How Do I Configure MobileIron to Integrate with AeroFS?

MobileIron reinforces AeroFS on iOS and Android with additional security features such as the following:

  • at rest encryption
  • remote wipe
  • disabled screen capture
  • passcode requirements
  • copy/paste and open in restrictions

The AeroFS for MobileIron app is available for iOS and Android. AeroFS is compatible with MobileIron deployments with AppTunnel enabled for third-party apps. AeroFS mobile apps must be able to reach the Sentry Server over port 4433.

MobileIron Server configuration

Follow these steps to configure your existing MobileIron deployment to support the AeroFS mobile applications.

  1. Enable AppTunnel for third-party and in-house apps on the MobileIron Core server
  2. Enable AppTunnel on the Sentry Server
  3. Add an AppTunnel Service for AeroFS to your Sentry Server with the following properties:
    • Service Name: aerofs
    • Sever Auth: Pass Through
    • Server List: <AeroFS appliance domain name>:4433
    • TLS Enabled?: Yes

MobileIron configuration for iOS

To support the iOS app, create an AppConnect App Configuration for AeroFS on that platform

  1. Set the Application to com.aerofs.ios.mobileiron
  2. Add an AppTunnel Rule:
    • Sentry: <your sentry server >
    • Service: aerofs
    • URL Wildcard: <AeroFS appliance domain name>
    • Port: 4433

MobileIron configuration for Android

To support the Android app, create an AppConnect App Configuration for AeroFS on Android

  1. Set the Application to forgepond.com.aerofs.android.mobileiron
  2. Add an AppTunnel Rule that's identical to the one you created for iOS

AeroFS configuration

To restrict mobile device authentication to devices managed by a Sentry server, enable MDM support on the AeroFS appliance. Please follow the instructions below:

  1. In the appliance management interface, choose "Device Restriction"
  2. Check the "Enable MDM support" box
  3. Enter the IP addresses of your Sentry servers to restrict mobile device authentication to devices managed by MobileIron. You will need to list proxy server IP addresses if you have a proxy between the Appliance and the Sentry server.
Powered by Zendesk