Deploy Client on iOS Using IBM MaaS360

Deploy Client on iOS Using IBM MaaS360

This topic covers the steps to deploy Netskope Client for iOS mobile devices using IBM MaaS360.

Prerequisites

  • In the Netskope UI, go to Settings > Security Cloud Platform > Netskope Client > MDM Distribution. Download the Netskope Root Certificate and Intermediate certificates. These are needed to configure IBM MaaS360 certificate profiles.

  • In the MDM Distribution page, scroll down to Create VPN Configuration section to find your Organization ID.

  • User accounts provisioned within the MDM/EMM platform must match with those provisioned with the Netskope tenant.

Setting up Netskope Client

Setting up Netskope Client for  iOS devices with IBM MaaS360 includes the following mandatory steps:

Deployment of  Trusted Root Netskope Certificate Profile

To upload the Intermediate and Root certificates:

  1. In the IBM MaaS360 console, go to Security > Policy.

  2. Click Add Policy.

    Or, you can also edit an existing policy.

  3. Provide the following details:

    • Name: Enter a policy name

    • Type: iOS MDM

    • Start From: Business Templates Based Policies

    • Business Use Case: Select an appropriate one. For example, BYOD.

  4. Click Continue.

    It navigates to the policy page where you can configure settings, add assignments, and review changes.

  5. Expand Advanced Settings under Configure Settings.

  6. Click Certificates.

  7. Click Edit at the top-right corner of your screen.

  8. Select the checkbox for Configure Trust or Credential Certificates on the Device.

  9. Click Trust or CA Certificates > Netskope Root Certificate.

  10. Provide the certificate name.

  11. Click + icon to upload Netskope Root certificate.

  12. Click Save.

  13. Click the refresh icon on the right and select the uploaded certificate name from the dropdown.

  14. Repeat the process for uploading and selecting the Intermediate certificate.

  15. Assign the appropriate policies to user/device groups and click Next.

  16. Review the policy.

  17. Click Publish.

Push VPN Profile Configuration

To provide a seamless Netskope Client deployment in IBM MaaS360, you need to create a VPN profile controlled through security policies. You can either create a new security policy or a VPN profile to an existing policy. To learn more, view Create Security Policy.

To add a VPN profile in a security policy:

  1. In the IBM MaaS360 console, go to Security > Policy.

  2. Select an existing policy.

    The policy details page is displayed.

  3. From Configure Settings > Device Settings, select VPN.

  4. Click Edit at the top-right of your screen to configure the settings.

  5. Select Custom SSL from the list of dropdown options.

  6. Enter a VPN Connection Name and provide the configuration details:

    • Identifier: com.netskope.Netskope

    • Host Name of the VPN Server: gateway-<tenant>.goskope.com

    • User Authentication Type: Select Password.

    • VPN on Demand Dictionary Rule: OnDemandEnabled

    • Custom Data 1: OrgKey=<ORG-ID TOKEN>

    • Custom Data 2: AddonHost=addon-<TENANT>.goskope.com

    • Custom Data 3: UserEmail=%email%

    • Custom Data 4: ForcedDisabledSteering=true

      Add Custom Data 4 if the deployment requires NPA only traffic steering.
    • Bundle Identifier: com.netskope.Netskope

  7. Assign the appropriate policies to user/device groups and click Next.

  8. Review the policy.

  9. Click Publish.

Add Security Policy

The following section describes the steps to add appropriate iOS policies in the IBM MaaS360 console.

To add a security policy:

  1. Go to Devices > Groups.

  2. Choose the desired policy and click More..

  3. Click Change Policy.

  4. Select an appropriate iOS policy from the list of dropdown items.

  5. Click Submit.

Add Netskope Client App

The following section describes the steps to add the application from iTunes App in the IBM MaaS360 console.

To add Netskope Client:

  1. In the IBM MaaS360 console, go to Apps > Catalog.

  2. In the App Catalog page, click Add > iOS > iTunes App Store App.

  3. The iTunes App Store App window is displayed. In the App field, search for Netskope Client.

  4. Click the Netskope Client app to select.

  5. Click Add to add Netskope Client to the App Catalog.

Distribute and Assignment

This section describes the steps to distribute and assign Netskope Client app to devices in a group after adding NS Client to the App Catalog. To learn more, view Deploy Apps to Devices.

To distribute and assign NS Client:

  1. In the App Catalog page, click Netskope Client.

  2. On the top-right corner of the Netskope Client app page, click Distribute.

  3. In Distribute App: Netskope Client, make an assignment to the appropriate group.

  4. Click Distribute.

Share this Doc

Deploy Client on iOS Using IBM MaaS360

Or copy link

In this topic ...