Professional Documents
Culture Documents
Platform Guide
Release 4.19.x
August 2021
COPYRIGHT
Copyright © 2021 McAfee, LLC
TRADEMARK ATTRIBUTIONS
McAfee and the McAfee logo, McAfee Active Protection, ePolicy Orchestrator, McAfee ePO, McAfee EMM, Foundstone, McAfee LiveSafe,
McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, True Key, TrustedSource, VirusScan
are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be
claimed as the property of others.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH
SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF
LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS
THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A
FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO
NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE
PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.
Related Documentation
McAfee support documentation is found on the Customer Support Portal at the website:
https://docs.mcafee.com
Audience
The intended audience for this guide is a MVISION Mobile administrator or end user. The MVISION
Mobile application provides threat protection to mobile devices. The system administrator for MVISION
Mobile console sets policies for threats, and monitors and manages the detected threats. See the
“McAfee MVISION Mobile Console Configuration Guide” for more information.
New Features
Refer to the “McAfee MVISION Mobile Android Release Notes” document for the list of new features in
this release.
System Requirements
● Android version 5.0 or later is required.
● The local on-demand VPN functionality requires Android 6 and higher.
● For full Knox device action support, Android version 7 and Knox version 2.7 or later are required.
While a user can interact with MVISION Mobile to see current device security status, health and
previous events, there is no requirement for any interaction.
Remediation can be performed by the MVISION Mobile Android application, and through MDM
integration with one of the McAfee supported MDM vendors. The type of remediation that can be
performed is determined by the MDM integration configured and can range from a simple user
notification to a wipe of all company data from the device.
You can download additional documentation from the Customer Support Portal that details the
configuration and use of the MVISION Mobile console, and specific MDM integrations.
In addition, the malware engine scans for suspicious applications installed on the device, and scans
applications prior to being installed on the device to offer continuous protection. Malware scanning is
on the device so that malware can be detected, and action can be taken to remove a suspicious
MVISION Mobile Android Platform Guide, Release 4.19.x, August 2021
5
application even if the device has no network connectivity. If an internet connection is available,
MVISION Mobile performs additional malware scanning analysis against McAfee's proprietary database.
This database is built using data from McAfee’s Labs research team as well as other sources.
The behavioral detection engine runs on the device, within the MVISION Mobile application, to detect
threats without any need for Internet connectivity or special privileges. This unique approach protects
the end-user’s privacy and prevents excessive battery drain that occurs when data is sent to the cloud.
All decisions are made on the device.
The Android version of MVISION Mobile contacts the server every eight hours or when an event occurs
to upload certain device information and to see if there are any updates to policies that need to be
incorporated. The information passed up to MVISION Mobile console is configured with the privacy
template on the MVISION Mobile console.
● MVISION Mobile console sends a notification that a new threat policy is available. Then,
MVISION Mobile pulls the updated policy information.
● MVISION Mobile polls MVISION Mobile console to see if there is an updated threat policy
available to download. The time interval for this polling is currently configured by McAfee.
● Manual mode: On the App Safety page, click the Run Manual Scan button to manually check for
suspicious applications at any time. If malware is found, an event is sent to the MVISION Mobile
console, and an alert displays with an option to uninstall the application.
● Automatic mode (1): When the user downloads an application from the browser, email, or any
other client (which saves the file on the SDCARD) MVISION Mobile scans it. MVISION Mobile
then alerts the user if the application is suspicious before the application is installed and offers a
button to delete the suspicious application from the device.
● Automatic mode (2): When a new application is installed MVISION Mobile scans it. If it is
suspicious, an event is sent to the MVISION Mobile console, and an alert displays with an option
to uninstall the application.
● The first mode is with an MDM (Enterprise MVISION Mobile). If a customer has an MDM
solution, it is strongly suggested that it be used to distribute the application. These steps are
described in separate MDM Integration Guides specific to the supported MDM, located in the
Customer Support Portal.
● The second mode is without an MDM. Without an MDM implementation, the user can be
instructed to download the MVISION Mobile application from the Google Play Store and install
it.
When adding the MDM in MVISION Mobile console, the administrator can check a box for Android
devices that sends a user an email for each new device. The email contains a MVISION Mobile activation
link for each new device that is synchronized from the MDM. See the “McAfee MVISION Mobile console
Configuration Guide” for more information.
