Use the mobile client
The mobile client lets you perform various operations such as checking client activity and device posture information, sharing app logs with your administrator, and configuring the client.
Check client activity
The Activity tab displays your Access and Protection events. You can filter the events by tapping All, Access, or Protection. Multiple occurrences of the same event are aggregated into a single notification and their count is displayed.
Access
The Access tab displays information about blocked attempts to access applications or resources when the device doesn’t meet the required risk assessment criteria dictated by the access policy. Remediation messages suggest actions you can take to fix the problems that were detected.
Protection
The Protection tab displays information about attempts to access a host or resource that is blocked by the current SIA policy setting.
Diagnostics
The Diagnostics tab lets you perform client diagnostics and share your client operation logs with your administrator for troubleshooting.
Quick Diagnostic
The Quick diagnostic examines the status of Access, its connectivity, and configuration downloads from Enterprise Center. Green icon (✓) indicates success and red icon (✗) indicates failure.
How to
- Open Zero Trust Client on your mobile device.
- Tap Diagnostics.
- In the Quick tab, tap RUN DIAGNOSTIC.
Full Diagnostic
The Full diagnostic performs an in-depth analysis of the client and generates logs for further troubleshooting.
How to
- Open Zero Trust Client on your mobile device.
- Tap Diagnostics.
- In the Full tab, tap RUN FULL DIAGNOSTIC.
- Once the diagnostic is completed, tap SEND REPORT.
- Select your next action:
- To share the diagnostic results with your administrator, tap Send to portal. A Zero Trust Client administrator can now view the logs in Enterprise Center.
- To share the diagnostic results using a communicator app or email, tap Share and select the application you'd like to use.
- To save the diagnostic results on your device, tap Save to Device, select where to save the log archive, and tap SAVE.
Settings
The Settings tab lets you force sync the client and clear app data. You can also check the timestamp of your client’s most recent configuration synchronization with Enterprise Application Access.
Enable or disable Threat Protection
Follow this procedure to enable or disable Threat Protection in Zero Trust Client.
How to
- Open Zero Trust Client on your mobile device.
- Tap Settings.
- Toggle Threat Protection.
If you are disabling Threat Protection, a confirmation message displays. Tap DISABLE to confirm.
Enable or disable Remote Access
Follow this procedure to enable or disable Remote Access in Zero Trust Client.
How to
- Open Zero Trust Client on your mobile device.
- Tap Settings.
- Toggle Remote Access.
If you are disabling Remote Access, a confirmation message displays. Tap DISABLE to confirm. Note that with Access disabled, your organization’s applications and resources may not be available. Always save your work before disabling Remote Access.
Enable or disable debug logging
Follow this procedure to enable or disable debug logging in Zero Trust Client. With debug logging enabled, you share more detailed logs with your administrator, including the VPN activity and visited websites.
How to
- Open Zero Trust Client on your mobile device.
- Tap Settings.
- Toggle Debug logging.
Enabling debug logging may negatively impact the client’s performance.
Force Sync the client
You can perform an explicit sync to force the configuration information from Enterprise Application Access to Akamai Zero Trust Client.
Akamai Zero Trust Client synchronizes to EAA every five minutes for any configuration changes in an application or identity provider. To immediately synchronize Akamai Zero Trust Client with Enterprise Application Access, you can force an explicit synchronization. If you encounter issues with Zero Trust Client, try to sync.
How to
- Open Zero Trust Client on your mobile device.
- Tap Settings.
- Tap Force sync.
Clear app data
You can reset the app to the default settings of the software. It removes all of the Access configuration information and your personal data. A configuration update is required after the reset.
How to
- Open Zero Trust Client on your mobile device.
- Tap Settings.
- Tap Clear all data.
- Tap Clear to confirm.
Check client posture, runtime environment, and Threat Protection stats
The Info tab displays device posture information, and lets you verify and monitor the security of your device.
Information | Description |
---|---|
IDP | Displays the IDP hostname that you are connected to. |
Authenticated User | Displays the currently logged in username that you use to authenticate with the IDP. |
Signal last update | Timestamp of the most recent status update with the Zero Trust Client services. |
OS | Version number of your Android or iOS operating system. |
Device Name | Name of your phone model. |
Device ID | Unique device ID generated by Zero Trust Client for identification purposes. |
Client Version | Version number of the Zero Trust Client running on your device. |
Screen Lock | Informs whether screen lock is enabled on the device. |
Biometric Enabled | Informs whether biometric security measures are enabled on the device. |
Play Store Verified | Android only. Informs whether your device is Play Store verified. Displays Unverified if your device is rooted. |
DNS Transport | DNS over TLS. Indicates that mobile requests are protected with DoT. For more about DoT, see DNS over TLS in the SIA documentation. DNS over UDP. Indicates that mobile DNS requests are sent over UDP. DNS over UDP (DoU) is used in situations where DoT can't be used and the client is forced to fall back to DoU. This can occur if DoT is blocked by a firewall or by enterprise middleboxes. It can also occur when DoT is disabled; or the administrator configures the client to Always Attempt a DoT connection, and this connection cannot be established. |
Protection Stats
The mobile client lets end users view the number of requests that are scanned and the number of requests that are blocked by the client.
Users are also given graphical data to show the top domains or applications based on operating system that are scanned and blocked in the past seven days and four weeks.
The client also indicates the average number of requests that are scanned and the average number of potential threats that are blocked per day.
The following applies:
- The stats report the number of blocked DNS requests. This number represents requests where a user was shown a block notification.
- When viewing a website, Threat Protection may block URLs that the user has not attempted to access. For example, a blocked URL may be a link that's on an allowed website. In this situation, the user is shown a block notification for the URL and the block is counted in the stats.
- A blocked domain is counted only once every 30 seconds for the same network. If more events occur for the same domain within the 30 second time frame, the additional blocks are not counted in the stats. As a result, it is possible that the number of blocked requests in the stats is different from the number of events in SIA reports.
- A user can receive only one notification in a 30 second time frame. If multiple domains generate events within the 30 seconds, only one notification appears to avoid overwhelming the user with alerts.
Zero Trust Client status icon
The status icons are a visual representation of the Access and Threat Protection services. You can tap the Access icon to see your IDP configuration information or log out.
Icon | Service Status |
---|---|
Access is authenticated. | |
Access isn't authenticated. | |
| |
Device is protected. | |
Device isn't protected. | |
|
Updated about 21 hours ago