New Features in Version 4.

0
Revised: January 7, 2011 For Technical Support Email: support@mobileiron.com Phone: 1-877-819-3452

Overview
This release focuses on the following new features:

• • • • • • • • • • • •

Android Support In-house App Distribution for iOS Redesigned Apps Management UI App Control Feature BlackBerry 6.0 Support Windows Phone 7 Support Registration PIN and/or Password (Android/iOS) SMS Archive Package Expanded Events Outbound HTTP Proxy for Gateway Transactions and System Updates Specifying Eligible Platforms for Registration API Additions

See the MobileIron Release Notes for information on other changes, resolved issues, and known issues.

Company Confidential 1

Android Support
Android 2.2 is now supported. The following table summarizes the feature support in this first release of MobileIron for Android.
Provisioning Android

Per Device yes Bulk User Self-Service (By Invitation)
Asset Management

yes yes
Android

Device Inventory Device Details Ownership Status

yes yes yes

Designate Lost Device yes Designate Found Device yes Retire Device Send Message Wakeup Client Reprovision Client Sync Policy Group Actions (Labels)
Security

yes yes yes yes yes yes
Android

Lock Wipe Selective Wipe (Email) Certificate Distribution Encryption Policy (Internal Storage) Password Policy Privacy Policy Block Registration by OS Locate (via Cell Tower) Locate (via GPS)
Sentry Access Control

yes yes yes10, 13 Exchange only10 Exchange only10 yes yes yes yes yes
Android

Device Inventory Device Details Allow / Block Wipe Register
App Management

yes yes yes yes yes
Android

App Control Policy On-Device Inventory

yes yes

Company Confidential 2

Mobile Activity Intelligence

Android

International Roaming Event Center Alerting
MyPhone@Work

yes partial12
Android

Register Lock Wipe Find It

yes yes yes yes

10 Via integration with NitroDesk’s TouchDown for MobileIron software. 11 SMS archiving coverage is not complete for this platform. Also, there are certain devices for which the SMS data is not currently available. 12 One or more significant parts of this feature are not supported. See the detailed documentation for this feature. 13 Selective wipe of email for this platform is accomplished via retiring or wiping the device; it is not accomplished using the Selective Wipe command.

Support for Exchange ActiveSync Features
For Android devices, several features require a third-party add-in called NitroDesk’s TouchDown for MobileIron. The download is available on Android Market.

Setting Up Secure Email for Android
Setting up secure email for Android requires tasks on both the device and the MobileIron VSP.

Tasks on the MobileIron VSP
Complete the following tasks on the MobileIron VSP:
1. 2. 3.

Configure an Exchange app setting in the Smartphone Manager (Apps & Files | App Settings | Exchange). Apply the Exchange app setting to a label that points to the Android devices. Initiate registration of the Android devices.

Tasks on the Android Devices
Complete the following tasks on the Android devices:
1.

Download and install NitroDesk’s TouchDown for MobileIron. The download is available from Android Market. Download the MobileIron Client from the Android Market. Start the MobileIron Client to complete the MobileIron registration.

2. 3.

Custom Landing Pages for Registered Android Devices
For Android devices, you have the option of specifying a custom landing page to be displayed after the device is registered. Implement a landing page if you would like to
Company Confidential 3

provide the device user with more than the basic information currently provided in the MobileIron Client UI for Android, which is shown in the following figure.

To configure a landing page:
1. 2.

Create the custom page you would like to display after a user registers an Android device. In Smartphone Manager, select Settings | Preferences.

Company Confidential 4

the following values are added to the end of the URL: ?email=<email_address>&name=<user_ID> The email address and user ID are the values associated with the user’s MobileIron account. you might want to use the <user_ID> to provide a personalized welcome on the page. Note: If you intend to use these optional elements. For example.com?name=jsmith Custom Landing Pages and Self-signed Certificates If using HTTPS for the custom landing page. then do not use untrusted TLS server certificates. Company Confidential 5 . Optional Syntax If available. Include these optional elements if you to design a page that is customized based on this information. enter the URL for the custom page in the Landing Page URL After Device Registration field as follows: http://<URL>Click Save. be sure that the web server hosting the custom page will accept them. In the Registration Preferences section.mycompany. Example: http://www.3.

go to: http://www. the following are also required: • Participation in the Apple iDEP program • iOS MDM features enabled (Settings | Preferences) For details on implementing and enabling MDM support for MobileIron.html. For comprehensive information on in-house app development.In-house App Distribution for iOS In previous releases.1 or later For the complete functionality. MobileIron enabled only a recommended list of public apps.com/iphone/business/apps/in-house/resources. see the materials posted on the MobileIron Support site. MobileIron now also supports the distribution of in-house apps. Prerequisites Basic app distribution requires: • iOS 4. Using the iOS App Wizard To set up distribution of an in-house app to iOS devices: Company Confidential 6 . What Are In-house Apps? In-house apps are mobile apps that you develop and distribute internally. requiring users to initiate and complete a download process via the Apple Store.apple. including updates to badging resulting from inventory data.

