Skip to main content

Business Concierge integration guide

Integration with Business Concierge Device Management requires a connection between the Bitdefender Console and Business Concierge Device Management. This is accomplished by configuration on the Business Concierge Device Management side and the Mobile Security console server side.

Prerequisite requirements

Business Concierge Device Management

Release 12.3 and later

Administrator Account in Business Concierge Device Management Console

Refer to the Access to the Business Concierge Device Management Console section

Device and OS

iOS 9.0 and later 64-bit devices required (Android is not supported at this time.)

GravityZone MTD

Release 4.8.0 and later

Integration Protocol

Secure Sockets Layer (SSL) protocol

Mobile Security Console

MDM Password

Do not use a colon (:) in the MDM access password field or use `password` as a password value.

MDM syncronization

A scheduled synchronization process runs every four hours after the entire first synchronization during the MDM integration setup.

On-Demand device MDM synchronization

Due to the four-hour MDM synchronization timeframe, new MDM users sometimes have the GravityZone MTD sent down to their device and try to activate it before the device is synchronized. When the app activates without information, the mobile security console does an on-demand device synchronization. The mobile security console links the app authentication data with the correct customer. The mobile security console gets device and user information from the customer's MDM. The mobile app on that device is now authenticated and allowed to proceed.

Access to the Business Concierge Device Management Console

To begin Business Concierge Device Management integration, you'll need an administrator account. An administrator account provides:

  • DM Code

  • Login ID

  • Password

Configuration steps

Configuration steps are performed on both the Business Concierge Device Management console side and the Mobile Security console side. In setting up this integration configuration, these are supported:

  • Manages the user lifecycle.

  • Synchronizes devices and their associated users.

  • Handles device and user management functions with the MDM console.

Certificate configuration

Perform these steps to set up the certificate in Business Concierge Device Management.

  1. Log in to the Business Concierge Device Management console.

  2. Select Information about Contract.

  3. Click Certificate registration.

  4. Click Issue CSR. This generates a push certificate CSR file.

  5. Click the Output file button under the CSR Information. This downloads the CSR file.

  6. Then log in to the Apple Push Certificates Portal website.

  7. In the Business Concierge Device Management console, under Certificate information, click on the Choose File button. Select the PEM file.

  8. Click the Enroll button.

Setting email addresses for users before sync

When a user is created in Business Concierge Device Management, the user must be updated to give an email address for the Mobile Security console synchronization. In Business Concierge Device Management, new users do not have email addresses assigned from the start.

Device registration in Business Concierge Device Management

To integrate with the MDM, the device's end-user needs to install the software on the device.

To set up device registration:

  1. In the upper right, click Information about Contract.

  2. Scroll down the page and see the Information for Device Registration section. This section has the URL that the user uses to register their device. It also includes the required login information. Ensure the iPhone/iPad option is selected.

  3. Notify the user of the enrollment URL and the additional fields of DM code, Enrollment ID, and the Enrollment password. After the user opens the URL on the device, provides the authentication, and follows the prompts, the profile is installed. If the GravityZone MTD is configured as a managed application, it is also installed on the device.

Set up device Application Deployment

Discover the steps for setting up the deployment of the device application in the Business Concierge Device Management system.

Initial configuration in Business Concierge Device Management

You need to define the application under the Operation Management section as a managed app. This is defining what is pushed down to the registered devices. This step identifies the application from the Apple App Store.

  1. Select Operation Management.

  2. Click iPhone/iPad.

  3. Click Managed Apps Registration.

  4. Select the App Store under the Application Type.

  5. Enter ‘GravityZone Security for Mobile’ as the search application input field value and click Search.

  6. Select the GravityZone MTD entry from the App Store list.

  7. Set the Configuration toggle to ‘ON’ and set the auto-activation

  8. Under Device Selection, select either Device list or CSV to provide a list of devices. If you select Device list, then select the list of devices. If you select CSV, then upload a CSV file for the device list.

  9. Click OK and OK again to register.

Configuring device application auto-activation

The GravityZone MTD for iOS can be activated automatically. Auto-activation and Business Concierge Device Management integration do not yet support Android devices. When the MTD is pushed down to the device, the iOS mobile application takes advantage of the application configuration. This gives the optimum user experience, as it allows the user to launch iOS GravityZone MTD without entering any passwords. The application configuration pre-loads the necessary information into iOS app. This configuration takes place in the Business Concierge Device Management console. A configuration option is available during the add managed application stage. Make sure you turn this option on.

Set up user and device synchronization in Mobile Security console

Before you can add the Business Concierge Device Management MDM in the Mobile Security console, you must have these values from the Business Concierge Device Management system:

  • API URL

  • Access Key

  • Secret Key (Password)

Perform these steps:

  1. In the upper right, click Information about Contract.

  2. Select the Integration tab.

  3. Note the data values in the section Access key information for the URL and the access key.

  4. Click the Secret Key button and download the secret key provided in a CSV file.

Set Up User and Device Synchronization in the Mobile Security console

To set up the MDM integration in Mobile Security console:

  1. Log in to Mobile Security console.

  2. Go to the Manage page.

  3. Select Integrations.

  4. Click on Add MDM and select the MDM integration you want to use.

    Mobile_security_dashboard_add_MDM_step_1.png

  5. Enter information pertinent to the UEM integration list in the table, and click Next.

    Item

    Description

    URL

    This is the URL of the Business Concierge Device Management API server. Note: It is possible that this URL is not valid in a browser and can return a 404 error.

    Access Key

    This is the access key provided by the Business Concierge Device Management console.

    Secret Key

    This is the secret key provided by the Business Concierge Device Management console.

    MDM name

    The name used in Mobile Security Console to reference this MDM integration. This name is prepended to the group name to form the Mobile Security Console group name.

    Background Sync

    Check this box to ensure users/devices are synchronized.

    Mask Imported Users Information

    Check this box to mask personally identifiable information about the user when displayed, such as name or email address.

    DM Code

    This is the DM code value that is provided with your Business Concierge Device Management account.

    Send Device Activation email via Mobile Security Console for iOS Devices

    Check this box to send an email to the user for every iOS device synced with the MDM.

    Send Device Activation email via Mobile Security Console for Android Devices

    Leave this checkbox unchecked.

    mobile-security-mdm-business-concierge.png

  6. Click Next and choose the User Group(s) to synchronize. The available groups show up in the Available Device Groups list and can be moved to the Selected Mobile Security Console Groups list by clicking on the plus sign (‘+’). This can be reversed by clicking on the minus sign (‘-’).

  7. Click Next.

  8. Specify the MDM alerts if you want to be notified when there are MDM sync errors. If you want more than one email address, separate them by a comma.

  9. Click Finish to save the configuration and start the first synchronization by clicking Sync Now.

In this section: