Integration with Partner Supported UEMs

Partner supported UEMs are the UEMs that support integration with Mobile Security and tested by the partner. This chapter describes the configuration steps in Mobile Security Administrator Portal to enable the integration with the following partner supported UEMs:

• mdport solution

• SevenPrinciples (7P)

• Essentials MDM Mobile Device Manager. A security software that enable organizations to implement policies that secure, monitor, and manage end-user mobile devices. (Techstep/FAMOC)

• Hexnode

• ManageEngine

• Scalefusion

• Codeproof

Notes - If your UEM Unified Endpoint Management. An architecture and approach that controls different types of devices such as computers, smartphones and IoT devices from a centralized command point. is not listed, select a UEM from the above list and proceed. To add a new partner supported UEM (with logo) to the list, integrate it with the Harmony Mobile External API and contact Check Point Support.

Configuring the UEM in the Mobile Security Administrator Portal

Note - To integrate ManageEngine UEM, you can skip the procedure below and refer this link.

1. Log in to Check Point Portal and access the Mobile Security Administrator Portal.

2. Go to Settings > Integrations.

3. To create a new integration, click +Add > UEMs.

   

   The integration wizard appears.

4. From the UEMs list, select the UEM you want to integrate and click Next.

   For example, hexnode.

   

5. In the Server Details screen, do these:

   • Display Name: Enter a name for your service.

   • Server Address: Enter the server address of your UEM portal.

   • Username: Enter the username generated in the UEM portal.

   • Password: Enter the password in the UEM portal.

     Notes - Only basic authentication is supported. Mobile Security uses the Username and the Password as credentials to make the http request to the UEM.

     

     Using Connector (Optional)

     You can configure Mobile Security Connector when the UEM is on-premises and has no direct access from the Mobile Security cloud. For more information, see Mobile Security Connector Installation Guide.

6. Click Verify and Next.

7. In the Synchronization screen, select the device groups in the UEM that you want to integrate with Mobile Security. The system automatically populates the device group list.

   

8. In the Advanced settings:

   1. Select the Personally Identifiable Information (PII) you want to import. The supported options are:

      • Device name

      • Device number

      • Device email

   2. Set the synchronization intervals:

      Setting	Description	Values
      Device sync interval	Time interval to connect with UEM to sync devices.	30-1440 minutes, in 10 minutes interval.
      Device deletion threshold	Percentage of devices allowed for deletion after UEM device sync.	0-100% Note - Use 100% for no threshold. 100% value is recommended for: Evaluation/test usage - When you are adding a small amount of devices. Planned bulk deletion of devices from the UEM (see sk184319). After the devices are deleted from the Mobile Security Admin Portal, set it back to a safer value (such as 5–10%) to prevent accidental mass deletions in the future.
      Device deletion after	The number of failed sync attempts after which the device is deleted from the Harmony Mobile Administrator Portal.	Value specified by the UEM Administrator.
      App sync interval	Time interval to connect with UEM to sync applications.	10-1440 minutes, in 10 minutes intervals.

9. Click Verify and Next.

10. In the Tagging screen, select the tag information to send to the UEM, to communicate the deployment status of Harmony Mobile Protect app and the risk level of the device. Supported values are:

    • Tag device status: The device status in Harmony Mobile Protect app.

    • Tag device risk: The device risk level in Harmony Mobile Protect app.

    

11. Click Verify and Next.

12. In the Deployment screen, click Finish.

    This completes the Mobile Security integration with the UEM and the UEM pane appears in the Integrations screen.

13. To view the integrated UEM settings, select the UEM pane and click the i icon.

    

    It shows:

    • UEM Server - The latest server configuration status.

    • Device Sync Status - The synchronized groups and the device sync status time stamp.

    • App Sync Status - The last time applications were fetched from the UEM (Applicable for iOS deployment only).

    • Tagging- Tagging Configuration and Tagging Status.

    • Deployment - Deployment Configuration and Deployment Status.

14. To manage the UEM settings, click the 3 dots in the UEM pane:

    

    1. To edit the UEM settings, click Edit.

    2. To force an immediate device sync without waiting for the next auto sync cycle, click Sync Now.

    3. To temporarily stop the device sync process, click Pause. To resume, click Resume.

    4. To remove the integration settings. click Remove.

Configuring UEM to Deploy the Harmony Mobile Protect App

To configure the UEM, refer the UEM documentation or contact your UEM vendor.