MDM Integration
An enterprise device is defined as a device managed by an enterprise’s MDM. If MDM integration is
enabled and MVISION Mobile has been pushed to an Android Enterprise device from the MDM, then the
device can sometimes be transparently activated without the user having to manually activate it. If the
Android device is not an Android Enterprise device for instance, then it must be activated by the user
with an activation link.
In both cases, a device identifier is used to match up with the synchronized device identifier from the
MDM. Once a match has been found, then that device is associated with MVISION Mobile in the correct
MVISION Mobile console environment.
Note: Variables in activation links need to be substituted with the actual device
identifiers, either manually, or through message templates where the variable
can be substituted by an MDM or the MVISION Mobile console. Also, integration
with Microsoft Endpoint Manager (formerly Intune) requires the user to
authenticate with their Azure AD credentials. See the “McAfee MVISION Mobile
console Configuration Guide” for more information.
For more information about the activation topic, see the MVISION Mobile activation topic in the
“McAfee MVISION Mobile console Configuration Guide.”
For more information about the activation topic, see the MDM activation topic in the “McAfee MVISION
Mobile Console Configuration Guide.”
Activation
There are numerous different methods of MVISION Mobile activation. If MDM integration is enabled,
then the device activation is transparent. In some MDM integrations, click an MDM activation link.
Before activation, the device displays the End User License Agreement (EULA) and requests the user to
accept it. After the agreement is accepted, the activation request page displays. The user can activate
MVISION Mobile in one of the following ways:
The administrator provides the information for activation. Once activated, the device is then matched
up with the correct environment for the activation link. For more information on activation links, see the
MVISION Mobile activation topic in the “McAfee MVISION Mobile Console Configuration Guide.”
For some customers, the activation option exists to enter their domain name, such as “example.com” on
the startup of MVISION Mobile. Domain-based activations can be used by customers that have an
integration with a supported identity provider. If the domain name is known by the MVISION Mobile
application, then activation proceeds using the single sign-on activation flow. Upon successful
installation and activation, the dashboard is displayed.
For devices where the administrator wants to use a different activation link on an already activated
device, the user must confirm to use the new activation link. The figure shows the confirmation given.
The following sections cover the different types of permissions that are requested. For more
information on data privacy, refer to “McAfee Data Privacy Guide.”
The MVISION Mobile screen that describes this permission and then requests access to device storage.
Click the Allow Access to Manage All Files slider to protect your devices against malware on the device
storage.
Location Permission
To access Wi-Fi details, MVISION Mobile needs location permissions. MVISION Mobile requires these
Wi-Fi details to protect the device and data from sophisticated network attacks.
The location permission is required to get the SSID and BSSID of the current Wi-Fi connection. The
location is not stored in the MVISION Mobile app. Also, if location is turned off in the Privacy Policy,
location information:
This permission is requested for Network Sinkhole device action selections, or a Phishing Policy being
enabled.
Perform the following steps if prompted for the VPN connection if Network Sinkhole is enabled and
phishing is not enabled:
1. MVISION Mobile sends notifications to alert the user, when the administrator configures the
application for this protection. Tap Continue to give permission.
2. Tap Continue again to indicate a local VPN can be requested.
3. Tap OK to the device’s connection request to allow MVISION Mobile to set up the VPN
protection.
Note: The confirmation screen above is the standard Android message that
mentions monitoring of traffic occurs, but no monitoring of network traffic is
performed.
Note: The confirmation screen above is the standard Android message that mentions
monitoring of traffic occurs, but no monitoring of network traffic is performed.
For more information on phishing functionality, see the “Phishing Policy” section.
Background Permission
To allow adding the MVISION Mobile app to the Android battery optimization exemption list, select
Allow to ensure devices are protected while the app is running in the background. This permission
prompt is controlled by the administrator’s settings on MVISION Mobile console. See the “McAfee
MVISION Mobile console Configuration Guide” for more information.
● Advanced Detections: MVISION Mobile leverages the KPE for MTD API framework to facilitate
lower-level detections than what is accomplished on other platforms. For example, MVISION
Mobile for Samsung Knox can identify additional system anomalies, elevation of privilege
attempts, and suspicious network connections made by apps or processes.
