Jamf Protect's endpoint and network protection capabilities allow you to set up automated threat prevention policies based on the detected event type.
You can configure these automated threat prevention policies in the Jamf Security Cloud portal by navigating to . Automated threat prevention policies allow you to control the actions that Jamf Security Cloud will take in the event of certain threats. These actions include blocking traffic, whereby Jamf Security Cloud would automatically block traffic associated with a particular security event at the Secure Mobile Gateway level to protect the device from being impacted.
You can also configure notifications to be sent when a particular threat category is detected. To do this, click the Alerts column for the required threat category, then select the notifications you require in the pop-up box. You can choose to send notifications to administrators, users, or both, and also specify whether notifications are sent only once for each instance of a threat, or every time it is detected.
If you were to encounter an infrastructure threat, such as an Adversary-in-the-Middle (formerly Man-in-the-Middle) attack or a Risky Hotspot on your iOS or iPadOS device, do the following: