Devices

The Devices tab lists all organization-protected devices without filters. From this tab, you can add new devices, edit, import and export their details, and remove devices.

Note - For environments equipped with a Harmony Mobile Connector and with PII decryption enabled, an icon reflecting the status of the Connector appears on the top-right corner of the Devices screen.

The Devices table shows:

Item

Description

ID

A unique ID generated for each device upon installation of the Harmony Mobile Protect App. The system uses it as a reference to the device (instead of the device actual details for privacy).

You can click device IDs that require attention to view the Events & Alerts page filtered for the device.

Name

(Device Owner)

Device name given by the administrator when you send the registration link (or by UEMClosed Unified Endpoint Management. An architecture and approach that controls different types of devices such as computers, smartphones and IoT devices from a centralized command point., if used for deployment).

Email

The email address registered to the device.

When a new device is added, the system sends an email to the email address defined in the registration wizard. Any user logged in to a device using this email address receives a registration request and are directed to download the App from the Google Play Store (for Android) or the Apple App Store (for iOS).

Note - The registration email is a one-time registration code. If the same email address is used for more than one device, only the first device that installs the App will be successfully registered. To register additional devices, you must send a new registration email to each one.

Device Number

The phone number of the device. It is configured by the administrator or set in UEM during the app installation link creation.

This field is optional and is used only for identifying the device; it is not used by the system.

OS

The mobile device's operation system, based on the information received during Protect App installation. Values include:

  • iOS

  • Android

  • Android Enterprise

Device Details

Shows mobile device details such as device manufacturer and model, based on the information received post Protect App installation.

OS Version

OS Version on the mobile device, based on the information received post Protect App installation.

Installed Patch

The security patch version installed on the Android device.

Client Version

The Harmony Mobile Protect App version currently installed on the mobile device.

Status

Displays the current status of the device:

  • Processing – A temporary state between manually adding the device and the Registration Invitation has been sent.

  • User Notified – The registration invitation has been sent, but the device is not yet registered.

  • Provisioned – The device was added via UEM but has not completed registration.

  • ActiveHarmony Mobile Protect App is installed, the device was successfully registered and has been scanned.

  • InactiveHarmony Mobile Protect App was installed and the device was registered, but the app was later removed, or the device has not connected to the dashboard for more than X days.

Last Seen

Indicates one of these:

  • Last time when the device contacted the Harmony Mobile server to check for updates. This occurs twice every 24 hours.

  • Last time when the user initiated a full scan from the Harmony Mobile Protect App on the device.

Notes -

  • Last time when the traffic, application, or a web page was blocked by the Harmony Mobile Protect App is not recorded under Last Seen.

  • Devices with the Last Seen duration over two days require your attention.

Member of

The device groups to which the device is added.

Device groups imported from UEM are labeled with the UEM logo.

Policy

Policy enforced on the device.

Note - To verify whether the latest policy is enforced on the mobile device, check the time stamp of the last policy update on the Harmony Mobile Protect App:

  • In Android devices, tap the three dots > Settings > About.

  • In iOS devices, tap the three dots > About > Policy.

UEM

UEM that manages the device.

Adding a New Device

Overview

You can register devices in the dashboard by:

  • Sending an invitation email from the Devices tab.

    The system sends the invitation to the registered email address that users must access from their device. To customize the email content, see Configuring Email and SMS Templates.

    • For iOS devices - Users are redirected to install the Harmony Mobile Protect App from the App Store or to download the Enterprise signed App from the dashboard, based on the dashboard settings configured by Check Point. After installation, users must do the following to activate the app:

      1. Download iOS agent from the dashboard.

      2. Trust the Enterprise app.

      3. Enter the server details and registration code from the registration email.

      For more information, see Harmony Mobile Protect app for iOS User Guide.

    • For Android devices - Users are redirected to Google Play Store to download the Harmony Mobile Protect App. The system automatically enters all registration information when using the download link in the email from the device.

      For more information, see Harmony Mobile Protect app for Android User Guide.

  • Adding devices through UEMs. For more information, refer to the specific UEM in the Harmony Mobile UEM Integration Guide.

Note - Harmony Mobile Protect App requires certain permissions for the Harmony Mobile solution to operate on the end-user device. For more information, see Appendix D - Permissions for Harmony Mobile Protect App.

Procedure

  1. Go to DevicesNew and click Add new device.

    The New Device window appears.

  2. Do these:

    • In the Name field, enter the device name.

    • In the Email field, enter the email address of the device owner.

    • In the Phone number field, enter the phone number of the device owner.

    • In the Group field, enter the device groups to which you want to add the device.

  3. Click Add.

  4. The system sends an email with the registration details and instructions to install the Harmony Mobile Protect App.

    When the device is added to the dashboard, an entry appears in the Devices table with a unique device ID. The device status is displayed as User Notified until the Harmony Mobile Protect App is installed and the device has communicated with the dashboard.

    When the App is successfully installed and run from the device, the registration screen appears.

    If the registration is successful, the app performs a full device scan automatically. If no malware or malicious configurations are found, the app status appears in green. If the communication with the dashboard is successful, the device entry changes from User Notified to Active, and the device details gets updated.

