Skycure's Selective Resources Protection (SRP) can be leveraged as an advanced layer of automatic protection against network threats. The approach we took here is different and innovative: as an additional layer of protection, as long as Skycure's VPN cannot be used to automatically allow the end-user to keep using the device as usual - Skycure blocks access to specific resources when a network threat is encountered to protect sensitive corporate data.
The most common example of network threats that cannot be remediated by tunneling the traffic through Skycure's secured VPN connection is the SSL decrypting captive threat. Another reason for failing to establish a VPN tunnel could be blocking specific ports on the network.
This capability is available on every device that meets the following requirements:
The device runs iOS 9 or later
The device has the Skycure app for iOS version 2.8.0 or later installed
The device has an MDM profile installed
The Skycure (Enterprise) VPN is used for protection by the organization
Enabling selective resources protection in your Skycure environment
1. Make sure that Selective Resources Protection is configured properly in your environment
Click here to learn how to configure Selective Resources Protection in the Skycure environment.
2. Enable Secured Resources Protection as an automatic protection against network threats
In the Skycure Management Console go to Settings > Security > Protection Actions.
Scroll down to the 'Automatic Protection Against Network Threats' section.
Make sure that Selective Resources Protection is enabled for the organization. If it's not, please contact email@example.com.
Selective Resources Protection in action
When Skycure detects a network threat it will pop up a notification regarding the security incident and immediately block access to sensitive resources until the VPN tunnel is established. The 'VPN' icon will automatically turn on the screen the entire time.
As long as Skycure cannot establish its VPN tunnel, access to the selected resources defined will be blocked. Consequently, browsing to them will result in a blank, white page (or a timeout error if enough time has passed).
In the specific example of an SSL decrypting captive network threat, if we were to turn the selective resources protection off, the following pop up would have been displayed by the iOS when attempting to browse to a secured resource:
Subscribing will provide email updates when this Article is updated. Login is required.