● Enhanced Group-based Remediations: MVISION Mobile for Samsung Knox combines MVISION
Mobile’ granular, group-based policy advantages with KPE for MTD’s enhanced remediations.
For example, MVISION Mobile for Samsung Knox applies customized data leakage prevention
(DLP) actions to prevent unauthorized data exfiltration (for example, restricting Bluetooth
sharing, preventing SD card transfers, limiting access to the clipboard, disabling screen capture).
● Unparalleled Forensic Detail: For all threats detected, including the advanced threats, Samsung
Knox MTD leverages the KPE for MTD API to provide the highest granular and detailed threat
forensics available today.
Note: Samsung Knox for MTD capabilities requires purchase of Samsung Knox
MTD licenses from McAfee. In addition, Samsung Knox MTD support requires
Knox version 3.3 and later, and KNOX API level 29 and greater, on the device.
● Device
● Network
● Applications
The status ‘No Threats Detected’ is displayed if there are no risks or critical threats detected on the
device as defined by the Threat Policy. The green check mark for each of the categories indicates no
risks or critical threats have been detected.
Once a risk or critical threat is detected, the dashboard title bar turns orange or red and changes to a
‘Risk Detected’ or ‘Threat Detected!’ display. The icons indicate the following:
The dashboard displayed in the figure shows a critical threat detected in the ‘Device Safety’ category
and the detection of a risk under the ‘Apps Safety’ category. The risks or threats can be viewed by
tapping on the status bar. This takes the user to a listing of the active issues detected.
The three categories displayed in the dashboard represent the three possible vectors for threats
entering the device: Device, Network and Apps. Each category can be tapped and provides additional
details about that category.
Tapping on the menu option list (three horizontal lines) in the upper corner of the dashboard takes the
user to a page with the following options:
● Full Threat Log
● Tutorial for Phishing
● About MVISION Mobile
Information about the current version of MVISION Mobile can be viewed by tapping on About MVISION
Mobile.
● Rooted
● Elevation of Privilege
● System Tampering
Once a risk or critical threat is detected as defined by the Threat Policy, the status in the dashboard
changes to reflect the status of the device.
Tapping this category takes you to the Device Safety page displayed in the figure. The total number of
issues are displayed at the top. If there are any risks or threats, the title bar color changes. Orange
indicates a risk, and red indicates a critical threat. The Device Safety page displays an overview of the
device with topics such as vulnerable MVISION Mobile version, compromised and rooted.
If any of the detections display ‘Yes’, then a recommendation can be accessed by tapping the down
arrow to get more information on the item. Tap the up arrow to retract the recommendation.
This table defines the description of the items in the Device Safety page.
Device Rooting The device has been rooted and therefore cannot be trusted.
The device is vulnerable to the BlueBorne attack, which is executed via the
BlueBorne Vulnerable
Bluetooth stack.
Google Play Protect The device had Google’s malware protection for Android enabled.
3rd Party App Store Applications can be installed from anywhere on the Internet.
The device has MVISION Mobile enabled and it is detecting risks and
Device Protection
threats.
Network Safety
From the dashboard, the Network Safety category displays the current state of the network or Wi-Fi
connection. Critical threats that show up in this category include:
● ARP MITM
● ICMP MITM
● Fake SSL Certificate
● SSL Strip
● Rogue Access Point
The banner at the top indicates similarly to the dashboard, whether the device is clear of threats, a risk
is detected, or if a critical threat is detected as defined by the Threat Policy.
Tapping on this category takes the user to the Network Safety page and shows the connected Wi-Fi. An
overview of the device network configuration including the device’s IP address, and the currently
connected SSID and BSSID are displayed. The ‘Network Protection’ section shows that MVISION Mobile
is protecting the device.
If there are any events, the title bar color changes, and the text changes to indicate if a risk or critical
threat is detected.
Apps Safety
From the dashboard, the ‘Apps Safety’ category displays the status of the device for the applications
installed. Tapping on this category takes the user to the Apps Safety screen. If there are any critical
threats or risks, the title bar shows the status.
