Mobile Threat Defense Deployment Process
To get started with Mobile Threat Protection, you need to perform a number of steps, including deployment of the mobile infrastructure and the creation of security policies for your mobile protection.
To deploy and use Mobile Threat Protection, use these steps as needed:
Step |
Description |
---|---|
Deploy the Mobile infrastructure |
Cybereason Technical Operations and Technical Support, in coordination with the Jamf team, deploy the necessary infrastructure as part of your Cybereason platform to enable you to use Mobile Threat Protection. |
Understand your device distribution and select a deployment mode |
Understand the types of devices you have in your organization and your supervision needs. |
Activation profiles instruct Cybereason Mobile how to deploy sensors and the required deployment mode on each sensor. Create one or more of these profiles to ensure all mobile devices deploy correctly with the required settings and connect with your Cybereason Mobile instance. |
|
To manage your device integration and deployment, you must use a UEM/MDM platform. The integration configuration requires steps on both the UEM/MDM platform side and the Cybereason Mobile side. |
|
Deploy to devices of all types. |
|
Depending on your deployment mode, Mobile Threat Defense detects different types of threats. Select the threat level and automatic remediation option. |
|
If you do not use a UEM/MDM, you can create device groups to help manage various settings for your devices. |
|
After you create groups, you monitor and manage these groups. |
|
Use your Mobile Threat Defense reports to understand device behavior around Private Access, detected threats, and data policy usage. |
|
Perform administration tasks to use your RADAR portal in your Mobile Threat Defense instance. |
|
You can use identity providers to manage access to your Mobile Threat Defense instance or various applications and services. |
|
Data streams enable you to export network traffic events and threat evnets over a CEF encoded syslog or JSON HTTP events to review and analyze this data in other platforms. |
|
You can define various gateways to define access to the Internet or applications/services. |
|
Add Custom DNS zones for internal domains and to provide an internal response for your devices even outside your organization’s network. |
|
As needed, remove devices from your Mobile Threat Defense instance. |
|
Add custom network routing rules and exceptions for certain use-cases where device users cannot access a certain service or application. |
|
Configure the different parts of your organization’s data usage policy. |
|
Set up Private Access for remote devices to better protect your company resources. |