Introduction to Mobile Security

Check Point Mobile Security (formerly Harmony Mobile) is the most complete threat defense solution designed to prevent emerging fifth generation cyber-attacks and allows workers to safely conduct business. Its technology protects against threats to the OS, applications, and network, scoring the industry’s highest threat catch rate without impacting performance or user experience.

Mobile Security delivers threat prevention technology that:

• Performs advanced app analysis to detect known and unknown threats

• Prevents man-in-the-middle attacks on both cellular and WiFi networks

• Blocks phishing attacks on all apps: email, messaging, social media

• Prevents infected devices from sending sensitive data to botnets

• Blocks infected devices from accessing corporate applications and data

• Mitigates threats without relying on user action or mobile management platforms

Mobile Security uses a variety of patent-pending algorithms and detection techniques to identify mobile device risks, and triggers appropriate defense responses that protect business and personal data.

The Mobile Security solution ("the Solution") includes these components:

• Mobile Security Behavioral Risk Engine ("the Engine")

• Mobile Security Gateway ("the Gateway")

• Mobile Security Management Dashboard ("the Dashboard")

• Harmony Mobile Protect app ("the App") for iOS and Android

Solution Architecture

	Component	Description
1	Harmony Mobile Protect app	The Harmony Mobile Protect app is a lightweight app for iOS® and Android™ that protects the device and helps analyze threats to devices in the Enterprise environment. It monitors operating systems device configurations, apps behavior and network connections and provides data to the solution which it uses to identify suspicious or malicious behavior. To protect user privacy, the App examines critical risk indicators found in the anonymized data it collects. The App performs some analysis on the device while resource-intensive analysis is performed in the cloud. This approach minimizes impact on device performance and battery life without changing the end-user experience.
2	UEM	Unified Endpoint Management (generalized term replacing MDM Mobile Device Manager. A security software that enable organizations to implement policies that secure, monitor, and manage end-user mobile devices./EMM Enterprise Mobility Management. A set of tools and processes to secure and manage company-owned or employee-owned (BYOD) devices irrespective of their locations.). Device Management and Policy Enforcement System. The UEM Unified Endpoint Management. An architecture and approach that controls different types of devices such as computers, smartphones and IoT devices from a centralized command point. option enables you to integrate Mobile Security to a generic unsupported UEM, or to any of these supported UEMs: Workspace ONE (Formerly AirWatch UEM) Microsoft Intune MobileIron Core IBM MaaS360 Citrix Endpoint Management (Formerly XenMobile) MobileIron Cloud BlackBerry UEM On-Premises Jamf Pro Google Cloud Samsung Knox Manage / Samsung SDS EMM SOTI MobiControl For more information on how to integrate the Mobile Security solution with different UEMs, see Mobile Security UEM Integration Guide.
3	Mobile Security Gateway	The cloud-based Check Point Mobile Security Gateway is a multi-tenant architecture to which mobile devices are registered. The Gateway handles all Solution communications with enrolled mobile devices and with the customer’s (organization’s) Dashboard instance. No Personal Information is processed by or stored in the Gateway.
4	Mobile Security Management Dashboard	The cloud-based web-UI Mobile Security Management Dashboard is hosted in the Check Point Portal and is configured as a per-customer instance. It enables administration, provisioning, and monitoring of devices, security policies Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection., events, alerts and mobile forensics The Dashboard can be integrated with an existing Unified Endpoint Management (UEM) solution for automated policy enforcement on devices at risk.
5	Behavioral Risk Engine	The cloud-based Mobile Security Behavioral Risk Engine (BRE Behavioral Risk Engine) uses data it receives from the App about network, configuration, and operating system integrity data, and information about installed apps to perform in-depth mobile threat analysis. The Engine uses this data to detect and analyze suspicious activity, and produces a risk score based on the threat type and severity. The risk score determines if and what automatic mitigation action is needed to keep a device and its data protected. No Personal Information is processed by or stored in the Engine.
6	ThreatCloud	Check Point’s ThreatCloud is the world largest Indicators of Compromise (IoC) database that incorporates real-time threat intelligence from hundreds of thousand Check Point gateways and from millions of endpoints across the globe. ThreatCloud powers the Anti-Phishing, Safe Browsing, URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF. and Anti-bot technologies for Mobile Security on-device Network Protection. ThreatCloud exchanges threat intelligence with the Behavioral Risk Engine for app analysis.

Supported Operating Systems (OS)

Mobile Security is supported on these mobile OS versions:

• Android - Version 11.x or higher.

• iOS/iPadOS - Version 15.x or higher.

Notes: If the Harmony Mobile Protect app is not available in your local Google Play Store, you can download the APK from this link. Harmony Mobile Protect app is also supported on Android tablets and iPads but it cannot scan or share verdicts for applications exclusive to tablets/iPads.

Supported Languages

Harmony Mobile Protect app supports the following languages:

• Simplified Chinese

• Traditional Chinese

• Dutch

• English

• Finnish (Android only)

• French

• German

• Italian

• Japanese

• Norwegian

• Polish

• Portuguese

• Portuguese (Brazil)

• Russian

• Spanish

• Turkish

Note - To select the language in the Mobile Security Administrator Portal user interface, go to the user Profile Settings.

API Reference

Harmony Mobile API allows you to view and configure users, devices, device groups, connect to UEMs, retrieve security events from third-parties and so on, using REST API calls.

To access Harmony Mobile API:

1. Go to https://sc1.checkpoint.com/documents/latest/api_reference/index.html#

2. Click Harmony.

3. In the Harmony Mobile API widget, click Open.

Note - To view and configure your tenants, users, services and licenses in the Check Point Portal, go to Infinity Portal API.