On the Apps Safety screen, it displays the last known signature date and time along with the status
indicated by a green, orange, or red banner with text indicating if no threats are detected, if risks are
detected, or if threats are detected. It also shows the date and time of the last scan. The type of threats
that show up in this category include the following:
● Suspicious Apps: Suspicious apps are apps that are installed and are high risk. The have the
potential to compromise the device.
● Out of Compliance (OOC) Apps: Out of compliance apps are apps that have characteristics that
do not comply with the administrator’s privacy and security policies.
● Sideloaded Apps: Sideloaded apps are apps that were installed outside of the Google Play Store.
Apps installed outside of Google Play have not been officially validated and are considered risky.
The critical threats are defined by the Threat Policy. Any detected suspicious, OOC or sideloaded apps
are listed by their name and the user is given the recommendation.
MVISION Mobile Android Platform Guide, Release 4.19.x, August 2021
16
Application Scanning
Android MVISION Mobile automatically scans the device for suspicious and sideloaded apps when it is
first installed. Apps are also scanned when downloaded and installed. The user can initiate a manual
scan from the ‘Apps Safety’ screen with the Run Manual Scan button at the bottom of the display.
If a suspicious, OOC or sideloaded app is found, the screen provides the user with information on the
application and a recommendation of how to proceed.
Package Installer
Once MVISION Mobile is installed and operational, any request to install an application is handled by the
MVISION Mobile Package Installer feature. There are no settings or configurations needed to enable
this. MVISION Mobile registers itself as a Package Installer on the Android device. When an application is
installed, Android asks the user to choose which Package Installer to use. The user should choose
MVISION Mobile and Always. MVISION Mobile then verifies the application is not suspicious and installs
it on the device. If it is found to be suspicious, the screen alerts the user to delete the file.
● TalkBack Feature
● Change Font Size
TalkBack Feature
The TalkBack feature provides an audible description of what is shown on the device’s screen which
allows visually impaired users to use their device more efficiently and with greater ease. The TalkBack
features utilizes audible feedback, vibration, and other techniques to let the user know what they are
touching on the screen, what else is on the screen, and what actions they can take.
The TalkBack feature is automatically installed on the device as part of the Google Android application
suite. It is frequently updated to add new functionality and improvements through Google Play.
For visually impaired users, they can slide their fingers across the screen of the device, and any element
- including text - is audibly read back. For text, the screen reader service actually reads the text in an
audible voice - and it even identifies characters which are emoticons that are included in the text.
There are several gestures which are used with the TalkBack feature, and various gestures are used to
turn TalkBack on. To find out about the other helpful tools and how to efficiently use this feature the
Android support website at androidcentral.com is a great source for more information on this helpful
tool for visually impaired users.
The fonts are easily changed in the Settings and the Accessibility area. The slider can be dragged across
the screen to select a larger font size while in the Accessibility menu for either the Font size or the
Display size. If the font size makes the text too large that it becomes difficult for the user to work with
the functions, the size can just as easily be adjusted to a smaller font to tap the buttons or use the apps
more conveniently.
The Android Accessibility guide provides additional instructions including gestures and different
techniques of changing the Font Size to make the device easier to use for the visually impaired user and
is found in the Google support website at support.google.com.
Activity Monitor
The Activity Monitor page displays statistics regarding security tests performed on the device and
threats detected by MVISION Mobile over seven days or 30 days.
Any threats detected in the chosen timeframe are displayed numerically. The user can tap on the red
right arrow icon to display the log page for the chosen threat vector and view the issues in more detail.
The active threats display at the top of the threat list. Mitigated threats are displayed after all active
threats, in reverse chronological order.
The right arrow symbol (‘>’) has a different meaning depending on the color of the background and is
described in the table.
Color Description
Danger Zone provides information to the user if nearby available networks should be avoided (high-risk
networks). Before the user decides which network to connect to, the user can open the MVISION Mobile
app and tap on Danger Zone. The user is presented with a map showing the markers of high risk (red
icons) networks nearby.
If MVISION Mobile is not checked before connecting to a network and it connects to a high-risk network,
an alert is sent warning that the user is connecting to a high-risk network with recommendations of
what are the next actions, for instance to disconnect from the high-risk access point.
The screenshots below show the map initially displayed, based on the current device’s location. The red
icons with numbers on them represent the number of threats detected on high-risk access points. The
user can zoom using two-finger actions on the screen to zoom in and out. Tapping on an icon provides
additional detail about the location chosen and eventually to the SSID for nearby or unsecured Wi-Fi
networks.
