Deploying iOS and iPadOS Forcepoint ONE Mobile using Microsoft Intune

Microsoft Intune is a cloud-based endpoint management solution. It manages user access to organizational resources and simplifies app and device management across many devices, including mobile devices, desktop computers, and virtual endpoints. You can deploy the Forcepoint ONE Mobile solution using Microsoft Intune.

Applications are uploaded and configured in the Microsoft Intune admin center.
Note: Before you try the steps below, ensure you are connected to the internet.

Steps

  1. Log in to the Microsoft Intune admin center.
  2. Navigate to Apps > iOS/iPadOS > +Add.
  3. From the App type drop-down box, select iOS store app.

    Click Select.

  4. On the Add App page, click Search the App Store and search with the Agent download links for iOS and iPadOS in the Forcepoint ONE SSE portal to find the Forcepoint ONE Mobile solution. Then select it.

    For more details, see the Agent Download Links section from Configuring Forcepoint ONE Mobile.

  5. On the App Information tab, you must populate the app metadata fields such as the name, description, publisher, applicable device type, and minimum operating system. You are only required to fill out the mandatory fields.
    Following is an example of information that you can enter in the mandatory fields:

    Click Next.

  6. On the Assignment tab, under the Required section, choose groups that will have the solution force installed. This can be a user group, device group, all users, or all devices. Then click Next.
  7. On the Review + create tab, you can confirm the settings you entered. Hitting Create will then upload the solution.
  8. To configure the trusted certificate, navigate to Devices > Configuration > +Create > New Policy.
  9. Enter the following properties:
    • Platform: Select iOS/iPadOS.
    • Profile type: Select Templates.
    • Template name: Select Trusted certificate.

    Then click Create.

  10. On the Basics tab, enter the following properties:
    • Name: Enter a descriptive name for the profile. Name your profiles so you can easily identify them later.
    • Description: Enter a description for the profile. This setting is optional.

    Then click Next.

  11. On the Configuration settings tab, select the folder icon, browse the certificate (.cer file) you exported from your Forcepoint ONE SSE portal under Forward proxy > Settings > Download Forcepoint CA Certificate, and click Upload.

    Then click Next.

  12. On the Assignments tab, under the Included groups section, choose groups that will have the solution force installed. This can be a user group, device group, all users, or all devices. Then click Next.
  13. On the Review + create tab, you can confirm the settings you have entered. When you select Create, your changes are saved, and the profile is assigned. The policy is also shown in the profiles list.
  14. To configure the custom VPN profile, navigate to Devices > Configuration > +Create > New Policy.
  15. Enter the following properties and select Create:
    • Platform: Select iOS/iPadOS.
    • Profile type: Select Templates.
    • Template name: Select Custom.

  16. On the Basics tab, enter the following properties:
    • Name: Enter a descriptive name for the custom profile. Name your profiles so you can easily identify them later.
    • Description: Enter a description for the profile. This setting is optional.

  17. On the Configuration settings tab, configure the following settings:
    • Custom configuration profile name: Enter a descriptive name for the custom configuration profile.
    • Configuration profile file: Select the folder icon, browse the Mobile Config JSON file that you received from Forcepoint, and click Upload.

    Click Next.

  18. On the Assignments tab, under the Included groups section, choose groups that will have the solution force installed. This can be a user group, device group, all users, or all devices. Then click Next.
  19. On the Review + create tab, you can confirm the settings you have entered. When you select Create, your changes are saved, and the profile is assigned. The policy is also shown in the profiles list.
  20. Upon completing all steps, Microsoft Intune will deploy the solution.