Set up Bring Your Own Device (BYOD)

To set up bring your own device (BYOD):

  1. Specify corporate email domains in the ETP network configuration. This allows you to specify the email domains of users who are authorized to activate the client. For instructions, see Specify corporate email domains.

    🚧

    Do not specify domains that are associated with unauthorized users. For example, do not specify a domain for a public service like gmail.com that has addresses of users who are not part of your organization.

  2. Specify usernames or email addresses of users in the User Lists. If you plan to manually distribute activation codes to users or send users an email invitation that includes the code, you can specify the username or email address of users in ETP. For more information, see Generate activation codes in a CSV file.

    The username or email address that is provided allows ETP to easily identify users in reports. This information is shown in the Device Owner field that’s available in event and activity reports.

  3. Distribute MITM certificates to ETP Client devices. The MITM certificate for ETP Proxy is required for TLS inspection of web traffic. To use ETP Client with the proxy, you need to securely distribute and install the certificate on the user’s device.

    To distribute the certificate to a laptop or computer, see Distribute the ETP Proxy certificate. To distribute the certificate to a mobile device, see Distribute MITM certificates to ETP mobile devices. To generate a certificate, see Create an ​Akamai​ certificate and Create a non-​Akamai​ certificate.

Specify corporate email domains

To support activation requests, you need to enter the corporate email domains in the ETP network configuration. ETP uses this information to verify that users belong to these domains.

🚧

Do not specify domains that are associated with unauthorized users. For example, do not specify a domain for a public service like gmail.com that has addresses of users who are not part of your organization.

To specify corporate email domains:

  1. In the Threat Protection menu of Enterprise Center, select Locations > Network Configuration.

    You can also access these settings in the Configuration settings for ETP Client. In the Enterprise Center navigation menu, select Clients & Connectors > ETP Clients. Click Configuration.

  2. In the Corporate Email Domains field, enter one or more corporate email domains. End users need to belong to one of the specified domains to receive the email invitation with the activation code.

  3. Click Save.

Next steps

Email activation codes to users

Before you begin

Make sure an administrator defines corporate domains in the ETP network configuration. For more information, see Specify corporate email domains.

From ETP, you can send users an email that contains the activation code. An activation code is valid for seven days.

For a mobile client, the email will contain a deep link that activates the client. The user has seven days to click the deep link or copy the activation code and paste it into the client. If the user has not yet installed the client, the deep link redirects the user to the appropriate app store (according to device type). After installing the client, the user can provide the activation code.

To email activation codes to users:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > ETP Clients.

  2. Click the Activation tab.

  3. In the Select Type field, select Send email invitation.

  4. In the User's List area, enter a comma-separated list of user email addresses where you want to send activation codes. To add users in bulk, you can download the spreadsheet template, enter email addresses, and upload the spreadsheet. For instructions, see Email activation codes to users in bulk.

  5. Click Submit. The emails are sent to the users you specified in the User's List.

Email activation codes to users in bulk

Before you begin

Make sure an administrator defines corporate domains in the ETP network configuration. For more information, see Specify corporate email domains.

Complete this procedure to download the template spreadsheet for one-time activation codes and upload it with the email addresses of users who you want to receive the email invitation for ETP Client. The email contains the activation code and for mobile clients, a link that users can tap to automatically activate ETP Client on their device.

To email activation codes to users in bulk:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > ETP Clients.

  2. Click the Activation tab.

  3. Download the Bulk OTAC spreadsheet and complete the spreadsheet:

    1. Click Bulk OTACs to download the spreadsheet template.

    2. In the User column of the downloaded spreadsheet, enter an email address in each row.

    3. Save the spreadsheet.

  4. In the Select Type field, select Send email invitation.

  5. Click Upload CSV to find and select the spreadsheet. The users you specified are sent an activation code email.

Generate activation codes in a CSV file

Before you begin

Make sure an administrator defines corporate domains in the ETP network configuration. For more information, see Specify corporate email domains.

Complete this procedure to generate activation codes for users in a CSV file. After you generate activation codes, you can distribute these codes offline to users.

The usernames or email addresses that you specify in the User's List or in an uploaded CSV are used to identify the Device Owner in ETP reports.

To generate activation codes in a CSV file:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > ETP Clients.

  2. Click the Activation tab.

  3. In the Select Type field, select Download as CSV.

  4. In the User's List field, enter a comma-separated list of unique users or arbitrary names. No spaces are allowed in the names.

    To add users in bulk, see Generate activation codes for users in bulk.

  5. Click Generate & Download. A CSV with the users you added to the User's List and the activation codes appear.

Next steps

Securely communicate activation codes to users.

Generate activation codes for users in bulk

Before you begin

Make sure an administrator defines corporate domains in the ETP network configuration. For more information, see Specify corporate email domains.

Complete this procedure to generate activation codes by submitting a CSV file that contains a list of users IDs and email addresses. This process involves downloading the one-time activation codes CSV template and uploading it to ETP.

To generate activation codes for users in bulk:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > ETP Clients.

  2. Click the Activation tab.

  3. Download the Bulk OTAC CSV file and complete the spreadsheet:

    1. Click Bulk OTACs to download the spreadsheet template.

    2. In the User column of the downloaded spreadsheet, enter an email address or User ID for a user in each row.

    3. Save the CSV.

  4. In the Select Type field, select Download as CSV.

  5. Click Upload CSV. A CSV file with the users and their activation codes appear.

Next steps

Securely communicate activation codes to users.

Distribute MITM certificates to ETP mobile devices

A MITM certificate needs to be installed on each device to allow ETP Proxy to inspect traffic.

To distribute MITM certificates to ETP mobile devices:

  1. An ETP administrator securely distributes the certificate to end users. This can be done using email, the corporate intranet web site, or other means.

  2. The end user then installs the certificate as required for the device type shown in this table:

Device Type

Steps

iOS devices

The end user:

  1. Downloads the certificate to the device and is prompted to install it.
  2. Verifies the certificate displays under **iOS Settings <> General <> Profiles**.
  3. Navigates to ** iOS Settings <> General <> About <> Certificate Trust Settings ** and enables the certificate.

Android and Chromebook devices

The end-user performs the following steps:

  1. Downloads the certificate to the device.
  2. Uses a file manager app to find and install the downloaded certificate.
  3. Verifies that the certificate displays under ** Settings <> Security**.

Did this page help you?