Release Notes
Abstract
MaaS360 extends support for the following features in MEG 3.0
Content
- Prefix-based filters
- Direct gateway mode
- Internal proxy
- Untrusted certificate handling
Prefix-based filters
MaaS360 adds support for prefix-based filters (example ibm*) to allow administrators to configure web URL restrictions. In the previous releases, MaaS360 added support for suffix-based filters such as *ibm.com.
- To support prefix based filter, MaaS360 routes the DNS traffic to external DNS server. By default, it will route to IBM DNS Server.
- Administrators can change public DNS server address via the advance configuration in persona policy settings. You can use the publicPreferredDnsIPv4 and publicPreferredDnsIPv6 as keys and IP address of DNS server (Example: 8.8.8.8) as values.
- Administrators can configure gateway in Direct mode wherein the devices talk directly to the Mobile Enterprise Gateway (MEG) for direct resource access and bypass the MaaS360 hosted relay servers. For more information, see https://www.ibm.com/support/knowledgecenter/SS8H2S/com.ibm.mc.doc/ce_source/concepts/ce_meg_overview.htm
Note : This traffic to public DNS will route only if one of the filters has prefix base (Example: ibm*). If all the filters are suffix base like (*.ibm.com, *.cnn.com), the traffic will not be routed to public DNS via VPN Extension.
Direct gateway mode
Administrators can configure gateway in Direct mode wherein the devices talk directly to the Mobile Enterprise Gateway (MEG) for direct resource access and bypass the MaaS360 hosted relay servers. For more information, see https://www.ibm.com/support/knowledgecenter/SS8H2S/com.ibm.mc.doc/ce_source/concepts/ce_meg_overview.htm
Internal proxy
On the CE config tool, you can configure the internal proxy to be used by the devices when tunneling the requests via VPN. The MEG 3.0 enabled devices then route their MEG VPN requests through this proxy.
Supports following configuration:
- No proxy
- Manual proxy
- Proxy PAC URL
- Auto proxy
![Internal_proxy](/support/pages/system/files/inline-images/internal_proxy_meg_1.png)
Untrusted Certificate Handling
- Administrators can configure the behaviour for websites with certificate exceptions that are accessed via Gateway. For more information, see https://www.ibm.com/support/knowledgecenter/SS8H2S/com.ibm.mc.doc/ce_source/tasks/ce_meg_gw_auth_webdav.htm
![Untrusted_cert](/support/pages/system/files/inline-images/untrusted_cert.png)
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSXX","label":"IBM MaaS360"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
09 March 2021
UID
ibm16245324