ios Mobile: Setup Guide for Umbrella ios Mobile Devices



Similar documents
Networks. Sites and Internal Networks: Setup Guide. Sites and Internal Networks Setup Guide for Umbrella Page 1

Mobile Configuration Profiles for ios Devices Technical Note

Copyright 2013, 3CX Ltd.

Active Directory Integration: Install and Setup Guide. Insights

Roaming Client: Deployment Guide for Umbrella. Roaming Client

Active Directory: Setup Guide for Umbrella. Active Directory

Mobile Iron User Guide

Enterprise Buyer Guide

EMR Link Server Interface Installation

ANIRA/AVTS Managed VPN Capability for ios Devices (ipad, iphone, ipod touch )

NETGEAR genie Apps. User Manual. 350 East Plumeria Drive San Jose, CA USA. August v1.0

Intermedia Cloud Softphone. User Guide

Multi-Factor Authentication Job Aide

Dell Mobile Management. Apple Device Enrollment Program

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

Support Guide: Managing the Subject machine s Firewall.

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios with TouchDown

Configuring Secure Wireless (SFUNET-SECURE) for iphone/ipod Touch 2.0

SonicWALL Mobile Connect. Mobile Connect for OS X 3.0. User Guide

App Distribution Guide

Axxon Monitor. User Manual

Mobile Device Management Version 8. Last updated:

Preparing for GO!Enterprise MDM On-Demand Service

Configuration Guide Contigo Mobile Tracker

Welcome to XO WorkTime

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios Devices

CHAPTER 1 Exploring Mobile Devices with IMail 1

Quick Start Guide. Version R9. English

Sophos Mobile Control Startup guide. Product version: 3

ManageEngine Desktop Central. Mobile Device Management User Guide

Quick Start Guide: Iridium GO! Advanced Portal

Your First App Store Submission

Using the Jive for ios App

Sage CRM. Sage CRM 7.3 Mobile Guide

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

Create a VPN on your ipad, iphone or ipod Touch and SonicWALL NSA UTM firewall - Part 1: SonicWALL NSA Appliance

Android App User Guide

Install and Configure Cyberoam iaccess for ios

ipecs Communicator Installation and Operation Guide Please read this manual carefully before operating your set. Retain it for future reference.

Setting up RDP on your ipad

iphone in Business How-To Setup Guide for Users

ONE Mail Direct for Mobile Devices

Configuration Guide. BES12 Cloud

When enterprise mobility strategies are discussed, security is usually one of the first topics

BlackBerry Enterprise Service 10. Version: Configuration Guide

Configuring GTA Firewalls for Remote Access

GlobalProtect Configuration for IPsec Client on Apple ios Devices

User Guide Novell iprint 1.1 March 2015

Sophos Mobile Control Startup guide. Product version: 3.5

Apple OS / ios Installation Guide Includes MAC OSx and ios based devices

Bell Mobile Device Management (MDM)

Technology Services Group Procedures. IH Anywhere guide. 0 P a g e

ipad Installation and Setup

Sophos Mobile Control Installation guide

Enterprise Security with mobilecho

Deploying iphone and ipad Mobile Device Management

Supporting Apple ios Devices

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown

EFORMS MANUAL FOR SHAREPOINT ONLINE

Pcounter Mobile Guide

BlackBerry Enterprise Service 10. Universal Device Service Version: Administration Guide

Device Users Guide Sybase Mobile Sales for SAP CRM 1.2

Advanced Configuration Steps

Two-Factor Authentication (2FA) Registration Instructions Symantec VIP Access

Health Science Center AirWatch Installation and Enrollment Instructions For Apple ios 8 Devices

ONLINE ACCOUNTABILITY FOR EVERY DEVICE. Quick Reference Guide V1.0

Global Mobile Technologies Guide for Zenprise Enrollment for IOS devices (ipad, iphones)

How To Use A Citrix Netscaler Thin Client V (Windows) With A Citirix Vpn Desktop (Windows 10) With An Ipad Or Ipad (Windows 8) With Vpn

