clients (registered before the custom text was added) receive the default notification text.

• AIOS-5528: When pushing policy changes from the MTD console to devices, expect a delay of one to two hours for the changes to take effect. This is due to vendor limitations. Ivanti is tracking the issue.

• AIOS-5520: When an iOS client user tries to access a risky URL on their MTD-enabled device, a notification appears, explaining the potential risk. The message asks the user to select either Go Back or Allow this Link. Due to a vendor limitation, the Allow this Link option continues to block access to the risky URL. Ivanti is tracking the issue.

• AIOS-5458: Due to limitations in the Zimperium Application Programming Interface (API), some features in the MTD management portal (also known as the zConsole) are not yet supported. Ivanti is tracking the issue.

• AW-58499: Managed Android apps distributed to a device quarantined by a local Mobile Threat Defense (MTD) action are reinstalling during quarantine. Ivanti is working with the vendor to resolve the problem.

• AIOS-5355: Due to an MTD console vendor limitation, threat detection strings are not localized into Hungarian or Swedish languages when the Custom Notification option is enabled in the MTD Local Action configuration.
  Workaround: Disable Custom Notification to localize the strings.

• ACP-11779: If Enable Phishing Protection and Activate zIPS for VPN is enabled (checked), and Phishing threats are enabled on the MTD console, device users may see an unnecessary pop-up message requesting a VPN connection during enrollment. To avoid this limitation, administrators should take the following actions before upgrades and new registrations: From the MTD console Phishing Policy page:

  1. Disable (uncheck) Enable Phishing Protection and Activate zIPS for VPN.
  2. Enable (check) Enable Phishing Protection and activate zIPS URL sharing.
  3. Enable (check) Enable content inspection on remote server. Should the pop-up appear, device users should select OK to proceed.