Introducing On-device Network Protection (ONP)

Document created by Pamela S. Lee Employee on May 7, 2018
Version 1Show Document
  • View in full screen mode

This week we are pleased to announce a new family of features, "On-device Network Protection (ONP)," now available for both Android and iOS devices.

ONP enhances SandBlast Mobile's advanced mobile threat protection and establishes a new mobile security paradigm to prevent emerging Gen V network attacks.

 

Main features introduced in ONP:

FeatureFeature DescriptionDetailed Information for each feature
Anti-Phishing
  • This category includes URLs that typically arrive in email or messaging apps and are established to steal information from users.
  • These sites falsely represent themselves as legitimate websites to obtain users' account credentials or credit card information that can be used for fraudulent or illegal purposes.
New Capability for ONP: Anti-Phishing 
Safe Browsing
  • This category includes URLs that may be reached during on-device browsing and are established to steal information from users or install drive-by malware.
  • These sites falsely represent themselves as legitimate websites to obtain users' account credentials or credit card information that can be used for fraudulent or illegal purposes.
  • These sites falsely represent themselves as legitimate websites to install malicious apps on the user's device to root/jailbreak the device, take command-and-control of the device, and steal on-device information.
New Capability for ONP: Safe Browsing 
Conditional Access
  • This category is a list of corporate IP addresses and/or FQDN hostnames that the user's device cannot access while at high risk.
New Capability for ONP: Conditional Access 
Anti-Bot
  • This category includes URLs, IP addresses, or domain names that use bots (zombies), including command-and-control sites facilitating stealing on-device personal and corporate information, record video or audio, and/or install other malicous code.
New Capability for ONP: Anti-Bot 
URL Filtering
  • This category allows the administrator to prohibit devices from accessing particular URLs in a specific subject category, such as gambling, guns, and violence, etc.
  • This category also allows the administrator to blacklist domains from being able to accessed by the user's device no matter the subject category or risk level of the device.
  • In addition, this category also allows the administrator to whitelist domains that are always accessible to the user's device no matter the subject category or risk level of the device.
New Capability for ONP: URL Filtering 

 

 

Enabling and Configuring On-device Network Protection

  1. Navigate to Settings > Policy Settings > On-device Network Protection.
  2. Select the appropriate protection activation of "Always ON", "Always ON, allow user to suspend protection", or "Turn ON when device is at HIGH risk".
  3. Blocking connections to phishing, botnets, and spyware/malicious sites are on by default, but can be disabled if desired.
    However, it is highly recommended that these settings are not disabled in order to provide the maximum level of protection.
  4. See the individual features for additional information (listed in above table).

 

User Experience

Once On-device Network Protection is enabled, the users will receive an in-app notification from SandBlast Mobile Protect to enable and install the VPN profile.

The VPN is a loopback VPN that allows all network traffic destination information to be inspected by SandBlast Mobile Protect app so that the configured ONP policies can be enforced at device.

The user must approve this install and follow any instructions to enable ONP on their devices.

 

ONP Enablement - iOS

  1. When the user is installing SandBlast Mobile Protect, and ONP is enabled in the Dashboard, the user will see a slightly different installation process.

  2. After installing and registering to SandBlast Mobile, the user can choose to enable "Notifications" and "Location".
  3. The user must allow SandBlast Mobile Protect to install a loopback VPN profile. If the user doesn't permit this, their device will be at Medium Risk until they do so.
  4. The user can then enable SMS Phishing protection by following the instructions.
  5. Once the user has completed enabling permissions, the device will be scanned by SandBlast Mobile Protect.
  6. There are new sections of the UI that will show the user that On-device Network Protection is enabled/disabled on their device.
  7. By tapping "My Device", the user can see that Network Protection is "On".There are new sections of the UI that will show the user that On-device Network Protection is enabled on their device.
  8. By tapping "My Network", the user can see the number of URL that have been inspected over the last 24 hours, as well as the number of URLs blocked.

 

ONP Enablement - Android

  1. When the user is installing SandBlast Mobile Protect, and ONP is enabled in the Dashboard, the user will see a slightly different installation process.
  2. After installing and registering to SandBlast Mobile, the user will need to enable "All all required permissions".
  3. The user must allow SandBlast Mobile Protect to install a loopback VPN profile. If the user doesn't permit this, their device will be at Medium Risk until they do so.
  4. The user can allow or disallow device location without penalty.
  5. The user can allow or disallow access to SMS messages without penalty.
  6. The user must enable "Accessibility" for On-device Network Protection to work properly.
  7. Once the user has completed enabling permissions, the device will be scanned by SandBlast Mobile Protect.
  8. There are new sections of the UI that will show the user that On-device Network Protection is enabled/disabled on their device.
  9. By tapping "My Device", the user can see that Network Protection is "On".
  10. By tapping "My Network", the user can see the number of URL that have been inspected over the last 24 hours, as well as the number of URLs blocked.

 

Suspending Network Protection

If the administrator has configured On-device Network Protection for "Always ON, allow user to suspend protection", then the user's can suspend ONP from a set time of 5 minutes, 30 minutes, or 2 hours.

This is often useful in a BYOD environment that will allow user's to suspend ONP protections.

iOS User Experience

  1. Tapping the More menu, the user can select "Suspend Network Protection".
  2. Select the amount of time to suspend, tapping "OK".
  3. The UI will show that Network Protection has been suspended and the time remaining.
  4. If the user wishes to cancel the suspension, the user can tap the More menu again, and select "Activate Network Protection". 

 

Android User Experience

  1. Tapping the More menu, the user can select "Suspend Network Protection".
  2. Select the amount of time to suspend, tapping "OK".
  3. The UI will show that Network Protection has been suspended and the time remaining.
  4. If the user wishes to cancel the suspension, the user can tap the More menu again, and select "Activate Network Protection". 
1 person found this helpful

Attachments

    Outcomes