Virtual Data Centre. User Guide

Flexible Identity Federation

Sophos Mobile Control Installation guide. Product version: 3.5

Cloud Services MDM. ios User Guide

Home Internet Filter User Guide

ipad in Business Mobile Device Management

Business Mobile Banking

EZ RMC Remote HMI App Application Guide for ios

MobileMerchant Application Guide

MC3WAVES Wireless Connection Wizard

You will need your District Google Mail username (e.g. and password to complete the activation process.

curbi for Schools Technical Overview October 2014

Sage CRM. 7.2 Mobile Guide

iphone in Business Mobile Device Management

Lotus Notes Traveler User and Troubleshooting Guide for ios Devices. Manage the Settings for your Mail, Calendar, and Contacts Apps

genie app and genie mobile app

Sage CRM. Sage CRM 2016 R1 Mobile Guide

ADMINISTRATOR GUIDE FOR USA MOBILITY AMC SELECT

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android

Rocket Mail Smartphone Configuration Guide. Version 2.0

Copyright 2013, 3CX Ltd.

Mobile Device Management Version 8. Last updated:

Exchange ActiveSync (EAS)

Mechanics Bank Mobile Banking Mobile Finance Manager (MFM) Application Windows Mobile Phone Installation

NetSuite OpenAir Mobile for Android User Guide Version 1.3

Cloud Services MDM. Management Admin Guide

Syncing ipad devices using itunes

CA Mobile Device Management. How to Create Custom-Signed CA MDM Client App

Sophos Mobile Control SaaS startup guide. Product version: 6

Remote Access Enhancements

MERLIN SERVER. The Quick Start Guide for collaborative project management ProjectWizards GmbH, Melle, Germany. All rights reserved.

Product Guide Nintex. All rights reserved. Errors and omissions excepted.

Transcription:

ios Mobile: Setup Guide for Umbrella ios Mobile Devices

Overview The Mobile App protects ios mobile devices (e.g. smartphones, tablets) regardless of where they are in the world or how they connect to the Internet. The solution works by enforcing a secure channel for all Internet-bound traffic via an automatic or on demand VPN. The secure channel passes traffic through one of our OpenDNS Global Network data centers distributed worldwide. The OpenDNS Global Network uses Anycast routing to always connect your device to the easiest to reach datacenter for optimal performance. All traffic regardless of application, protocol or port will be protected by the OpenDNS Global Network and the acceptable use policy you assign. Umbrella protects your mobile devices and sensitive data from becoming compromised. This guide explains how to use provisioning profiles to connect your devices to the OpenDNS Global Network. Prerequisites To use the Mobile App you must have: Supported Mobile Operating Systems and Devices Apple ios 5.1.1, ios 6.x., ios 7.x Apple iphones (3GS and above), ipad (all) and ipod Touch (4 th generation and above).!note: Android OS and related devices will be supported in a later release.!note: Jailbroken devices are not supported. Appropriate Network Permissions While the main purpose of the solution is to protect mobile devices while connecting to the Internet from third-party networks, use on your network is also possible. The solution utilizes standard IPSec VPN and HTTP/S ports, which must be opened for both source and destination addresses: o UDP 500 o For networks using NAT-T: UDP 4500 o IP Protocol 50/ESP o TCP 80 and 443.!NOTE: The Mobile App utilizes standard Apple ios mobile provisioning profiles. It does not explicitly require an app to be deployed or installed, though one is available. ios Mobile Setup Guide for Umbrella Page 2

