Use the mobile client

The mobile client lets you perform various operations such as checking client activity and device posture information, sharing app logs with your administrator, and configuring the client.

Check client activity

The Activity tab displays your Access and Protection events. You can filter the events by tapping All, Access, or Protection. Multiple occurrences of the same event are aggregated into a single notification and their count is displayed.

Access

The Access tab displays information about blocked attempts to access applications or resources when the device doesn’t meet the required risk assessment criteria dictated by the access policy. Remediation messages suggest actions you can take to fix the problems that were detected.

Protection

The Protection tab displays information about attempts to access a host or resource that is blocked by the current SIA policy setting.

Diagnostics

The Diagnostics tab lets you perform client diagnostics and share your client operation logs with your administrator for troubleshooting.

Quick Diagnostic

The Quick diagnostic examines the status of Access, its connectivity, and configuration downloads from Enterprise Center. Green icon (✓) indicates success and red icon (✗) indicates failure.

How to

  1. Open ​​Zero Trust Client​​ on your mobile device.
  2. Tap Diagnostics.
  3. In the Quick tab, tap RUN DIAGNOSTIC.

Full Diagnostic

The Full diagnostic performs an in-depth analysis of the client and generates logs for further troubleshooting.

How to

  1. Open ​Zero Trust Client​ on your mobile device.
  2. Tap Diagnostics.
  3. In the Full tab, tap RUN FULL DIAGNOSTIC.
  4. Once the diagnostic is completed, tap SEND REPORT.
  5. Select your next action:
    1. To share the diagnostic results with your administrator, tap Send to portal. A ​Zero Trust Client​ administrator can now view the logs in Enterprise Center.
    2. To share the diagnostic results using a communicator app or email, tap Share and select the application you'd like to use.
    3. To save the diagnostic results on your device, tap Save to Device, select where to save the log archive, and tap SAVE.

Settings

The Settings tab lets you force sync the client and clear app data. You can also check the timestamp of your client’s most recent configuration synchronization with Enterprise Application Access.

Enable or disable Threat Protection

Follow this procedure to enable or disable Threat Protection in ​Zero Trust Client​.

How to

  1. Open ​​Zero Trust Client​ on your mobile device.
  2. Tap Settings.
  3. Toggle Threat Protection.
    If you are disabling Threat Protection, a confirmation message displays. Tap DISABLE to confirm.

Enable or disable Remote Access

Follow this procedure to enable or disable Remote Access in ​​Zero Trust Client​​.

How to

  1. Open ​​​Zero Trust Client​​ on your mobile device.
  2. Tap Settings.
  3. Toggle Remote Access.
    If you are disabling Remote Access, a confirmation message displays. Tap DISABLE to confirm. Note that with Access disabled, your organization’s applications and resources may not be available. Always save your work before disabling Remote Access.

Enable or disable debug logging

Follow this procedure to enable or disable debug logging in ​​Zero Trust Client​​. With debug logging enabled, you share more detailed logs with your administrator, including the VPN activity and visited websites.

How to

  1. Open ​​​Zero Trust Client​​ on your mobile device.
  2. Tap Settings.
  3. Toggle Debug logging.

🚧

Enabling debug logging may negatively impact the client’s performance.

Force Sync the client

You can perform an explicit sync to force the configuration information from Enterprise Application Access to ​Akamai​​ ​​Zero Trust Client​​.
​Akamai​​ ​​Zero Trust Client​​ synchronizes to EAA every five minutes for any configuration changes in an application or identity provider. To immediately synchronize ​Akamai​​ ​​Zero Trust Client​​ with Enterprise Application Access, you can force an explicit synchronization. If you encounter issues with ​Zero Trust Client​, try to sync.

How to

  1. Open ​Zero Trust Client​ on your mobile device.
  2. Tap Settings.
  3. Tap Force sync.

Clear app data

You can reset the app to the default settings of the software. It removes all of the Access configuration information and your personal data. A configuration update is required after the reset.

How to

  1. Open ​Zero Trust Client​ on your mobile device.
  2. Tap Settings.
  3. Tap Clear all data.
  4. Tap Clear to confirm.

Check client posture, runtime environment, and Threat Protection stats

The Info tab displays device posture information, and lets you verify and monitor the security of your device.

InformationDescription
IDPDisplays the IDP hostname that you are connected to.
Authenticated UserDisplays the currently logged in username that you use to authenticate with the IDP.
Signal last updateTimestamp of the most recent status update with the ​Zero Trust Client​ services.
OSVersion number of your Android or iOS operating system.
Device NameName of your phone model.
Device IDUnique device ID generated by ​Zero Trust Client​ for identification purposes.
Client VersionVersion number of the ​Zero Trust Client​ running on your device.
Screen LockInforms whether screen lock is enabled on the device.
Biometric EnabledInforms whether biometric security measures are enabled on the device.
Play Store VerifiedAndroid only. Informs whether your device is Play Store verified. Displays Unverified if your device is rooted.
DNS TransportDNS over TLS. Indicates that mobile requests are protected with DoT. For more about DoT, see DNS over TLS in the SIA documentation.

DNS over UDP. Indicates that mobile DNS requests are sent over UDP. DNS over UDP (DoU) is used in situations where DoT can't be used and the client is forced to fall back to DoU. This can occur if DoT is blocked by a firewall or by enterprise middleboxes. It can also occur when DoT is disabled; or the administrator configures the client to Always Attempt a DoT connection, and this connection cannot be established.

Protection Stats

The mobile client lets end users view the number of requests that are scanned and the number of requests that are blocked by the client.

Users are also given graphical data to show the top domains or applications based on operating system that are scanned and blocked in the past seven days and four weeks.

The client also indicates the average number of requests that are scanned and the average number of potential threats that are blocked per day.

The following applies:

  • The stats report the number of blocked DNS requests. This number represents requests where a user was shown a block notification.
  • When viewing a website, ​Threat Protection​ may block URLs that the user has not attempted to access. For example, a blocked URL may be a link that's on an allowed website. In this situation, the user is shown a block notification for the URL and the block is counted in the stats.
  • A blocked domain is counted only once every 30 seconds for the same network. If more events occur for the same domain within the 30 second time frame, the additional blocks are not counted in the stats. As a result, it is possible that the number of blocked requests in the stats is different from the number of events in ​SIA​ reports.
  • A user can receive only one notification in a 30 second time frame. If multiple domains generate events within the 30 seconds, only one notification appears to avoid overwhelming the user with alerts.

​Zero Trust Client​ status icon

The status icons are a visual representation of the Access and Threat Protection services. You can tap the Access icon to see your IDP configuration information or log out.

IconService Status

Access is authenticated.

Access isn't authenticated.

  • There is no Internet connection.
  • VPN is not connected.
  • VPN is not configured.

Device is protected.

Device isn't protected.

  • There is no Internet connection.
  • VPN is not connected.
  • VPN is not configured.