Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
March 2012
R1
Release
3.2
Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
User Guide
ii Copyright © 2012, Juniper Networks, Inc.
Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and
other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks,
registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any
inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or
licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579,
6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
Copyright © 2012, Juniper Networks, Inc. All rights reserved.
Table of Contents
Installing and Registering Junos Pulse ..............................................................1Connecting with Junos Pulse ............................................................................4Adding a Secure Connection Profile .................................................................5Connecting.......................................................................................................7
Viewing Connection Status ........................................................................8Limited Access...........................................................................................8
Using Secure Meeting.......................................................................................9The Secure Meeting Toolbar ....................................................................12
Anti−Theft Features.........................................................................................22Device Feature Support..................................................................................22Technical Support ..........................................................................................24
iii
iv
Junos Pulse for Apple iOS
Junos Pulse lets you access protected network resources from your Apple iOS™ device
through a secure VPN connection. The security component, Junos Pulse Mobile Security
Suite, includes anti−theft tools to reduce the risks of a lost or stolen device:
Additional information for Junos Pulse, including information on supported platforms,
can be found at http://www.juniper.net/support/products/pulse/mobile/.
Installing and Registering Junos Pulse
Junos Pulse VPN features and Junos Pulse security features are available through the
Junos Pulse app, which is available from the Apple App Store. The security features are
available only after you register your iOS device.
Downloading and installing Junos Pulse is the same as installing any iOS app. You can
download Junos Pulse and import it into iTunes in order to install it on your iOS device.
Once you install Junos Pulse, do the following to automatically register Junos Pulse and
begin using VPN and security features.
1. After the application has been downloaded and installed, browse to the
registration URL provided by your administrator in an email or in a text message.
2. Clicking the registration URL brings up the Junos Pulse EULA agreement. Tap
Accept to continue. See Figure 1 on page 1.
Figure 1: Accept EULA
Copyright © 2012, Juniper Networks, Inc. Installing and Registering Junos Pulse 1
3. You are next are prompted to Enable Junos Pulse. Tap the Enable button to
continue. See Figure 2 on page 2.
Figure 2: Enable Junos Pulse
4. You are then prompted to install the Junos Pulse security profile. Tap the Install button. See Figure 3 on page 2.
Figure 3: Install Profile
5. A screen appears informing you that installing this profile allows your administrator
to remotely control and access certain aspects of your device. This is necessary to
provide security features such as remote lock and remote wipe. Tap the Install button to continue. See Figure 4 on page 3.
2 Installing and Registering Junos Pulse Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Figure 4: Install Profile Warning
6. A screen displays informing you that the security profile has installed successfully.
See Figure 5 on page 3. Security features are now in place for your iOS device.
Figure 5: Profile Installed Successfully
Copyright © 2012, Juniper Networks, Inc. Installing and Registering Junos Pulse 3
7. When you relaunch Junos Pulse, if your administrator has configured GPS location
tracking services for your device, you are prompted to permit GPS location tracking
using your current location. Click OK to allow this service. Click Don’t Allow to
decline. See Figure 6 on page 4.
Figure 6: Allow GPS Tracking
Informational Note: If your iOS device does not have Location Services turned on, the
following prompt appears when you launch Junos Pulse: (see Figure 7 on page 4)
Figure 7: Turn On Location Services
Informational Note: Tap the Settings button (see Figure 7 on page 4) to go to the
Location Services screen where you can turn the service on. You must then relaunch
Junos Pulse to enable the GPS tracking report.
Caution: Once you select Don’t Allow or OK for GPS location services, your selection is
remembered if you uninstall and reinstall Junos Pulse. You are not prompted again and
your previous selection is used. If you want to reset this feature to change your selection,
on your iOS device, navigate to Settings > General > Reset Location Warnings. This
resets all of the location warnings for all your applications.
Connecting with Junos Pulse
In addition to the security features already described, you can use Junos Pulse to
establish a secure VPN connection to your corporate network using your device’s 3G, 4G,
Edge or WiFi connectivity. Once a VPN connection is established, Junos Pulse can
include the following features (see Figure 8 on page 5):
Intranet: Launches connections to internal site configured by your administrator.