Step 1: Provision Profile Provisioning uses a push model, pull model, or combination of the two. The default and recommended option is App Invitation. In this option, you can invite users (via email) to install an App from the Apple App Store that will enable them to register their devices to your account within the Dashboard. Users simply have to click the link to install the App (from the App Store), return to the email and click the Activate button to activate the app, then finally complete the registration steps within the App itself. For devices in the field, this option provides a scalable model for adding users. The App additionally provides help information and usage statistics to the end users. Alternatively, when sending an email invitation, you can optionally select the VPN Profile Only by checking the box in the lower right corner of the email entry field. In this case, users will be directly sent a configuration file to apply to their ios devices that will connect them to the OpenDNS Global Network s cloud-delivered network security. The Umbrella dashboard will help you track pending installations to ensure that users follow up. For devices in the field, this option provides a scalable model for adding users, in cases where you would prefer they did not use the App. Finally, a pull model is available whereby the user installs the The Umbrella Mobile App from the itunes App Store, authenticates with an Umbrella account, and registers the device into Umbrella. The app additionally provides help information and usage statistics. When IT or Help Desk staffs wish to manually provision mobile devices, we recommend the mobile device app option, especially if devices do not have email accounts available. A mixture can be used as well. Push Provisioning: Invitation by Email IT staffs can invite users via email to add an app, or alternatively just a VPN profile, to their ios devices that will connect them to Umbrella. The Umbrella dashboard will help you track pending installations to ensure that users follow up. For devices in the field, this option provides a scalable model for adding users. 1) Log into the Umbrella dashboard and navigate to Configuration > Identities > Mobile Devices 2) Click add a new device and enter one or more email addresses for the devices you wish to provision. 3) Optionally, check Send VPN-only profile invitations if you do not want users to have the Mobile App.!IMPORTANT! Invitations CAN be re-used by multiple users and across multiple devices UNLESS the VPNonly option is utilized. If the VPN-Only option is selected, each provisioning profile is unique and should not be re-used.!note: If there is not a unique email address available per device you may re-generate multiple profiles to the same email address. And then move these additional profiles to additional devices via a file sharing solution (e.g. DropBox). 4) The email addresses should appear in the device list appended by a unique ID number (e.g. user@domain.com_12345678). These devices will appear in a pending provision state indicated by. It is ios Mobile Setup Guide for Umbrella Page 3

normal at this point for the Last Request to be Never with a warning icon. 5) From those mobile devices, open the invitation email. a) Install the Mobile App via the itunes link. After installation, return to the email and click the activation link. Then, follow the instructions in the app. b) If VPN-only profile was checked in step 3, then the user will only click on the attached mobile provisioning profile. Pull Provisioning: Installation Initiated from the App Store IT staffs or end-users themselves can install the Umbrella by OpenDNS App from the itunes App Store and authenticate with your organization s Umbrella account to register the device with Umbrella. 1. Download the app from itunes: https://itunes.apple.com/us/app/umbrella-byopendns/id557639276?ls=1&mt=8 2. Open the application and authenticate with your Umbrella credentials. 3. Follow the instructions in the app, such as registering the device using a different non-default name. Then, click Install Profile. ios Mobile Setup Guide for Umbrella Page 4

Step 2: Verify Operation To check that the mobile device successfully connected to Umbrella: 1. On the device itself, check that the VPN icon appears in the top status bar of your device. For example:!note: It is normal for the VPN icon to turn off and on. It switches off when there is no network activity, and thus ios temporarily terminates the connection to Umbrella. It will start back up automatically when needed. The VPN icon also sometimes appears on the right side depending on what operations are active on the device. 2. Navigate to Configuration > Identities > Mobile Devices 3. Check that the devices now appear in a completed provision state indicated by and according to mode ((VPN Profile and/or Mobile App ). Also, the devices should indicate a recent Last Request.!NOTE: After 24 hours (default, this can be modified) without Internet activity, a warning icon will appear in the Last Request column. It does not necessarily mean that there is a problem, but it is likely that the user in question has either disabled the VPN or removed it entirely. 4. Optional: You may change the name of the device by selecting the table cell in the Umbrella dashboard containing the Name.!NOTE: Devices provisioned by pull provisioning (downloading the Mobile App) will list a name entered by the user who registered the device and may not take the form of an email address. The default for this field is the ios device name, which is commonly configured in itunes during initial setup. Step 3: Policy Configuration Once verifying that the ios Mobile Devices are operating successfully, define and apply security and acceptable usage policies to them. ios Mobile Setup Guide for Umbrella Page 5

