Configuring McAfee Enterprise® Mobile Cloud Security Solution involves integrating with an MDM (such as AirWatch, MobileIron, or InTune) and configuring a VPN profile before traffic is filtered.
Step 1: Configure MMCS
- Log in to MVISION Cloud and go to Settings > Integrations > McAfee.
- On the McAfee Integrations page, click Web Gateway Cloud Service.
- Click Edit to the right of McAfee Mobile Cloud Security Solution.
- In the McAfee Mobile Cloud Security Deployment page, you'll upload and manage customer CA certificates and choose user groups to assign to each cert. Click Upload.
- Select and upload a customer CA certificate. The certificate's private key is used to sign the device certificates.
- Specify the names of the fields that identify the User name and an optional User Group in the device certificates.
NOTE: You can test the device certificate authentication with the uploaded CA by clicking Upload and Test.
Step 2: Configure MDM
- In your organization's MDM solution, configure an identity certificate profile.
- Configure the VPN profile which references the identity certificate profile. When the user logs on to the device and registers it, the MDM signs the identity or device certificate with the CA certificate and downloads the signed certificate and VPN profile to the device.
- The device uses the signed certificate to authenticate to the VPN gateway. The VPN gateway creates a secure VPN tunnel with the device. McAfee Enterprise WGCS filters the HTTP/HTTPS traffic, allowing or blocking web requests according to Cloud Application Control policies.
After the steps are completed, the software on the device starts redirecting HTTP/HTTPS traffic to McAfee Enterprise WGCS through the VPN gateway.