Skip Navigation

Prerequisites: Verifying that
iOS
devices are managed by
UEM

The
iOS
devices must be activated using one of the following activation types
*
:
  • MDM Controls
  • User Privacy
  • User Privacy - User enrollment
If your users are activated with the User privacy activation type, complete one of the following tasks:
Task
Steps
Use
Cylance Endpoint Security
to manage the per-app VPN
  1. In the user privacy activation type, clear the
    Allow VPN Management
    checkbox and select the
    Allow app management
    checkbox.
  2. In the
    Cylance Endpoint Security
    console, configure the Gateway Service options.
Use
UEM
to manage the per-app VPN
  1. In the user privacy activation profile, select the
    Allow VPN Management
    and
    Allow app management
    checkboxes.
  2. Create a custom VPN profile. In the
    VPN bundle ID
    field, enter the
    CylancePROTECT Mobile
    bundle id,
    com.blackberry.protect
    .
  3. In the
    Cylance Endpoint Security
    console, configure the Gateway Service options.
*
If you want to deactivate a device from the UEM instance, use the "Delete only work data" command to delete work data (for example, the IT policy, profiles, apps, and certificates) that is on the device. If you select the "Remove device" command, the device is removed from your UEM instance, but data and profiles are not removed and the device may continue to receive email and other work data. BlackBerry recommends that you use the "Remove device" command only if a device is irretrievably lost or damaged and is not expected to contact the server again. For more information on commands that you can send to devices, see Commands for iOS devices in the
BlackBerry UEM
content.