Mobile Threat Defense (MTD) safeguards mobile devices from potential threats. It prevents, detects, and remediates cyberattacks through effective techniques. Combining MTD with Mobile Device Management (MDM) ensures comprehensive security and policy enforcement. SureMDM’s built-in MTD offers multi-layered protection, securing applications, networks, and devices.
Purpose
This knowledge article aims to serve as a comprehensive guide for configuring Mobile Threat Defense (MTD) within the SureMDM platform. It emphasizes how MTD prevents, detects, and addresses cyberattacks and highlights the importance of combining MTD with Mobile Device Management (MDM) for overall security.
Prerequisites
- To unlock the full range of MTD features, you need a valid MTD license. During the trial period, you can explore all features. For inquiries about MTD subscriptions, please contact the 42Gears sales team at sales@42Gears.com.
- MTD functionality is supported for Android devices running Android 8 or later versions of the operating system with SureMDM Agent version 27.35.00 or later.
- MTD functionality is supported for iOS/iPadOS 12.1 or later devices with SureMDM Agent version 4.67 or later.
- MTD security from 42Gears and Pradeo both work for Android platform, whereas for IOS only Pradeo security works.
- SureDefense must be installed on the device through playstore, with all necessary permissions granted.
- The device needs to be online to initiate the scan.
NOTE:
In SureMDM, we offer two MTD security options:
- Native 42Gears MTD : This is a basic MTD solution included for free with the SureMDM Enterprise Edition.
- Pradeo Integration : SureMDM integrates with Pradeo to offer advanced MTD functionalities for organizations requiring a more robust mobile security posture. This comes as an add – on – license (Paid) with SureMDM Premium and Enterprise editions.
Steps:
Step 1: To schedule multi-device scans and obtain threat reports
- Log into the SureMDM console.
- First select the MTD Partner between 42Gears and Pradeo Security from the drop-down menu.
- Click on Settings > Account Settings > Mobile Threat Defense > Check the “Enable Mobile Threat Defense” box and choose the MTD partner from the drop down.
- Navigate to Profiles. Click Add > Android > Mobile Threat Defense > Configure.
- Additionally, expand the Anti-virus protection configuration to enable the following options:
a. Enable MTD Scan: Use this option to allow MTD scanning.
b. Scan Mode: Select a scan mode from the following options:
- Basic: Only installed applications are scanned.
- Full: Includes recommended mode functionality, checking for infected objects and adware, and scanning external memory cards.
c. Scan Action: Select an appropriate Scan Action.
- Delete Threat: Remove selected threats from the device.
- Skip Threat: Detect and skip the threats without taking any action.
d. Days: Schedule a scan on all or specific days of the week.
e. Time: Set a time for initiating the scan.
f. Set Network Type: Define the network type to scan devices based on the selected network type.
NOTE:
- The MTD scan sends app metadata to the Pradeo server for threat analysis, and this process may consume a substantial amount of Mobile/Wi-Fi data.
- Please ensure to test the functionality on a single test device before deploying the policy to a larger number of devices.
5. Name the profile and click Save.
The newly created profile will be listed in the Profiles section.
6. Go back to the SureMDM Home tab and select the Android device(s) or group(s).
7. Click Apply to launch the Apply Job/Profile To Device prompt.
8. On the Apply Job/Profile To Device prompt, select the created profile and click Apply.
Once the Mobile Threat Detection profile is pushed to the device, the device will start a periodic scan based on the profile settings. After scanning is complete, SureMDM admins can view the devices’ health in the SureMDM web console’s device grid, showing the number of threats detected.
For easier analysis, admins can generate and view Mobile Threat Detection scan reports using the SureMDM console.
- Click Reports. Select the MTD App Scan option, and then choose the device or group for which you would like a report, and click Add.
- Click on Request Report. Your request will be added to the queue; once the console has generated the report, click View Reports.
- Click Download or View to download the report or view it in the browser, respectively.
Step 2: To initiate scan on Individual device
1. Log into the SureMDM Console.
2. Navigate to Settings > Account Settings > Mobile Threat Defense.
3. Enable MTD App Scan.
4. Go back to SureMDM Home and select an Android device.
5. Click System Scan from the Dynamic Actions section.
This will instantly scan the device for potentially harmful apps.
Step 3: To view the MTD Events and Alerts
In SureMDM, go to the Mobile Threat Defense Dashboard to see detailed info on your device’s security. You can view Events and Alerts after scans detect potential threats.
Find threat status under Dashboard > MTD Dashboard and Event Logs.
Need help? CONTACT US