Introduction
As organizations increasingly rely on mobile devices for business operations, the need for robust mobile security has never been greater. Enterprises face a wide array of security threats, including malware, phishing attacks, network exploits, and compromised applications. Traditional endpoint security solutions often fall short in protecting mobile endpoints, necessitating a dedicated Mobile Threat Defense (MTD) solution.
MaaS360 Mobile Threat Defense (MTD) provides on-device threat detection, leveraging machine learning and behavioral analysis to identify and mitigate security risks in real-time. However, without proper endpoint management, enforcing security policies at scale becomes challenging.
By integrating IBM MaaS360 MTD with IBM MaaS360, enterprises can combine real-time threat intelligence with policy-driven remediation, ensuring that mobile devices remain compliant with corporate security policies while actively defending against emerging threats. This integration enables IT administrators to:
- Detect and mitigate threats before they compromise enterprise data.
- Enforce security policies dynamically based on risk levels.
- Ensure continuous compliance with industry regulations.
- Automate remediation for compromised devices.
This document provides a step-by-step guide to integrating MaaS360 MTD with IBM MaaS360, covering prerequisites, configuration, policy enforcement, and validation steps to ensure a seamless, scalable, and secure deployment.
Prerequisites for Integration
Before proceeding with the integration of MaaS360 Mobile Threat Defense (MTD) with IBM MaaS360, ensure that the following prerequisites are met to facilitate a seamless deployment:
-
MaaS360 MTD Account Access
- A MaaS360 Console account with administrator privileges is required ( https://zc202.zimperium.com/console/mtd/dashboard?teamFilter=1bdbc159-956d-4e39-8c68-edbf5a2e03eb&teamId=1bdbc159-956d-4e39-8c68-edbf5a2e03eb&zappId=All ).
- Access to API configurations and policy management in the zConsole.
-
IBM MaaS360 Portal Access
- An IBM MaaS360 administrator account with permissions to configure device policies and app distributions.
-
Supported Devices
- Mobile devices running Android (7.0+) or iOS that are:
- Enrolled in MaaS360.
- Capable of running the IBM MaaS360 MTD app.
-
API Keys & Authentication Credentials
- MaaS360 MTD API keys for authentication, accessible under Authorizations in the zConsole.
- IBM MaaS360 MDM credentials, including the App Access Key, Billing ID, and Tenant ID.
-
Network & Firewall Configuration
- Ensure that outbound connections are allowed for the following services:
- MaaS360 MTD cloud endpoints (for device threat telemetry and policy updates).
- MaaS360 cloud services (for policy enforcement and compliance management).
Procedure: Integrating IBM Maas360 MTD with MaaS360
Step 1: Configure MaaS360 MaaS360 Console
1. Log into the Console:
- Navigate to your MaaS360 MTD Console and log in with admin credentials.
2. Generate API Key:
- Go to Account Management Settings on the right top corner , and select Authorizations section in the left-hand navigation menu.
- Click Generate API Key and provide the following:
- Description: Enter a descriptive name for the API key (e.g., "MaaS360 Integration").
- Teams: Select the team(s) to which this key should apply.
- Permissions: Configure necessary permissions for Account, API Keys, Devices, MDM Connections, and Policies.
- Save the API Key for later use.
Note: These settings can be customized based on organizational requirements.
3. Define Policies:
- Navigate to Policies in the Console, create a group, and configure necessary security settings, including Threat, Privacy, and Network policies.
Step 2: Configure EMM Connection and Policy Groups in MaaS360 MTD
1. Go to Integrations > EMM Connections in MaaS360 MTD Console.
2. Edit the IBM MaaS360 EMM Connection:
-
-
Click on the MaaS360 connection and select Edit.
-
Update the MDM URL (e.g., https://services.m4.maas360.com/).
-
Enter the MDM Username and Password.
-
Provide the App Access Key and Billing ID.
-
Set additional parameters like App ID, App Version, and Platform ID.
-
Click Next.
3. Assign Policy Groups:
-
-
Under Policy and Response Groups, select appropriate policies for Threat, Privacy, Phishing, and App Compliance.
-
Save the changes and click Finish.