3. Click Next. Select iOS from the Select Platform list. 2.1. Click the Add App button. select Apps & Files | App Distribution. 4. Company Confidential 7 . In Smartphone Manager. The iOS Add App Wizard starts.

the following screen displays. Click Browse and navigate to the in-house app (. 6. Company Confidential 8 . If this app is designed only for iPads. set the iPad Only option to Yes. The Add App Wizard examines the selected bundle to ensure that it meets requirements for in-house apps distributed for iOS devices.ipa) you want to upload. 7. Click Next.In-house App is selected by default. If the bundle is acceptable. 5.

This text appears on the in the MobileIron app on target devices (under the app name in the In-House Apps list). Note that app names longer than 25 characters will be truncated when displayed on the device. Enter the version number to be displayed to users.) in this field. Use the following guidelines to complete the items in this screen: Item Description App Name Displays the App Name defined for the bundle. the user can tap a button to display all recommended and in-house apps or a subset of featured apps. Note that the Message feature for iOS apps applies only to featured apps and those installed apps for which an update is available. See “Informing Users of New Apps and Upgrades for Featured Apps” on page 15 for information. Company Confidential 9 Display Version Bundle Version Description Featured . Enter any additional text that helps describe what the app is for. On the device.8. You may enter numerals and periods (. Select No if you do not want to highlight this app in the Featured apps list. Displays the version defined for the bundle. This item is not editable. You can edit this text to display a different name to users.

you may want to communicate the requirement to users. 9.Item Description Data Protection Required Select Yes to require that data protection be enabled in order to install this app. Click the here to define new categories. Company Confidential 10 . Note: Devices without data protection enabled will not see the app at all in the In-house Apps list on the deviceand will not know that data protection compliance is required. Provisioning Profile Category Displays the identifier for the provisioning profile incorporated in the bundle. Therefore. Click Next. Select a category if you would like this app to be displayed in a specific group of apps on the device.

PNG. Use the following guidelines to complete this page: Item Description App Icon Required. or GIF format and one of the following dimensions specifications: 1024x768 pixels 768x1024 pixels 11. or GIF format. Click Finish. Select the icon to be used to represent this app. Screenshots must be in JPG. PNG. The file must be in JPG. or 114x114 pixels. Select up to 4 optional screenshots to display for the app. 72x72 pixels. Company Confidential 11 . PNG is recommended for best resizing results. Screenshots must be in JPG. The app is displayed in the App Distribution screen with an icon that identifies the app as an in-house app. PNG. or GIF format and one of the following dimensions specifications: 320x480 pixels 640x960 pixels 480x320 pixels 960x640 pixels iPhone and iPod touch screenshots iPad screenshots Select up to 4 optional screenshots to display for the app. Acceptable dimensions are 57x57 pixels.10. The provisioning profile for the app is also stored on the VSP and is displayed in the App Settings page.

Adding an App to an Apps List Once you have added an iOS app (recommended or in-house) to the app distribution library. select Apps & Files | App Distribution. In Smartphone Manager. 2. 1. Select the app you want to work with. you need to select one or more labels to specify which iOS devices should have the app displayed in an apps list. 3. Select iOS from the Select Platform list. 4. Company Confidential 12 . Select Actions | Apply to Label.

7. that app will not become available for reinstalling again until the next sync interval causes the MobileIron VSP to be updated. You should also consider testing the first installation of each recommended app so that you can record the corresponding reported app name. consider linking any recommended app to the corresponding entry in the app inventory. If you have not done so already. User Notification of Newly-Published Apps When a featured app is published to users. Select the label that represents the iOS devices on which you want the selected app to be listed. the badge appears next to the appropriate app list. This step will help with app tracking because the name you assign to the app is not likely to be the same as the name reported by the app once it is installed.5. Click Publish. See “Linking Recommended Apps to Inventory Apps” on page 14. 6. If the user deletes a published app. You can address user concerns by using the Wakeup Client command to force the MobileIron Client to update the VSP. those users receive a notification in the form of a badge that appears on the MobileIron icon. If the user starts the app on the device. Company Confidential 13 . The number on the badge indicates the number of apps available.

