Applying the Harmony Mobile Protect app Configuration and Policy Enforcement

If the user’s device is determined to be at risk because of a malicious app or malicious activity, the Harmony Mobile system notifies the User by sending the in-app notifications, and also updates the risk state by setting the appropriate risk_level extension attribute to MobileIron UEMClosed Unified Endpoint Management. An architecture and approach that controls different types of devices such as computers, smartphones and IoT devices from a centralized command point. for the device. This device must be added automatically to a Smart Mobile Device Group, with the criteria of an extension attribute. Also, MobileIron UEM must have a Configuration Profile that can apply a policy on a Mobile Device Group.

For example, an Administrator is blacklisting a Waze app. As a result, all the devices with Waze is identified as devices at High Risk (“risk_level”=”CHKP_Risk_High”). The Harmony Mobile Dashboard notifies the user and mark the device with “risk_level” set to ”CHKP_Risk_High” in MobileIron UEM. This adds the device to the Smart Mobile Device Group “CHKP_Risk_High”. Then the MobileIron UEM system enforces policy actions specified in the Configuration Profile. This Creating a Mitigation Process process is described in Preparing UEM Platform for Integration and in Configuring UEM to Deploy the Harmony Mobile Protect app.

Deploying the Harmony Mobile Protect app on the Devices

With the deployment settings for Harmony Mobile Protect app for iOS configured in section iOS App Deployment Configuration, the App is automatically deployed to the devices that belong to the defined groups (see Configuring UEM to Deploy the Harmony Mobile Protect app).

Note - It can take up to 10 minutes for MobileIron Core to sync with the Harmony Mobile Dashboard, and several more minutes for MobileIron Core to push the App to the user device.

After you register your device in the MobileIron Core and attach it to the defined groups, the system prompts the user to install the Harmony Mobile Protect app.

Procedure for the User:

Register your device.

  • iOS Device

    1. Tap INSTALL on the Harmony Mobile Protect app.

      The Protect app is deployed on the iOS Device.

    2. Launch the Protect app to finish the registration.

      MobileIron Core system automatically configures the registration server and the key in the Protect app.

    3. Follow the on-screen instructions to enable Notifications, Location, and Network Security.

    4. Tap Allow to allow Harmony Mobile Protect app to add the needed VPN Configuration profile, when On-device Network protection is enabled.

      5. The Harmony Mobile Protect app scans the system. See the state of the device on the display.

  • Android Device

    1. Tap on the Harmony Mobile Protect app in the managed Google Play Store.

    2. Tap INSTALL > ACCEPT on the Harmony Mobile Protect app to accept the permissions of the App.

    3. Launch the App to finish its deployment and registration to Check Point Harmony Mobile.

      The Harmony Mobile Protect app is automatically registered.

    4. Follow the on-screen instructions to allow the Harmony Mobile Protect app make these permissions on the device:

      • Turn on Location, Notifications, and Network Protection features.

      • Configure a VPN connection. This is necessary to enable the Network Security Protection features of Safe Browsing and Anti-Phishing.

      • The Harmony Mobile Protect app scans the system. See the state of the device on the display.

      Example:

The registration server and the key are automatically configured in the App by the MobileIron UEM system. See Configuring UEM to Deploy the Harmony Mobile Protect app