Advanced phishing protection for managed devices

In Cloud 74 and supported newer versions, you can enable MTD console advanced phishing protection to MTD-enabled iOS and Android devices without any client user action. This tool provides full coverage against risky URLs through an automatically-enabled VPN.

Before you begin 

Review any relevant information in Setting up the MTD threat management console and Appendix A: MTD portal integration - IP addresses.

The private IP address 10.0.1.100 is assigned to iPhones and iPads for the MTD anti-phishing on-demand VPN.

Enable MTD console anti-phishing VPN

Procedure 

  1. Log into MTD console.
  2. Click the Policy tab.

  3. From the Policy page, click Phishing & Web Content Policy. The Phishing Protection and Web Content Filtering page displays.

    Figure 1. MTD console Phishing & Web Content Policy page

  4. In the Selected Group field, select the group to receive phishing protection.

  5. Select from the following options:

    • Enable phishing protection and activate zIPS URL sharing – Enabled by default. Check this option to enable MTD console phishing protection.

      Users who launch a device-level VPN app such as PulseSecure or GlobalProtect from their device will disconnect the MTD anti-phishing VPN, which disables the anti-phishing solution on the device. The device user must navigate back to Settings > VPN settings and re-select MobileIron anti-phishing VPN to re-enable anti-phishing protection.

    • Local VPN for Phishing

      • Enable phishing protection and activate zIPS local VPN – Enabled by default. Check this option to enable a local phishing VPN.

      • Allow user control – Disabled by default. This option cannot be enabled.

      • Block detected phishing URLs – Enabled by default. Check this option to block phishing URLs when they are detected on a device.

        Do not disable Phishing Policy option "Block detected phishing URLs." If disabled, users will see a non-working notification.

    • Enable content inspection on remote server - Disabled by default. This option allows the MTD console to access a much larger database of blacklisted sites than the sites available on the device, providing multilevel protection.

  6. Click Deploy to distribute the phishing protection policy to the selected device group. For iOS clients, anti-phishing is enabled.

  7. For Android clients, proceed to Android anti-phishing using Tunnel app.