Email: Launches your email application.
Status: Lets you view, delete, and email log files, which you might need to do in a
troubleshooting operation. The log files show all security incidents, such as virus scan
times and viruses discovered. If you have an established VPN connection, you can
also view the status of that connection from this screen.
About: Provides software version information.
Informational Note: Screens for different iOS devices may vary. For information on the
Join Meeting button, refer to Using Secure Meeting on page 9.
4 Connecting with Junos Pulse Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Figure 8: Available Features as they appear for iPhone
Figure 9: Available Features as they appear for iPad
Adding a Secure Connection Profile
You can add a VPN connection for each different network to which you connect. To
define a connection profile, do the following:
Copyright © 2012, Juniper Networks, Inc. Adding a Secure Connection Profile 5
1. Start Junos Pulse.
2. Tap Configuration.
If you have already set up one connection profile and you are adding an additional
profile, tap Edit.
3. To establish a new connection, tap Add New Connection. The Add window opens.
See Figure 10 on page 6.
Informational Note: Screens for different iOS devices may vary.
Figure 10: Add Connection iPhone
6 Adding a Secure Connection Profile Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Figure 11: Add Configuration iPad
4. Specify the connection profile properties.
Name: The name or description for this connection profile.
URL: The Web address provided by your network administrator.
Username: Enter your username.
Realm: This field may be automatically filled in. If not, your network administrator
provides this information.
Role: This field may be automatically filled in. If not, your network administrator
provides this information.
Certificate: If your network administrator has provided you with a digital
certificate (typically via an e-mail attachment or SMS), tap Certificate. When the
Identities window opens, select the certificate you want to use with this profile.
If you do not use a certificate, you must provide a username and password when
you use this connection profile.
5. Tap Configuration to return to the main Junos Pulse window.
Connecting
Once you have configured your connection, do the following to connect.
1. Start Junos Pulse.
2. Tap Connect.
3. When the Connect window opens, enter your login Username and Password. See
Figure 12 on page 8.
4. Tap Sign In.
Copyright © 2012, Juniper Networks, Inc. Connecting 7
Figure 12: Connect
Viewing Connection Status
The status of your current connection appears at the bottom of the Junos Pulse window
in the form of an icon. The appearance of that icon indicates whether the connection is
active, inactive, or limited by policy non−compliance (see Limited Access on page 8).
The active connection icon also appears in the status bar at the top of your device
screen. When you close Junos Pulse, that icon remains visible as long as your VPN
connection is active.
Limited Access
To ensure the integrity of mobile devices that are accessing network resources, an
administrator can enforce a security policy with which mobile devices must comply in
order to connect to the network. If a device is found to be non−compliant when
attempting a secure network connection, only limited network access may be granted.
When your device is non−compliant, you are prompted with this information (see
Figure 13 on page 9) and you may be presented with a Continue button which you can
tap to obtain limited network access.
Reasons for non−compliance may include the following:
Your device has been jailbroken.
Your device is running an operating system that is not allowed by the security policy.
Your device not registered with the server.
You must remedy the non−compliance issue on your device before you can establish a
full network connection.
Active Connection No Session Limited Access
8 Connecting Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Figure 13: Non−compliance Prompt
Using Secure Meeting
By tapping the Join Meeting button on the Junos Pulse main screen, or the Attendee
Smartphone URL in the received meeting invitation, you can launch Secure Meeting
from your iOS device allowing you to view the meeting presenter's screen and to chat
with other attendees from your iPhone or iPad.
To attend a meeting using Secure Meeting from your iOS device, do the following:
1. Tap the Join Meeting button on the Junos Pulse main screen (see Figure 8 on
page 5), or from your email or calendar application, open the meeting invitation
and tap the Attendee Smartphone URL link (see Figure 14 on page 10). If you try to
access a meeting from an email or calendar URL, Junos Pulse automatically
launches.
Copyright © 2012, Juniper Networks, Inc. Using Secure Meeting 9
Figure 14: Attendee Smartphone URL Link
2. The Secure Meeting Login screen appears. (See Figure 15 on page 11.) In order to join
the meeting, you must enter the appropriate meeting information in the
corresponding login fields. The Server and Meeting ID fields are usually
pre−populated. Generally, you will need to enter a Username and Password and
then tap the Login button to access the meeting.
