VMware Mobile Threat Defense – Part 1

In my last blogpost I talked about VMware SASE, click here if you missed it!

With more and more people using their mobile devices to access corporate data, the device needs to be secure. And while we are used to add security on top of a MDM platform such as VMware UEM, this is not yet the case for mobile devices. Not enough anyway.

This post tells you what it is and how it looks. Do you want to implement it? Wait for Part 2!

Today’s mobile threat landscape is diverse, and mobile workstyles call for specialized protection from phishing and application, device, and rogue network originated threats. VMware Workspace ONE Mobile Threat Defense was created with comprehensive mobile protection in mind. Through integrations with the Workspace ONE platform, mobile security is easy to deploy and manage, and offers enhanced protection designed to secure your workspace and enhance Zero Trust initiatives.

With Mobile Threat Defense, it is now super easy to add a great security product to mobile devices.

So what does it do? It checks the devices beyond what a MDM tool can do. It can find Man-In-The-Middle Attacks, Zero-Days, Vulnerabilities, bad apps and much more. Connecting it to a MDM tool like Workspace ONE UEM, it’s possible to automate actions when a threat is found. Like quarantining the device or denying access to applications and networks.

From a basic setup perspective, it will only take between 10 and 15 minutes and this guide shows all the steps to do it.
The products needed:

  • VMware Workspace ONE UEM
  • Mobile Threat Defense (Lookout Console)
  • A mobile device to test.

The console is easy to understand and looks as follows:

The main dashboard shows how many devices in your fleet are secured and what kind of threats are present. On the left, the console shows the different categories. This way it’s easy to see threats from a device, issue or app perspective.

On the end user side, there are two ways to deploy.

  1. Intelligent Hub app integration.
  2. Lookout for Work app

The Intelligent Hub is the easiest as it does not require more apps to maintain for IT. And it’s easier for the end user as well, one app for both management and securing devices. While the Lookout for Work app is able to see a bit more, such as phishing emails, more and more features are implemented in the Intelligent Hub.

This is how a secure devices versus an unsecured device looks like:


Besides showing that an issue has been found, the user is also shown how to resolve the issue, like removing an application or disconnecting from a network. Relieving the strain on IT again.

While this post gave a brief overview, part 2 will show how to set it up.

© 2022 Schipperus. All rights reserved.