Apply a DNS Policy to Your Mobile Device

Once your device is imported from the MDM dashboard, it appears as an identity in your Umbrella dashboard at Deployments > Core Identities > Mobile Devices. A mobile device identity enables Umbrella to secure and protect a mobile device in your organization. Use your MDM to change the properties of a provisioned mobile device.


You can apply Umbrella DNS policies to a mobile device identity. In a DNS policy, configure the security for the mobile device.

  • Set the level of protection
  • Configure Umbrella logging and reports for traffic sent from the mobile device
  • Block the device from accessing certain domains and IPs
  • Enable the Umbrella Intelligent Proxy to set additional levels of security



When your device is imported into Umbrella, Umbrella automatically applies the DNS Default policy to it. You can change which DNS policies are applied to your identity at any time. For more information about DNS policies, see Manage DNS Policies.

  1. Navigate to Policies > Management > DNS Policies.
  1. Expand and edit the DNS Default Policy, or click Add and configure a new DNS policy. For more information, see Add a DNS Policy.

Policy > Security Settings

Before adding a DNS policy or gaining visibility in reports, you’ve activated Umbrella on your iOS devices by registering Umbrella with your MDM. All identities are automatically synced from the MDM and are applied to the default DNS policy. For more information about DNS policies, see Manage DNS Policies.

With the CSC, DNS policies are enforced at the DNS-layer with selective inspection, when necessary, using our intelligent proxy to maintain your mobile workforce’s privacy. For more information about the intelligent proxy, see Enable the Intelligent Proxy.

Note: You may select different mobile device identities per policy for more granular control.

Policy > Passive Reporting Mode

This is not a setting you configure, but a way of ensuring the solution works before putting Umbrella in "block mode" to enforce security. If you are evaluating the solution and do not wish to block any security or content sites just yet, assign a unique policy for the Mobile Devices identities.


Register an iOS Device Through a Generic MDM System < Apply a DNS Policy to Your Mobile Device > Umbrella Reporting