Applying the Harmony Mobile Protect app Configuration and Policy Enforcement

If the user’s device is determined to be at risk because of a malicious app or malicious activity, the Harmony Mobile system notifies the user by sending the in-app notifications, and also updates the risk state by setting the appropriate risk_level extension attribute to MobileIron Cloud for the device. This device must be added automatically to the Device Group with the criteria of an extension attribute. Also, MobileIron Cloud must have a Configuration Profile that can apply a policy on a Mobile Device Group.

For example, an Administrator is blacklisting a Waze app. As a result, all the devices with Waze is identified as devices at High Risk (“risk_level”=”CHKP_Risk_High”). The Harmony Mobile Dashboard notifies the user and mark the device with “risk_level” set to ”CHKP_Risk_High” in MobileIron Cloud. This adds the device to the Smart Mobile Device Group “CHKP_Risk_High”. Then the MobileIron Cloud system enforces policy actions specified in the Configuration Profile. This mitigation process is described in Configuring Integration Settings.

Deploying the Harmony Mobile Protect app on the Devices

With the deployment settings for Harmony Mobile Protect app for iOS configured in section Configuring Integration Settings, the App is automatically deployed to the devices that belong to the defined groups (See Configuring the Check Point Harmony Mobile Dashboard Integration Settings).

Note - It can take up to 10 minutes for MobileIron Cloud to sync with the Harmony Mobile Dashboard, and several more minutes for MobileIron Cloud to push the App to the user device.

After you register your device in the MobileIron Cloud and attach it to the defined groups, the system prompts the user to install the Harmony Mobile Protect app.

Procedure for the User:

1. Register your device.

   • iOS Device

     1. Tap INSTALL on the Harmony Mobile Protect app.

        The Protect app is deployed on the iOS Device.

     2. Launch the Protect app to finish the registration.

        MobileIron Cloud system automatically configures the registration server and the key in the Protect app.

     3. Follow the on-screen instructions to enable Notifications, Location, and Network Security.

        Example:

        

        

        

     4. Tap Allow to allow Harmony Mobile Protect app to add the needed VPN Configuration profile, when On-device Network protection is enabled.

   • Android Device

     1. Tap on the Harmony Mobile Protect app in the Google Play Store.

     2. Tap Install > Accept on the Harmony Mobile Protect app to accept the permissions of the App.

        The App is installed.

     3. Launch the App to finish its deployment and registration to Check Point Harmony Mobile.

        The Harmony Mobile Protect app is automatically registered.

2. The Harmony Mobile Protect app scans the system.

   Example:

   

   

3. Tap Continue

4. Enable security settings Allow all required permissions

5. Tap Enable

The registration server and the key are automatically configured in the App by the MobileIron Cloud system. See Configuring the Check Point Harmony Mobile Dashboard Integration Settings.