Integrating Check Point Harmony Mobile with Scalefusion
- 04 Jun 2024
- 5 Minutes to read
- Print
- PDF
Integrating Check Point Harmony Mobile with Scalefusion
- Updated on 04 Jun 2024
- 5 Minutes to read
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Integrating Check Point Harmony Mobile with Scalefusion
For optimal utilization of the Check Point Harmony Mobile Threat Defense (MTD) solution, integration with Scalefusion is essential.
Step 1: In the Scalefusion Dashboard.
Navigate to Integrations > Mobile Threat Defense section.
Click on Activate button.
In the pop-up window configure the Target OS & Groups, Server details and deployment.
Step 2: Configure Check Point Harmony Mobile Configuration
(A) Target OS and Groups
Select Target OS: Based on your choice the Harmony Mobile app will be deployed on Android, iOS or both.
Selecting Groups: You can choose to deploy the Harmony Mobile app on all of your managed devices and bring them under the Check point preview. Or you can pick and select specific groups as well, bringing only selected devices under the risk analysis while keeping the rest of the devices free.
Once you have made your selection click on Next to go to next tab.
(B) Server Details
This tab shows the Scalefusion’s server details which will need to be added in the Check Point Infinity portal as is shown in the Step 3.
Step 3: In the Check Point Infinity portal
Log into the Infinity Portal.
Navigate to Settings > Integrations.
Click on the + icon on the top and select UEMs.
Scroll down the list of MDMs and select Scalefusion from the list. Click on Next.
In the next section, enter the server details of the Scalefusion which you will find in the Scalefusion dashboard as seen in Step 2 above. Copy the Server address from there and add it in the Infinity portal and click on Verify.
Once verified, click on Next to go to next section.
In the Synchronization section select the Groups. Here you will be able to see all the Device Groups and User Groups that you would have created on the Scalefusion dashboard.
Select the Device Groups and/or User Groups and click on Verify.
Once verified, click on Next to go to next section.
Check or uncheck the box for Tagging device status and risk. Click on Verify and once verified click on Next.
In the Deployment section you will find the Token, copy this token and add it in the Scalefusion dashboard > Deployment tab as shown in the Step 4 below.
Step 4: Deployment set up in Scalefusion dashboard
In the Scalefusion dashboard > Deployment tab> Enrollment Token enter the token copied from the Infinity portal as shown in the Step 3.
Next, enter the Infinity Portal Account ID, which you will find in your Infinity Portal. Log into your Infinity portal > navigate to General section. Copy the Account ID shown here an add it in the Scalefusion dashboard.
Next, you can also define the region where the MTD is to be deployed or you can select Others and provide your custom URL. Click on Next.
Step 5: Complete the set up in Scalefusion dashboard
Deploy using Zero-Touch Configuration: Enable this option to deploy Harmony Mobile app as Always On VPN package on the devices.
If this option is turned Off then the Harmony Mobile app will not be auto activated on the devices and users will have to manually launch and activate it on the device.
If this option is turned On then the Harmony Mobile app will be auto activated and configured on the devices.
Please note that Zero-Touch Configuration is supported on Android only.
Select Target Groups: Choose the Device Groups and User Groups (that you would have already created for the devices that need to be synced and monitored using Check Point Harmony MTD) to automatically move the devices to, based on the risk categorization.
Click on Save.
This completes the Check Point integration with Scalefusion.
Monitoring Risk Statuses in Scalefusion dashboard
Once the integration is successful IT Admins can check the device(s) risk status in the Devices section in the Scalefusion dashbaord.
Navigate to Devices section > click on 3-dots > click on Customize Table View > select the 3 columns (as shown) for the Check Point. This gives the IT Admins a quick overview of where their devices stand wrt detected risks.
The following are the statuses that will help you monitor the state of the device(s).
Check Point App Status: This will show if the Harmony Mobile app is published and installed on the device or not. These are:
Initially Not Configured
Published
Installed
Check Point Activation Status: This will show the Harmony Mobile app’s activation status. These are:
Initially N/A
Provisioned: Device is added in Infinity portal and device status is also synced with Scalefusion.
Active: Device is ready.
Inactive: This status is shown in case the device is offline or switched off, in which case the device does not sync, either with Infinity Portal & Scalefusion.
Check Point Risk Status: This will show the risk status of the devices that are being monitored by Check Point Harmony Mobile app. These are:
Initially N/A
High Risk
Medium Risk
Low Risk
Secure
Based on the policies set in your Infinity Portal if the Harmony Mobile app detects any threats upon scanning the device(s), the device(s) will automatically move to the designated Quarantine groups in the Scalefusion dashboard.
IT Admins can leverage the Quarantine groups created in the Scalefusion dashboard and assign Profiles that mitigates the threats for example,
If Harmony Mobile app detects that the device does not have a lock screen password, the device will automatically move the Quarantine group designated for this Risk Profile, in the Scalefusion dashboard, having a Profile that would push the Passcode Policy on the device.
Once the user set the password on the device, the device will be deemed safe, and it will automatically move back to its previous group.
IT Admins can define the Polices and Risk level in their Infinity Portal.
IT Admins can also get a report of the device(s) risk status from Reports & Workflows section > Reports > Device Availability Report.
Frequently Asked questions
Question 1: We have done the set up on the Scalefusion dashbaord and in Infinity Portal and it shows as success, however, we do not see the Harmony Mobile app on the devices and the Check Point app status is showing as not configured.
Answer 1: If you have selected All Groups in while creating the configuration on the Scalefusion dashboard then the device(s) should be present in any one of those groups.
If you have selected specific group(s) in the configuration, then make sure that the device(s) is present in those selected groups.
Please also make sure that the respective Device/User group(s) where the device(s) are, are also selected in the UEM configuration in the Infinity Portal.
Question 2: Harmony Mobile app has been Provisioned and installed on the device(s) however the Risk Status is still showing N/A on the Scalefusion dashboard.
Answer 2: This could happen if the UEM configuration has been deleted from the Infinity Portal however the device(s) is still managed by Scalefusion.
In such a case you will need to delete the device(s) from the Infinity Portal and do a manual sync on the UEM configuration once. This should sync the latest device(s) status. Please note that the user might have to provide the permission to Harmony Mobile app once again.
Question 3: Why do I see a new app in my Play for Work apps section on the Dashboard?
Answer 3: Once the Check Point Integration is successful, the Harmony Mobile app is automatically added in the Play for Work apps section and is also automatically published to devices.
Question 4: How do we configure the SSL certificate for On Device Network Protection (ONP) feature offered by Check Point?
Answer 4: Please refer to our guide here to configure the SSL certificate.
Was this article helpful?