4. Verify Connection Status:
Step 3: Adding IBM MaaS360 MTD App in MaaS360 and Configuring Distribution
1. Navigate to Apps in MaaS360 Admin Portal:
- Log in to MaaS360 and go to Apps > Catalog.
2. Add IBM MaaS360 MTD App:
- Click Add App, search for IBM MaaS360 MTD, and select it.
- Configure distribution settings, ensuring it's available for all managed devices.
3. Add App Configurations:
- Click Add Configuration and enter values retrieved from
MaaS360 MTD Console > Integrations > EMM Connections > Key Value Pairs for EMM Configuration:
- Default Acceptor (API URL for MaaS360 MTD integration)
- Tenant ID (Unique identifier for the MaaS360 MTD tenant)
- MDM Device ID (Device identifier used for integration)
- Tracking ID 1 (Billing ID from MaaS360)
- Tracking ID 2 (Set as `MaaSEnrollmentStatus:Enrolled`)
- Click Save.
4. Publish Configuration:
- Click Publish to apply the configuration and ensure automatic app deployment.
5. Enable VPN for MaaS360 MTD:
- Navigate to Security > Policies in MaaS360.
- Select Default Android MDM Policy, enable Always-on VPN, and choose MaaS360 MTD VPN.
- Save and publish the policy.
Step 4: Validating the Integration
Once the integration is completed, follow these steps to validate and test the integration:
1. Verify Device Enrollment:
- Ensure that enrolled devices appear in both MaaS360 and MaaS360 MTD dashboards.
- Confirm that devices are receiving the MaaS360 MTD app and associated configurations.
2. Test Phishing Attack Detection:
- Launch a controlled phishing simulation on a test device.
- Verify if MaaS360 MTD detects and reports the phishing attempt in the Console.
3. Validate App Compliance and Policy Enforcement:
- Install a non-compliant or blacklisted app on a test device.
- Check if MaaS360 MTD flags the app and if MaaS360 enforces corrective actions.
4. Monitor Threat Events:
- Go to IBM MaaS360 MTD Dashboard > Threats to verify if detected threats appear.
- Check if MaaS360 enforces necessary policies (e.g., quarantining compromised devices).
5. Check Automated Remediation:
- Simulate a network attack scenario (e.g., connecting a test device to a rogue Wi-Fi network).
- Ensure that MaaS360 MTD detects the threat and applies remediation steps like VPN enforcement or network disconnection.
6. Adding New Devices:
- Enroll a new device in MaaS360 and ensure that the MaaS360 MTD app is automatically installed and configured.
- Validate that the new device appears in the MaaS360 MTD console.
Challenges Faced During Integration
1. API Authentication Errors
-
Verify that the correct API key and authentication credentials are used.
-
Ensure that the API key has the necessary permissions enabled in MaaS360 MTD.
-
Check for any firewall rules blocking API requests.
2. Device Not Appearing in MaaS360 MTD Console
-
Confirm that the device is enrolled in MaaS360.
-
Verify that the IBM MaaS360 MTD app has been installed and configured correctly.
-
Ensure that the MaaS360 MTD app has the necessary permissions on the device.
3. Threats Not Detected in MaaS360 MTD
-
Check that MaaS360 MTD threat policies are correctly assigned.
-
Ensure that threat detection features are enabled in the MaaS360 policy settings.
-
Run a controlled phishing attack or install a test threat to verify detection.
4. MaaS360 Not Enforcing Security Policies
-
Validate that the MaaS360 policies are applied to the correct device groups.
-
Ensure that compliance rules are set to take action on detected threats.
-
Restart MaaS360 services and force a policy sync.
5. VPN Not Automatically Enabling
-
Verify that VPN enforcement is enabled in MaaS360 policies.
-
Check that the MaaS360 MTD app has permission to establish a VPN connection.
-
Test network attacks to trigger automatic VPN activation.
Benefits of Integrating MaaS360 MTD with MaaS360
The integration of MaaS360 Mobile Threat Defense (MTD) and IBM MaaS360 delivers a comprehensive mobile security framework that strengthens enterprise security across Android and iOS devices. Here’s how this integration enhances security posture:
1️⃣ Real-Time Threat Detection & Risk Mitigation
✅ Proactive Security: Detects and mitigates phishing attempts, malware infections, and network-based attacks before they compromise corporate data.