1. Navigate to Configuration > Policies, and click add a new policy or click the name of an existing policy. 2. Check the Mobile Devices box if you want to apply a single policy for all provisioned mobile devices, or check the box next to one or more specific devices via the identity picker. To remove a selected device, either uncheck its box via the identity picker or click the red X icon to the right of its name. Then click next. 3. Select the 'Policy Settings', then 'Block Page Settings' you would like enforced for this policy. Then click next.!note: If you have not yet created any non-default settings, go to the 'Policy Settings' or 'Block Page Settings' pages to do so. 4. Set a meaningful description for the policy, then click save.!note: The policy you created will be applied within 60-90 seconds to any new connections coming into Umbrella from the selected computers. 5. Click and hold the drag handle icon to re-order the policy above or below any other existing policies.!note: Policy execution follows a top-down, first-match order of operations. The first policy assigned to an identity is enforced. Any subsequent policies assigned to the same identity are ignored. There is an editable, but immutable, Default Policy always ordered last, which is a catchall for any identity. ios Mobile Setup Guide for Umbrella Page 6

Appendix A: ios Settings App Help End users may access the ios Settings app to turn the VPN off/on or permanently remove it.!note: If an end user disables the VPN and fails to connect for a period of days (configurable with a default of 3 days), the Umbrella dashboard will indicate a warning next to the device listing. This can help IT or Help Desk staff to determine whether the end user has removed the solution.!note: It is possible to configure the VPN in an enforced mode so it cannot be disabled, provided the device is 'supervised' under Apple Configurator. Please contact support@opendns.com for more information about this. To turn the VPN off temporarily: To turn the VPN back on: To permanently remove the VPN profile: ios Mobile Setup Guide for Umbrella Page 7

Appendix B: De-Provisioning Devices 1. To de-provision a device, go to Settings > General > Profile via the ios device and permanently remove the VPN profile (refer to screenshots in Appendix A). 2. From the Umbrella dashboard, click the icon next to the mobile device you wish to de-provision. 3. Confirm that you wish to delete it forever by clicking Delete. 4. If the Mobile App is installed on the device, that should be removed as well. ios Mobile Setup Guide for Umbrella Page 8

Appendix C: Known Issues Apps Sometimes Hang Description: Occasionally, when ios attempts to re-establish the VPN connection after a period of network inactivity, the first app requesting Internet access doesn t see an available network, and hangs. This issue is limited to ios5 Frequency: Very Low. Severity: App dependent. Safari and Mail behave well. Facebook and Maps tend to suffer from this fairly severely and often require resolution. Resolution: The preferred resolution to upgrade to a later version of ios. VPN Session may terminate after an hour and 37 minutes Description: The VPN session is terminated after 1:37 (an hour and 37 minutes) of continuous connectivity due to an ios bug in IPSec VPN XAuth. Connectivity will be interrupted for 2 minutes, then automatically resume. In order to restore connectivity immediately, simply toggle the VPN to manual and back to automatic from Settings -> VPN. Frequency: Always. Severity: Minor. Resolution: No workaround, but his issue is being pursued both with Apple, and via a server-side fix from the OpenDNS service. ios Mobile Setup Guide for Umbrella Page 9

Umbrella is brought to you by OpenDNS. Trusted by millions around the world. The easiest way to prevent malware and phishing attacks, contain botnets, and make your Internet faster and more reliable. OpenDNS, Inc. www.opendns.com 1.877.811.2367 Copyright 2012 OpenDNS, Inc. All rights reserved worldwide. No part of this document may be reproduced by any means nor translated to any electronic medium without the written consent of OpenDNS, Inc. Information contained in this document is believed to be accurate and reliable, however, OpenDNS, Inc. assumes no responsibility for its use. ios-mobile-setup-guide-for-umbrella

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information