Mobile Threat Defense (MTD) safeguards mobile devices from potential threats. It prevents, detects, and remediates cyberattacks through effective techniques. Combining MTD with Mobile Device Management (MDM) ensures comprehensive security and policy enforcement. SureMDM’s built-in MTD offers multi-layered protection, securing applications, networks, and devices.
Purpose
This knowledge article aims to serve as a comprehensive guide for configuring Mobile Threat Defense (MTD) within the SureMDM platform. It emphasizes how MTD prevents, detects, and addresses cyberattacks and highlights the importance of combining MTD with Mobile Device Management (MDM) for overall security.
Prerequisites
- MTD is now included as part of the Enterprise offering. For any questions regarding Enterprise subscriptions, please contact the 42Gears Sales team at sales@42gears.com.
- MTD functionality is supported for Android devices running Android 8 or later versions of the operating system with SureMDM Agent version 27.35.00 or later.
- SureDefense must be installed on the device through playstore, with all necessary permissions granted.
- The device needs to be online to initiate the scan.
NOTE:
In SureMDM: MTD is included as part of the SureMDM Enterprise Edition and is now our primary MTD offering.
Steps:
Step 1: To schedule multi-device scans and obtain threat reports
- Log into the SureMDM console.
- Navigate to Profiles. Click Add > Android > Mobile Threat Defense > Configure.
- Additionally, expand the Anti-virus protection configuration to enable the following options:
a. Enable MTD Scan: Use this option to allow MTD scanning.
b. Scan Mode: Select a scan mode from the following options:
- Basic: Only installed applications are scanned.
- Full: Scan all applications on the device, including system applications.
c. Scan Action: Select an appropriate Scan Action.
- Delete Threat: Remove selected threats from the device.
- Skip Threat: Detect and skip the threats without taking any action.
4. Scan & Trust Evaluation Schedule
Days: Schedule a scan on all or specific days of the week.
Time: Set a time for initiating the scan.
Set Network Type: Define the network type to scan devices based on the selected network type.
NOTE:
- Please ensure to test the functionality on a single test device before deploying the policy to a larger number of devices.
5. Name the profile and click Save.
The newly created profile will be listed in the Profiles section.
6. Go back to the SureMDM Home tab and select the Android device(s) or group(s).
7. Click Apply to launch the Apply Job/Profile To Device prompt.
8. On the Apply Job/Profile To Device prompt, select the created profile and click Apply.
Once the Mobile Threat Detection profile is pushed to the device, the device will start a periodic scan based on the profile settings. After scanning is complete, SureMDM admins can view the devices’ health in the SureMDM web console’s device grid, showing the number of threats detected.
For easier analysis, admins can generate and view Mobile Threat Detection scan reports using the SureMDM console.
- Click Reports. Select the MTD App Scan option, and then choose the device or group for which you would like a report, and click Add.
- Click on Request Report. Your request will be added to the queue; once the console has generated the report, click View Reports.
- Click Download or View to download the report or view it in the browser, respectively.
Step 2: To initiate scan on Individual device
1. Log into the SureMDM Console.
2. Navigate to Settings > Account Settings > Mobile Threat Defense.
3. Enable MTD App Scan.
4. Go back to SureMDM Home and select an Android device.
5. Click System Scan from the Dynamic Actions section.
This will instantly scan the device for potentially harmful apps.
Step 3: To view the MTD Events and Alerts
In SureMDM, go to the Mobile Threat Defense Dashboard to see detailed info on your device’s security. You can view Events and Alerts after scans detect potential threats.
Find threat status under Security – MTD Dashboard
Find event logs under Security – MTD Dashboard – Event logs
Need help?