Add User Identity for Cisco Security Connector
The Cisco Security Connector monitors DNS traffic from an iOS device and prevents connections to malicious sites. To increase the visibility of traffic from an iOS device, you can add user identity information to an iOS device for the Security Connector. In a Mobile Device Management (MDM) or Enterprise Mobile Management (EMM) configuration file, add an email address for a user identity. The Cisco Security Connector does not have direct access to user information on an iOS device, but can read the user identity information from an MDM or EMM.
Once you deploy the mobileconfig file on the iOS device, DNS queries sent from the device include a hash of the email address. When Umbrella receives a DNS request that includes the user identity information, Umbrella applies DNS policies for the iOS device and the user identity. You can view the email address for the user identity and the iOS device in the Umbrella Activity Search report.
Table of Contents
Prerequisites
You must provision the user identity and the iOS mobile device in Umbrella, and deploy an MDM system on the mobile device.
- Full admin access to Umbrella. See Manage User Roles.
- Cisco Security Connector for iOS—version 1.6.3 or later.
- Mobile Device Management (MDM) or Enterprise Mobile Management (EMM) system deployed on the managed or supervised iOS device.
- Provision user identities to Umbrella from an identity provider (IdP). For more information about identity integrations, see Introduction.
- Deploy the Cisco Security Connector and set up a mobile configuration for the iOS device. For more information, see Quick Start.
Procedure
Add the user identity information in your MDM or EMM for the Cisco Security Connector. The Security Connector creates a hash from the value of the userPrincipalName
key and adds the hash to DNS requests sent from the mobile device.
-
In the MDM or EMM, open the mobileconfig file for a device or an organization.
-
Add a
userPrincipalName
key and set the key to an email address for the user identity that you provisioned with Umbrella. You can set an email address for a single device or configure an MDM variable that applies to an organization.EmailAddress
is an example of an MDM variable. For information about variables that are supported by your MDM, check your MDM's documentation.Note: You must add the
userPrincipalName
key and value within the same<dict> </dict>
scope that includes theorganizationId
key.<plist version="1.0"> <dict> <key></key> <array> ... <dict> ... <dict> ... <array> ... </array> ... <key>organizationId</key> <string>1234567</string> <key>userPrincipalName</key> <string>{{EmailAddress}}</string> ... </dict> </dict> </array> ... </dict> </plist>
-
Save the mobileconfig file, and then deploy the file to the iOS devices with MDM or EMM.
Test Integration of User Identity With Cisco Security Connector
Check the deployment of the user identity information on your iOS device for the Security Connector.
- View DNS policies and Umbrella Activity Search report—View the email address of the user identity and the name of the iOS device in your DNS policies and the Umbrella Activity Search report.
- Run a diagnostic tool—Run a third-party network diagnostic app for iOS to generate a DNS query similar to:
Domain:debug.umbrellagov.com
Query Type: TXT
DNS Server:18.252.251.72
A DNS response from Umbrella includes a line that begins with alt uid and contains the hashed value of the userPrincipalName
key from the mobileconfig.
Umbrella Reporting < Add User Identity for Cisco Security Connector > Troubleshooting
Updated 3 months ago