An optional configuration alerts the user when the user is not connected to a Wi-Fi network and near a
known high-risk network. Nearby networks are only evaluated while Wi-Fi is enabled and not connected.
MVISION Mobile scans nearby networks and alerts on any that are known to be high-risk.
If MVISION Mobile discovers a nearby network that is a known high-risk network, the user is then
alerted and provided a list of known nearby networks. MVISION Mobile continues to check for risky
networks after the device has moved greater than 500 meters and after 10 minutes.
● The Danger Zone feature on the MVISION Mobile console Manage page.
The MVISION Mobile console administrator can customize which alerts are sent for Danger Zone
functionality. The alert text displays are configured with settings in the MVISION Mobile console Policy
page, just as other threats are managed. In addition, on their device, the user can indicate that a
particular network should be trusted and then they are not prompted again. For more information on
these settings, refer to the “McAfee MVISION Mobile Console Configuration Guide.”
● Critical
● Elevated
● Low
● Normal
● Dashboard: This is the initial screen on the MVISION Mobile app and shows the different topic
areas of Device, Network, and Apps (if configured), with each having three possible states of no
threats detected (green), risk detected (orange) and threat detected(red). See the “About the
Dashboard” section in this guide for more information.
● Threat Log: This shows a log of all the threats or events encountered, other than threats with
the severity of ‘Normal’. For threats classified as ’Low’ severity, the user does not receive
notification other than an entry in the threat log. See ‘Full Threat Log’ section in this guide for
more information.
● Badge Notifications: This badge is in the corner of the app icon display.
● User Alerts: This is a pop-up display message that can be enabled by the administrator per
threat.
The dashboard shows ‘Elevated’ severity threats as risks detected, and ‘Critical’ severity threats as
threats detected. The dashboard displays the total number of active issues (risks and threats). The app’s
badge notification also indicates either that MVISION Mobile is running in the background or there are
active issues reported.
The administrator enables or disables user alerts for each threat on the threat policy. Setting a user alert
causes a message to display for the device user to be warned.
Phishing Policy
The phishing policy allows an administrator to warn and protect users from accessing harmful websites
and links. An administrator can set up these functionalities on a device with MVISION Mobile:
● Enable URL Sharing: This feature allows the user to optionally use the device sharing feature
when a web link (URL) is encountered. The user can perform a long press on a link to share it
MVISION Mobile Android Platform Guide, Release 4.19.x, August 2021
20
with MVISION Mobile which then analyzes the URL for a phishing risk and responds back if the
link is good or risky.
● Enable a local Virtual Private Network (VPN): This feature allows MVISION Mobile to check the
safety of web links.
● Site Insight Phishing Protection: This feature allows the user the choice to enable or disable the
Site Insight phishing protection and use of the local VPN on their own device.
● Enable local VPN: This feature allows the user to select between the following options when
phishing links are detected if a local VPN is enabled:
○ Warn the user
○ Block the web links
● Enable Remote Server: This feature allows the user to enable a remote server check of the URL
in addition to the on-device check.
Perform these steps to enable the phishing protection on the Android devices:
1. When this phishing protection opens, click the Continue button and the next screen opens.
MVISION Mobile has a tutorial on how to use the URL Sharing feature when the menu option list is
selected. See the “About the Dashboard” section for more information on the tutorial.
Note: When you use a corporate VPN, the MVISION Mobile VPN, used for phishing
protection, turns off since a device cannot have two VPNs running simultaneously. If the
MVISION Mobile VPN is disabled by starting a corporate VPN, the MVISION Mobile VPN
restarts following the corporate VPN turning off.
On the Site Insight menu option, the device shows the protection for insecure (HTTP) connections
because MVISION Mobile opened a secure VPN for transmitting data. You can also check a link for
phishing risk by:
● Using copy and paste.
● Typing a link.
● Scanning a QR code. For this option, the user must give permission to use the camera.
When the user accesses a communications channel that is not secure, a VPN opens to ensure that data
is sent over a secure channel.
