Set Up Syncing with AirWatch
using the MTP Workflow
Syncing app inventory between Appthority MTP and AirWatch using the MTP workflow requires configurations in the Admin > EMM tab.
- Select Workflow and Enforcement Options
- Select Identifiable Information Options
- Set the Data Synchronization Interval
- Save and Sync
- Verify the Sync
- Go to AirWatch and Configure Policies
Prior to syncing, you enable the EMM integration by supplying credentials that allow Appthority MTP to connect to the EMM in the Admin > Organization tab. See Connect with AirWatch.
When you use the MTP workflow, you can choose to allow policy enforcement in the EMM, or not.
How it Works - Use MTP Workflow Only
If you enable the MTP workflow, and do not enable EMM enforcement, then the App Threat Protection and the Mobile Threat Protection scenarios are supported, minus EMM enforcement. There is no remediation in the EMM, unless you enable it as described in the next section.
Appthority MTP syncs with the app inventory in AirWatch, analyzes the apps, and displays the results in the Apps tab. In addition the device inventory syncs and displays in the Devices tab.
If the MTP Mobile App is deployed, it syncs app inventory to Appthority MTP as well.
How it Works - Also Enable EMM Enforcement
If you enable EMM enforcement in the MTP workflow, then Appthority MTP also syncs policy violation information, and you can add compliance policies in AirWatch that respond to those violations.
When Appthority MTP detects an App Policy violation and syncs with AirWatch, the list of devices that have apps that violate the policy appears as a device group in the AirWatch Groups & Settings > Assignment Groups list. The device group name in AirWatch is the same as the App Policy name in Appthority. This applies to:
- The MTT-Managed App Policies
- Any active custom App Policy that uses the "Blacklisted by IT" Threat Indicator
- Any other active custom App Policies
You specify enforcement actions using AirWatch Compliance Policies to respond to the App Policy violations detected by Appthority MTP.
Select Workflow and Enforcement Options
To select the MTP Workflow
- Got to Admin > EMM.
- Click Use MTP workflow.
- If you do not intend to enable EMM enforcement in AirWatch, skip to Select Identifiable Information Options.
- If you do intend to use AirWatch for compliance and enforcement actions, go to the next step.
To select EMM enforcement
After selecting the MTP workflow:
- Click Enable EMM enforcement using Compliance Policies with AirWatch Assignment Groups.
- Click Save Configuration.
- When you save the configuration, Appthority MTP also starts a sync with AirWatch, and sets the start time of the sync interval.
- Sync status displays in the Data Synchronization panel at the bottom of the tab.
Important: Skip the Options for devices without the MTP Mobile App section until you have completed your AirWatch policy enforcement configuration.
Appthority MTP can import and display device identifiers (with no personal information) in the Devices tab. To enable this, click Display identifiable device information.
Appthority MTP can also display personal information associated with device identifiers in the Devices tab. To enable this, click Collect and display name, email and phone with device information.
Important: This is Personal Identification Information (PII) and may not be appropriate for viewing. Consult your company's privacy policies before selecting this option.
- In the Data Synchronization section, select a new Sync Interval, if you want it to be more or less frequent than every hour.
Tip: If there are many thousands of devices in the Org, you would want to increase the Sync Interval, as it takes more time to sync more devices.
At the bottom of the EMM tab, lick Save Configuration.
Appthority MTP starts syncing with the EMM. The button shows a sync status, and the timestamp updates when the sync is complete.
- Check the Integration Status list at the top of the tab.
Indicators show green for the components synced successfully.
- If an option is not selected, or not available, its corresponding indicator remains gray.
- If all indicators are gray, then the EMM Connector may not be connecting to the EMM. See Set Up Connectivity Requirements in AirWatch and check that the connection is Active in the Admin > Organization tab.
- If an indicator displays red, it could mean that the sync is not yet complete, or that your API permissions have not been set correctly in your EMM. See Set Up Connectivity Requirements in AirWatch or contact your Customer Success Manager to troubleshoot.
- In the Admin > EMM > Data Synchronization panel, check the Last sync event datetime and any status messages.
- Check the following tabs to see the updates:
- The Apps tab displays the list of apps from the EMM.
- The Devices tab displays the list of devices from the EMM.
Important: Skip the Options for devices without the MTP Mobile App section until you have completed your AirWatch policy enforcement configuration. Otherwise the enforcement actions will initiate on Appthority MTPbut the AirWatch policies won't yet be in place.
Now that Appthority MTP and AirWatch are communicating, go to the AirWatch console, view the Assignment Groups, and set policies.
Copyright ©Appthority, Inc. 2017-2018 All Rights Reserved. Contact Support