Informational Note: When you tap the Join Meeting button from the Junos Pulse main
screen, the information from the previous meeting is still there. You must enter the new
meeting information to join a new meeting.
10 Using Secure Meeting Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Figure 15: Secure Meeting Login
3. Once you login successfully, if the meeting has started, you will see the meeting
presenter’s screen. See Figure 16 on page 11. If the meeting has not yet started, you
may see the “waiting” bubble until the meeting does start. See Figure 17 on page 12.
Figure 16: Active Meeting with Secure Meeting Toolbar
Copyright © 2012, Juniper Networks, Inc. Using Secure Meeting 11
Figure 17: Waiting for Presenter to Share Screen
The Secure Meeting Toolbar
When you tap the screen during an active meeting, the Secure Meeting Toolbar appears
at the bottom of the screen as shown in Figure 16 on page 11 and Figure 17 on page 12.
The buttons on the toolbar perform the following tasks:
Chat: The first button on the left of the toolbar initiates a chat session. When you tap
it, the chat screen appears listing the meeting attendees and allowing you to select
All attendees to chat with, or one particular attendee. See Figure 18 on page 13.
12 Using Secure Meeting Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Figure 18: Secure Meeting Chat Screen
1. To chat, select the Attendee and then tap the text input field. See Figure 19 on
page 14.
Copyright © 2012, Juniper Networks, Inc. Using Secure Meeting 13
Figure 19: Secure Meeting Chat in Progress
2. Enter your text and Tap Send. Your text is displayed to the Attendee(s) in question.
3. You can reply to a chat text by tapping the reply arrow beside the message. This
gives you the option to Reply All or Reply Sender. See Figure 20 on page 15 and
Figure 21 on page 15.
From within a chat, you can click the button in the upper right−hand corner of the
navigation bar to toggle between attendees with whom you want to chat. See
Figure 21 on page 15.
Informational Note: On the iPad, you do not have to navigate away from the meeting
to conduct a chat. You can view both screens at the same time. See Figure 22 on
page 16.
14 Using Secure Meeting Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Figure 20: Secure Meeting Chat in Progress Continued
Figure 21: Secure Meeting Chat Reply Options
Copyright © 2012, Juniper Networks, Inc. Using Secure Meeting 15
Figure 22: Secure Meeting Chat in Progress on iPad
16 Using Secure Meeting Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Dial to the meeting: The next button on the toolbar (the telephone button) allows
you to use the native iOS phone application to dial into the meeting. When you tap
the phone button, the Dial to the meeting screen appears. See Figure 23 on page 17.
Informational Note: Dial to the meeting is not available on the iPad.
Figure 23: Secure Meeting Dial to the Meeting
1. To Dial to the meeting, you must enter the phone number for the meeting. Note
that you can copy and paste the number from the Conference Information field.
Both the Conference code and Pin number are optional.
2. Once you’re dialed into the meeting, go back to Junos Pulse to continue the secure
meeting. See Figure 24 on page 18.
Informational Note: If you move away from the secure meeting screen, you can
always return to the meeting by the tapping the Back to Meeting button on the main
Junos Pulse screen. See Figure 24 on page 18. The Back to Meeting buttons looks a bit
different on the iPad. See Figure 25 on page 18.
Copyright © 2012, Juniper Networks, Inc. Using Secure Meeting 17
Figure 24: Junos Pulse Back to Meeting
Figure 25: Junos Pulse Back to Meeting on iPad
18 Using Secure Meeting Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Attendees: The third button from the left on the Secure Meeting Toolbar is the
Attendees button. When you tap this button, the list of meeting attendees is
displayed along with a Chat button beside each name. Tapping the Chat button from
this screen allows you to launch a chat screen directed at the attendee in question.