1. A notification is shown on the Android device to inform the user that MVISION Mobile is going
to create a local VPN on the device to protect the network data. The first screen that displays
tells the user to allow MVISION Mobile to be activated. Tap on Continue.
2. The next step is to allow MVISION Mobile to add the VPN to the device. Click OK.
3. The VPN configuration is now set up on the device. When the device encounters an attempt to
access an unsecured Wi-Fi network, a notice is given to the user.
4. MVISION Mobile automatically connects the device to a secured VPN to tunnel the insecure
(HTTP) traffic over the unsecured Wi-Fi connection.
Along with the threat list, the Full Threat Log page also displays a description of the threat, the date it
occurred, and a recommendation of possible actions to take. The user can scroll through the log by
pulling the screen up.
Once a threat is mitigated it moves to the bottom of the list and is displayed with a grey color and can
be cleared by swiping left. Another option is using the trash can icon to remove all the resolved threats.
Advanced Details
Invoking Advanced Details
The Advanced Details page is available from the About MVISION Mobile button. The user navigates to
this page from any page in MVISION Mobile by tapping on the menu option list and then by pressing the
About MVISION Mobile option for one to two seconds. This screen provides help in debugging
information for the application.
● Disconnect Wi-Fi: When this item is selected in the Threat Policy, MVISION Mobile disables the
Wi-Fi network interface in response to the selected threat(s). The user can enable the Wi-Fi
network interface when they are in a safe location.
Note: Because of an Android update, the device action Disconnect Wi-Fi requires
MVISION Mobile Release 4.14 or earlier.
● Network Sinkhole: If a threat is detected with the ‘Network Sinkhole’ action, MVISION Mobile
either allows or blocks network CIDRs as defined by the MVISION Mobile console administrator.
During this time, the VPN indicator is shown in the status line of the Android device.
● Disable Bluetooth: When this item is selected in the Threat Policy, MVISION Mobile disables the
Bluetooth interface in response to the selected threat(s). The user can enable the Bluetooth
interface when they are in a safe location.
MVISION Mobile Android Platform Guide, Release 4.19.x, August 2021
23
Samsung Knox Device Actions
The Standard Samsung Knox Device Actions include the following:
● Disable App
● Uninstall App
● Block App
● Isolate App from Network
● Data Loss Prevention: The settings for the Data Loss Prevention device action are configured on
the Samsung Knox MTD Policy tab on the Policies page.
Note: The Samsung Knox for MTD Data Loss Prevention actions require
purchase of Samsung Knox MTD licenses from McAfee. In addition, Samsung
Knox MTD support requires Knox version 3.3 and later, and KNOX API level 29
and greater, on the device.
Supported Configurations
When implementing MVISION Mobile on a device with Android Enterprise, there are the following
supported configurations:
Regardless of which deployment option is used, MVISION Mobile detects device and network threats.
The detection and evaluation of applications is done by MVISION Mobile on apps that are installed in
the same container as MVISION Mobile (work, personal, or both depending on the deployment model).
The work profile MVISION Mobile application can be configured to install on the device. The personal
profile application must be manually installed by the user. In the configuration with MVISION Mobile in
both profiles, the auto-activation functionality works the same as when a single MVISION Mobile
application is installed.
If a link is determined to be malicious, a threat is logged in the MVISION Mobile console and a
notification is displayed to the user. When the feature is first activated at the device, the user is
presented with an option to use MVISION Mobile or a browser to go to the link.
The user can select Just Once or Always for MVISION Mobile validation. If a URL is determined to be
malicious, the user is alerted. The figure gives an example of an alert.
This feature can be enabled from the Policy page of the MVISION Mobile console and is further detailed
in the “McAfee MVISION Mobile console Configuration Guide.” For more information on this topic, see
the “Phishing Policy” section.
https://sites.google.com/a/chromium.org/dev/chromium-os/chrome-os-systems-supporting-android-
apps
MVISION Mobile running on Chromebook supports detections across apps, devices, networks, and
phishing vectors. See the Threat Reference Guide for the list of specific threats that are supported on
Chromebook.
MVISION Mobile running on Chromebook supports the following local device actions in response to
detected threats:
MVISION Mobile running on Chromebook supports the following for local VPN phishing protection:
See the Threat Reference Guide for the list of specific threats that are reported on the apps, devices,
networks, and phishing vectors.