Deploy Intercept X for Mobile through VMware Workspace ONE

Disclaimer: This information is posted as-is and the content should be referenced at your own risk.

 

Intercept X for Mobile can be deployed through 3rd party device management products. This article provides an overview of the steps involved in deploying Sophos Intercept X through VMware Workspace ONE.

The key steps involved are:

1. Generate a connection code in Sophos Central
2. In Workspace ONE, use app configuration settings to deploy the Intercept X app to Android and iOS devices
3. Complete the installation on end user devices

 Prerequisites:

• This guide assumes VMWare Workspace ONE UEM is used to manage Android and iOS devices
• Android devices must be managed with Android Enterprise (Fully Managed or Work Profile)
• iOS devices must be managed, and it is recommended that they are in supervised mode

 

Generate a connection code in Sophos Central

• Log in to Sophos Central and navigate to the Mobile section

• Click on Sophos setup and select the ‘Third-party EMM’ tab. Click ‘Generate connection code’. A code is generated, and we will use this later in the Workspace ONE console.

 

  

Deploy Intercept X for Mobile through Workspace ONE

• Log in to the Workspace ONE UEM console

 

Android app

• First we will deploy the Intercept X Android app. Navigate to the section Apps & Books> Native> Public and click ‘Add Application’

 

• Select the platform as Android and enter the name as Intercept X

 

• Select Intercept X from the Play Store and approve the app

 

• Configure any desired settings (e.g. the app category) and click ‘Save & Assign’

• In the ‘Distribution’ tab, use ‘Assignment Groups’ to select devices that should have the Intercept X app installed. Select ‘Auto’ for the 'App Delivery Method' and the Intercept X app will automatically be installed on the selected devices.

 

• In the ‘Application Configuration’ section, enable ‘Send Configuration’ and add the configuration values.
  • The ‘Connection code’ is the code we generated earlier in the Sophos Mobile console
  • The other configuration values are detailed in our Help Documentation

 

• Click ‘Create’ – the Intercept X app is shown in the apps list and will be deployed to the devices that were selected in 'Assignment Groups'

 

 

iOS app

• Now we add the Intercept X iOS app. Navigate to the section Apps & Books> Native> Public and click ‘Add Application’

 

• Select the platform as Apple iOS and name as Intercept X

• Select Intercept X from the Apple Store 

• Configure any desired settings (e.g. the app category) and click ‘Save & Assign’

• In the ‘Distribution’ tab, use ‘Assignment Groups’ to select devices that should have the Intercept X app installed – select ‘Auto’ for the 'App Delivery Method' and the Intercept X app will automatically be installed on user devices

• In the ‘Application Configuration’ section, enable ‘Send Configuration’ and add the configuration keys and values.
  • The ‘Connection code’ is the code we generated earlier in the Sophos Mobile console
  • The other configuration values are detailed in our Help Documentation

 

• Click 'Create', followed by 'Save' and then 'Publish'

 

• The Intercept X iOS app is shown in the app list and will be installed on the devices that were selected in 'Assignment Groups'

 

 

 

 

 

Complete the installation on end user devices

• If you selected ‘Auto’ as the app delivery method, the app will have been installed automatically on end user devices
  • Note - after the Intercept X app has been installed on devices, the device will not be registered with Sophos Central until the user has opened the app and accepted the permissions required to enable protection capabilities

• Open the Intercept X app on Android and iOS devices and accept the requested permissions

 

• Devices protected by Intercept X are now visible in the Sophos Central console