Skyhigh CASB for Sanctioned IT users, who also use the Ivanti Neurons Mobile Device Management (MDM) platform, can add another level of security to the Certificate Checking process by adding an Allow List of approved devices that are allowed to connect to the Skyhigh CASB Secure Proxy. Even if a device acquires a valid certificate, without prior approval for the device’s ID, it is unable to connect to the proxy.
To set up Ivanti Neurons MDM:
- Create a root certificate in Ivanti Neurons MDM and save it as a text file.
- Log into Skyhigh CASB and follow the steps for Certificate Checking above to upload your certificate into the Skyhigh CASB Secure Proxy.
- Sign into Ivanti Neurons MDM and add your list of approved users and email addresses to the Ivanti Neurons system.
- Your administrator sends a request by email or text message to your users to register their device through Ivanti Neurons MDM. When they do so, they are provided the device certificate and their device ID is recorded.
- Only devices that have registered through Ivanti Neurons MDM and that contain the certificate can connect to the Skyhigh CASB Secure Proxy.