MobileIron Sentry

MobileIron Sentry


A key component to the MobileIron Platform is MobileIron Sentry, an in-line gateway that manages, encrypts, and secures traffic between the mobile device and back-end enterprise systems. Sentry addresses three fundamental needs for our customers: mobile security, scalability and user experience.


  • Data and traffic between the mobile device and corporate resources can be configured to flow through Sentry, providing real-time secure tunneling and access control.
  • Sentry enforces the security policies set by IT in MobileIron Core, enabling it to allow or deny access to corporate information and resources in real time.
  • Sentry prevents unauthorized interception and malicious manipulation of data through its support for certificate-based authentication.
  • Sentry can encrypt email attachments delivered to mobile devices so that unauthorized apps cannot open them on the mobile device, nor read them if they are copied to external cloud storage sites.
  • Advanced traffic control through support for multiple proxy servers allows IT organizations to ensure the integrity of mobile app traffic by ensuring access to the right corporate destinations and denying access to non-IT approved destinations. With application rules an admin can specify which application(s) can be allowed, blocked or proxied in addition to destinations, enabling finer grained security so applications cannot get access to corporate resources to which they are not entitled.


  • Sentry can scale to meet the high volume performance and redundancy requirements of global organizations.
  • Organizations can set up multiple Sentry gateways in a cluster to accommodate standard and peak data volume scenarios.

User Experience

  • Sentry supports certificate based SSO authentication, which can eliminate the need for users to enter their username and password when accessing email, intranet sites, and corporate data behind the firewall.
  • Sentry provides on-demand app-specific VPN’s, greatly improving user experience by eliminating the need for manually enabling device-wide VPN’s.