Jamf Protect for Mobile Evaluation Guide
- 07 Jun 2024
- 4 Minutes to read
- DarkLight
- PDF
Jamf Protect for Mobile Evaluation Guide
- Updated on 07 Jun 2024
- 4 Minutes to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Summary
After the discussions with your Jamf account team, they will provision access to the Jamf Protect product for purposes of evaluating the capabilities against your needs. Use the following guide to review each feature of Jamf Security Cloud.
Disclaimer
Do not test these features in your production environment. We recommend evaluating Jamf Protect in evaluation environments.
Features of Jamf Protect Content Filtering
Utilizing Secure DNS on macOS, iOS, iPadOS, Android, or Windows to explicitly allow or block your devices from accessing various types of content. This is accomplished with the content filtering policy feature.
Feature | Description | Scope | Documentation Link(s) |
|---|---|---|---|
Pre-built Content Filtering Categories | Utilizing content filtering pre-built categories | Global Policy or Group Policy | |
Customized Content Filtering Rules | Configure custom blocked domains into Jamf Security Cloud to allow or block across all secured devices. | Global Policy or Group Policy | |
Define Search Engine Rules | Search rules are used to filter out explicit or mature content from Google and YouTube search results on user devices. | Global Policy or Group Policy | |
End-user / admin Notifications | Notifying end-users of policy blocks via the end-user application and/or the customizable block pages via Jamf Security Cloud. | Global Policy or Group Policy |
Features of Jamf Protect Content Filtering Reporting
Reporting on the events blocked by content filtering rules tested above:
Feature | Description | Documentation Link(s) |
|---|---|---|
Internet Usage Reports | Utilizing in-console data usage and block reports based upon multiple searchable criteria (user, user group, site, categories, etc.) | |
Exportable Usage Reports | Build customized, exportable usage reports for data usage and Jamf Security Cloud policy blocks across all devices or select devices |
Features of Jamf Protect Endpoint/Network Security
Jamf Protect's endpoint and network security service offers web threat prevention and mobile device protection to keep your devices protected against a multitude of common and uncommon threats. This protection includes vulnerability assessments, app scans, device behavior anomaly detection, and network-based security protections as described below:
Feature | Description | Scope | Documentation Link(s) |
|---|---|---|---|
Web Prevention Policies | Defining a threat prevention policy for the customer's needs. Each threat category can be set within the leaf environments to inherit the rules from the root. | Global Policy or Group Policy | |
Set Auto-Response per category | Configuring Jamf Security Cloud to immediately block the threat at category and sub-category level. | Global Policy or Group Policy | |
Customized Severity scoring | Changing the severity score on each threat category to suite the needs of InfoSec and SecOps teams. | Global Policy or Group Policy | |
Customized User-level Alerts | Customize each threat category to alert either both or individually the end-user or admin. Also customize block pages to alert end-users of blocks in the browser with a corporate landing page. | Global Policy or Group Policy | |
Setup UEM Connect for Signaling | Threat policies allow for UEM Signaling for responsive measures, allowing both Jamf Security Cloud and the UEM to take action in the event of threat detection. | Global Policy or Group Policy | |
Create Exceptions | Ability to insert exceptions to allow for certain approved applications or websites to be accessed if they are flagged via Jamf Security Cloud. | Global Policy or Group Policy | |
Set ignored sites | Setup any website/domain to be completely ignored in reports, policies, and notifications, such as low severity threats. | Global Policy or Group Policy | |
Upload Internal Root Certs | Upload any customer root certificates that will be approved by Jamf Security Cloud. | Global Policy | |
External threat intel upload | Upload an external threat intel CSV file for blocking of a customized threat feed. | Global Policy or Group Policy | |
Set App Watchlist Category/Custom | Configure admin email notifications regarding specific app or app categories getting installed on Jamf Security Cloud enrolled devices. | Global Policy or Group Policy | |
Block Specific App Network Traffic | Requires Supervised iOS 16 and above with ODCF enabled. Setup rule to block all traffic related to a particular app bundle. | Global Policy |
Features of Jamf Protect Security Reporting
Reporting on the events occurring by security rules tested above:
Feature | Description | Documentation Link(s) |
|---|---|---|
Threat View | Dashboard view of the entire device fleet's threats organized by risk level. Secured threats and Open threats are categorized separately. | |
Threat View Details | Selecting the "Manage Policy" option next to any threat allows admins to gain additional security insight from Jamf Threat Labs on the threat itself and remediation recommendations. | |
Device View | Dashboard view of devices currently deployed with Jamf Security Cloud organized by risk level. | |
Event Logs | SecOps can gain additional insight into any device level event within this dashboard and provide details of the threat and device at the time of attack. Additional details provided by Jamf Threat Labs can be found in Reports -> Security -> Event log. | |
Vulnerability management | View report on all Apple device vulnerabilities as assessed by the National Institute of Standards and Technology (NVD) against documented CVEs. | |
App Insights | Dashboard information on the apps installed on your devices, including their versions, permissions, and the level of risk they may pose. | |
Data Streams | Integrate Jamf Security Cloud with your SIEM dashboard to ingest or pull threat event data for customized reporting. | |
Risk API | Query the Jamf Security Cloud API through custom scripts. | |
Shared Signal Framework (SSF) | Integrate with a third-party security vendor which Jamf Security Cloud can signal device risk level changes to. |
After review each of these features of Jamf Protect reach back out to your Jamf account team to schedule next steps. Thank you for your time and attention to successfully securing your organization.