I have an environment where mobile devices are managed using MobileIron. I want to restrict network access such that the only mobile devices that can connect are managed and belong to a known user.
What is the best way to approach this problem?
I have done some preliminary testing and it seems that the HIP checks requiring the device to be managed does not work (I have tried with both a managed Android and iOS device and they both failed the HIP check and in collected logs, Managed=No), and the ability to check for the presence of another app (like MobileIron) only works for Android devices.
Our IOs and android devices are restricted by device certificates.
create a root cert on th PA and then generate device cert and push via mobileiron.
we have seperate gateways for mobile devices.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!