What's New
This section highlights the new features, enhancements, and improvements introduced in the current release.
This is the initial release of the Forcepoint Mobile Endpoint Agent for iOS and iPadOS. This release delivers foundational capabilities that enable administrators to securely manage and protect mobile devices using Forcepoint cloud‑based security controls.
The following are the key updates included in this release:
Mobile Endpoint Agent for iOS and iPadOS
- Introduces secure mobile web traffic inspection through the Forcepoint Data Security Cloud.
- Extends the same security policies used for desktops and laptops to mobile devices.
Microsoft Intune based Deployment
- Supports deployment and management using Microsoft Intune as the Mobile Device Management (MDM) solution.
- Enables automated installation of the application, VPN profile, and required certificates.
Certificate‑Based Authentication
- Supports certificate issuance using SCEPman Enterprise Edition integrated with Intune.
- Enables secure device identity validation and encrypted communication without manual user setup.
Certificate-Free Authentication
- Supports MDM-supplied User Principal Name (UPN) delivery without requiring SCEP infrastructure.
- Simplifies deployment for organizations without existing Public Key Infrastructure (PKI).
Centralized Policy Enforcement
- Mobile traffic is governed by existing Secure Gateway policies, including URL filtering, SSL inspection, and data protection rules.
- Policies are applied automatically based on user group assignments.
Endpoint Profiles and Configuration
- Introduces configurable profiles to manage mobile endpoint behavior and security settings.
- Allows administrators to define settings such as VPN behavior, bypass rules, and inspection controls.
Agent Uninstallation
- Supports secure removal of the Mobile Endpoint Agent from managed devices.
- Provides both manual uninstallation (device-level) and remote uninstallation through Microsoft Intune.
- Ensures complete cleanup of application data and VPN profiles.
Application Bypass and SSL/TLS Protection
- Forcepoint managed agent bypass list allows administrators to exclude specific applications from VPN inspection.
- Certificate-pinned applications and SSL/TLS bypass domains can be configured to accommodate applications with strict certificate validation requirements.
- Provides granular control over which applications and domains are inspected versus bypassed.
Logging and Visibility
- Provides detailed visibility into mobile web traffic through transaction viewer, reports, and web logs.
- Tracks Secure Gateway administrative actions and policy configuration changes through admin logs.