  1. To import devices in bulk from a CSV file, click Import from file.

    Important - CSV file format requirements:

    • The file must have a header row in this format:

      name,email,number,group,send_reg_email,send_reg_sms

    • Mandatory fields:

      • name

      • email

      • send_reg_email

      • send_reg_sms

    • If send_reg_sms is defined as TRUE, you must provide a phone number.

    • Use uppercase for TRUE/FALSE

    • For the group field, no need to add the All group in the CSV file as the system adds it automatically. Add only the required additional groups.

     

    Sample CSV template:

    name,email,number,group,send_reg_email,send_reg_sms

    John Smith,John@checkpoint.com,+123,,TRUE,TRUE

    Adam Smith,Adam@checkpoint.com,,Test-Group,TRUE,FALSE

  2. Select the file and click OK.

    The system imports the device details to the Devices table.

Adding a Device Group

You can assign devices to appropriate device group when you add them to the system. You can also assign a group to the existing device.

To add a device group:

  1. Go to Devices > Groups.

  2. In the Manage Groups window, click .

  3. Enter the Name of the group and select the Parent group.

  1. Click Save.

Devices and device groups are imported from the Device Management platform during the integration.

Viewing Connected UEMs

The Connected UEMs option allows you to view the sync status of the UEMs integrated with your tenant.

To view the connected UEMs:

  1. Go to DevicesConnected UEM.

    The system shows a log of UEM syncs.

  2. To force an immediate device sync without waiting for the next auto sync cycle, click and then Sync now.

  3. To temporarily stop or resume the device sync process, click and then click Pause or Resume.

More Actions to Manage Devices

Go to Devices and click More actions.

Editing a Device

  1. Select the device and click More actions > Edit.

    The Edit Device window appears.

  2. Enter the required details and click Apply.

Generating a Registration Code to Enroll a New Device

  1. Select the device and click More actions > Registration code.

    The Registration Code window appears.

  2. Access the Registration URL or scan the QR code on your mobile device.

  3. Click OK.

Renewing an Existing Device

The Renew option allows you to renew a device. It deletes a device, automatically adds the same device and send the registration information to the user, all in one click.

To renew a device:

  1. Select the device and click More actions > Renew.

    The confirmation window appears.

  2. Select the method to send registration information to the user and then click Yes.

    The system deletes the device, automatically adds the device in the Harmony Mobile Administrator Portal with Status as User Notified and sends the registration information to the user.

Resending Activation Information to Provisioned Devices

  1. Select the device and click More actions > Resend Activation.

    The Resend Activation window appears.

  2. Select the method to send registration information to the user and then click Yes.

    The system sends the registration information to the user.

Adding/Removing Devices in a Device Group

Note - This procedure applies only to groups and devices added locally in the Harmony Mobile Administrator Portal.

  1. In the Devices table, select the devices you want to add or remove.

  2. Click More actions > Assign or remove devices from group.

    The Add / Remove Devices From Group window appears.

  3. Select the device group and the required action.

  4. Click Save.

Exporting Devices Information

  1. In the Devices table, select the devices you want to export.

  2. Click More actions > Export.

    The Export Devices window appears.

  3. Click Export.

    The system generates and downloads a CSV file with the device information.

    If the number of devices exceeds 10,000, processing the data may take time. So the export is performed offline and an email is sent to the registered address with the link to download the CSV file. The link is valid for 7 days. For privacy reasons, PII data is obfuscated in the CSV file.

  4. Click Done.

Deleting a Device

  1. In the Devices table, select the devices you want to delete.

  2. Click More actions > Delete.

    The confirmation window appears.

  3. Click Yes.

    The system deletes the devices from the Harmony Mobile Administrator Portal.

Sending Notification to Devices

00:00: 00:05: Using Harmony mobile administrator portal administrators can quickly 00:09: send notifications to users mobile devices about critical updates 00:13: such as a security threat this video shows how to 00:17: send notifications to mobile devices from the harmony mobile administrator 00:21: portal. 00:23: Log in to checkpoint Infinity Portal and access Harmony mobile. 00:27: Go to the devices Tab and select the devices. 00:30: From the more actions drop down select send notification to devices. 00:35: In the send notification to devices pop-up that appears enter the message 00:39: title and text for example, alerting about a new attack campaign customize 00:44: the settings as required. 00:46: And then click Send. 00:49: Now the end user receives the notification on the mobile device. 00:59:

Note - You can send notifications only to devices with Status as Active.

  1. Select the devices from the Devices table.

  2. Click More actions > Send notification to devices.

    The Send Notification to Devices window appears.

  3. To send the notification to specific devices, from the Devices list, select the devices.

  4. To send the notification to devices in a device group, from the Groups list, select the device group(s).

  5. In the Title field, enter a title for the notification.

  6. In the Content field, enter the message you want to notify the user.

  7. Click Send.

    The system sends the notification to the selected device/device groups.

    Note - Due to limitations with Android and iOS, Check Point cannot guarantee that notifications will be received or read on mobile devices.

Filtering Devices

To filter the Devices table:

  1. Click above the Devices table.

  2. On the Filters pane on the right side, select the required filters.

    The Devices table shows information based on the selected filters.