Figure 26: Secure Meeting Attendees
Copyright © 2012, Juniper Networks, Inc. Using Secure Meeting 19
Meeting Information: The last button on the right of the Secure Meeting Toolbar is
the Meeting Information button. When you tap this button, a screen displaying the
Meeting Name, Meeting ID, Conductor, and Meeting Description appears. (See
Figure 27 on page 20.) From this screen, you can tap the Forward Meeting button to
generate an email message that contains all the required meeting information. (See
Figure 29 on page 22.) Enter the desired email address(es) in the To field and send
the meeting information to the recipient(s).
Figure 27: Secure Meeting Information
Informational Note: The appearance of Secure Meeting screens on the iPad may
sometimes differ from those on the iPhone. See Figure 28 on page 21.
20 Using Secure Meeting Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Figure 28: Secure Meeting Information Screen on iPad
Copyright © 2012, Juniper Networks, Inc. Using Secure Meeting 21
Figure 29: Secure Meeting Email Meeting Information
Anti-Theft Features
There are a number of measures that can be taken to protect your device if it is lost or
stolen. To activate anti−theft features, contact your administrator. Those features
include:
Lock Device—Locks the device if it is lost or stolen, or if you wish to stop the use of the
device for any other reason. (Note that this lock can be overridden if you have not
configured a passcode on the device.)
Unlock Device—Unlocks the device.
Retrieve App List—Updates the list of installed applications on the device.
Wipe Device—Sets device back to factory settings.
GPS Tracking —Tracks the GPS location of the device.
Device Feature Support
The following features are supported for Junos Pulse on iOS Devices.
Table 1: Junos Pulse Feature Support for iOS
Feature Supported for iOS
Alarm On/Off No
Antispam No
Antivirus No
Application Inventory Yes
Application Removal No
Automatic Registration Yes
22 Anti−Theft Features Copyright © 2012, Juniper Networks, Inc.
Junos Pulse for Apple iOS
Table 2: iOS Device Personal Data Erased by Junos Pulse Handset Wipe Command
Backup/Restore Contacts & Calendar No
Contacts Log No
Device Identity Servers Yes
Enterprise VPN support Yes
Enterprise Web Portal Yes
Exchange provisioning Yes
Firewall No
GPS Location/Tracking Yes
GPS Theft On/Off No
Log Email No
Log Images No
Log MMS Messages No
Log SMS Messages No
LogWeb Images No
Log Event/Size Limits No
Lock/Unlock Device Yes
Lock on SIM Change No
Malware Scan Interval No
Monitor and Control Report Yes
Passcode Requirements Yes
Policy Based Client UI No
Prohibited Applications No
Restrictions on device usage Yes
Scan card No
Scan device No
SCEP server support Yes
Update Profile Yes
Update Virus Definitions No
Voice Log No
VPN provisioning Yes
VPN strong authentication (PKI or 2FA) Yes
Wi-Fi provisioning Yes
Wipe Device Yes
Wipe on SIM Change No
Personal Data Wiped on iOS
Appointments Yes
Calendar Memos Yes
Calendar ToDos Yes
Call History Yes
Contacts Yes
Email Boxes Yes
Feature Supported for iOS
Copyright © 2012, Juniper Networks, Inc. Device Feature Support 23
Technical Support
For technical issues, contact your administrator.
Memory Card N/A
Notes Yes
SMS and MMS Yes
Tasks Yes
Personal Data Wiped on iOS
24 Technical Support Copyright © 2012, Juniper Networks, Inc.
Index
Aadd secure connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
anti-theft features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
automatic URL registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
C
connecting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4, 7
certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
realm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
URL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
connection
add a connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
connection profile properties . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
E
enable Junos Pulse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
EULA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
F
feature support chart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
G
GPS tracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4, 22
I
installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
L
limited access, non-compliance. . . . . . . . . . . . . . . . . . . . . . . . . 8
lock device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
R
registration URL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
retrieve app list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
S
secure meeting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
attendees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
chat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
dial in. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
join meeting, login. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
meeting information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
smartphone URL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
toolbar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
security features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
GPS tracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
lock device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
retrieve app list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
unlock device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
wipe device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
security profile
install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
U
unlock device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
W
wipe device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Copyright © 2012, Juniper Networks, Inc. Index 1
2 Inde
x Copyright © 2012, Juniper Networks, Inc.