✅ On-Device AI & Behavioral Analysis: Uses machine learning-driven threat detection to identify anomalous activities and zero-day threats.
✅ Offline Protection: Unlike traditional cloud-based solutions, Zimperium operates even when devices are offline, ensuring continuous risk monitoring.
2️⃣ Automated Policy-Based Threat Remediation
✅ Zero-Touch Security Response:
When a device is compromised or at risk, MaaS360 automatically enforces predefined security policies.
Example: Restricting access, revoking VPN, or quarantining non-compliant devices.
3️⃣ Seamless Compliance & Policy Enforcement
✅ Regulatory Compliance Made Easy
Ensures compliance with ISO 27001, GDPR, NIST, HIPAA, and other security standards.
Automates device posture checks to detect rooted, jailbroken, or non-compliant devices.
✅ Conditional Access & Risk-Based Policy Enforcement
Blocks or restricts access based on real-time risk assessment.
Example: If MaaS360 MTD detects an ongoing network attack, MaaS360 can force VPN enforcement or lock down access to corporate apps.
4️⃣ Unified Security & Visibility Across Mobile Endpoints
✅ One Dashboard, Complete Control
Provides a single pane of glass for managing mobile security, threat intelligence, and compliance monitoring.
Security teams can view device risk posture, policy status, and real-time alerts within the MaaS360 admin console.
✅ Threat Intelligence Sharing Across Platforms
Integrates with enterprise-wide threat intelligence platforms to correlate mobile threats with broader cybersecurity incidents.
Enables cross-platform security analytics, ensuring better situational awareness and incident response.
Summary
By integrating Maas360 Mobile Threat Defense (MTD) with IBM MaaS360, enterprises can proactively safeguard mobile endpoints against advanced cyber threats, including phishing attacks, malware, and network exploits. This integration ensures that security teams can detect, analyze, and remediate threats in real-time, all while maintaining compliance with industry regulations.
This guide has provided a step-by-step approach to configuring and deploying MaaS360 MTD with IBM MaaS360, covering policy enforcement, automated remediation, and threat intelligence integration. By following these best practices, organizations can:
✅ Enhance mobile security posture through continuous on-device threat detection.
✅ Automate risk-based policy enforcement to minimize security gaps.
✅ Ensure seamless compliance with regulatory frameworks (ISO 27001, GDPR, NIST, HIPAA).
✅ Gain unified visibility across enterprise-managed mobile devices.
With this integration, organizations can confidently manage mobile security while enabling a zero-trust approach to endpoint protection, ensuring that only secure and compliant devices can access corporate data and applications.
Next Steps: Strengthening Security Post-Integration
Now that MaaS360 MTD is integrated with IBM MaaS360, follow these best practices to continuously enhance security, optimize policies, and stay ahead of evolving mobile threats.
1️⃣ Explore MaaS360 MTD Full Capabilities
✅ Gain deeper insights into advanced mobile threat detection, machine learning-based risk assessments, and on-device security enforcement.
✅ Learn more about app risk analysis, network anomaly detection, and behavioral-based phishing prevention.
🔗 Explore more on Zimperium’s official website.
2️⃣ Optimize IBM MaaS360 Security Policies
✅ Regularly review and refine MaaS360 device management policies to maximize threat response automation.
✅ Enable risk-based policy enforcement to dynamically block, quarantine, or isolate devices based on their real-time threat level.
✅ Align security controls with Zero Trust principles, ensuring only compliant devices can access corporate data.
3️⃣ Stay Ahead with Continuous Threat Intelligence
✅ Subscribe to IBM Security Updates for the latest advancements in mobile threat management, incident response, and security analytics.
✅ Leverage IBM X-Force Threat Intelligence to understand emerging mobile attack patterns.
✅ Join IBM MaaS360 & MaaS360 MTD user communities to exchange insights with industry peers.
4️⃣ Integrate with SIEM & Security Analytics (Advanced Recommendation)
✅ Forward MaaS360 MTD threat data to IBM QRadar SIEM, Splunk, or other SOC platforms for enhanced correlation and analysis.
✅ Automate incident response workflows by integrating MaaS360 alerts into your SOAR (Security Orchestration, Automation, and Response) system.
#Featured-area-2-home