Also.Linking Recommended Apps to Inventory Apps Recommended apps display in the “App Store apps” list using the app name you specified when you added it to the app distribution library. the # of Devices Installed list in the App Dist page does reflect installations. 3. Select iOS from the Select Platform list. select Apps & Files | App Distribution. you may want to create a link between the two names. To link the recommended app name to the reported app name: 1. However. This name can often be quite different. 2. Click the edit icon next to the app you want to work with. Therefore. Company Confidential 14 . the App Inventory page displays the name reported by the app. to facilitate tracking of installed apps. In Smartphone Manager.

5. Company Confidential 15 . Once the link is established.4. Select the corresponding inventory app name from the Inventory Apps list. the # of Devices Installed column in the App Distribution screen displays the correct number. You should consider changing the app name as specified in any app control rules to ensure it matches the official name. Click Save. In Smartphone Manager. select Apps & Files | App Distribution. Informing Users of New Apps and Upgrades for Featured Apps You can send out a mass APNS message informing iOS users about the availability of a new featured app or an upgrade for a featured app: 1.

Click Send. 4. Select iOS from the Select Platform list. An APNS message is sent to the devices for whom the app was published.2. Company Confidential 16 . 5. 3. Click Message. Select the app you want to work with. The message includes buttons that enable the user to install or upgrade the app.

Company Confidential 17 . the message is sent only for apps configured as featured apps in the app distribution library.Again.

App Settings The Application Settings menu is now called App Settings. The following figure shows the new Apps & Files tab. This feature is supported for the following platforms: • • • • iOS BlackBerry Windows Mobile Symbian Company Confidential 18 . Also note that SCEP is now available from the main menu and no longer appears under the iOS submenu. App Distribution The Application Catalog has been replaced with an App Distribution page.Redesigned Apps Management UI The apps management UI has been redesigned to accommodate new features and streamline common procedures. This change reflects SCEP support for additional platforms. as shown in the following figure.

The procedure. which leads you through the rest of the procedure. For all other supported platforms. The following figure shows an example. Company Confidential 19 . clicking Add App starts the Add App Wizard. required information. and available actions differ by platform. including the selection of recommended or in-house apps. you can click the Add App button to start entering the required information. The following figure shows an example of a screen from the Add App Wizard. In-house apps are apps developed by your organization for internal distribution. For iOS. These dialogs resemble those from previous versions of MobileIron. clicking Add App displays a dialog specific to the selected platform. Recommended apps are the same as recommended apps available in previous versions of MobileIron. Picking a platform is also necessary for displaying the existing apps and managing them. Add an App Once you select a platform. except that they have been tailored for the selected platform.Pick a Platform First The new procedure for preparing apps for distribution starts with selecting a platform from the Select Platform list.

For other supported platforms.Manage Apps For iOS devices. you can perform the following tasks: • • • • Send a message about new or updated apps Delete an app Apply the app to a label to facilitate distribution Remove the app from a label Note that deleting an iOS app also removes the provisioning profile from the devices on which the app was installed. once you have added an app. once you have added an app. you can perform the following tasks: • • • • • Delete an app Install an app Uninstall an app Publish an app Unpublish an app Company Confidential 20 . This prevents those devices from running the app.

label.App Inventory The App Inventory page displays detected apps that were installed after the production image was applied to the device. Each app control rule specifies that the apps meeting the specified criteria be designated as either Required. Company Confidential 21 . App Control The App Control page enables you to define app control rules for use in security policies. or Disallowed. Allowed. These include apps that are not managed by MobileIron. You can filter these apps by platform. and app name. See “App Control Feature” on page 22 for more information about using app control rules.

Consequences include blocking ActiveSync access.x + MDM7 Symbian webOS WinMo 5 WinMo 6. Setting Up App Control You can set up app control to enhance visibility into the apps being installed on managed devices and help enforce corporate app policy. Using app control rules. You can then associate these rules with a security policy that specifies the consequences of being out of policy. you can define which apps are required.x Win 7 App Control Policy yes yes yes yes yes - yes yes - The app control feature enables you to exert control over which apps are installed on managed devices. Setting up app control involves the following tasks: Company Confidential 22 . or disallowed. sending an alert (configured in Event Center) to the specified administrator and user.App Control Feature App Management Android BlackBerry iOS iOS4. App control applies to all MobileIron-supported platforms except webOS and Win 7. allowed. and displaying a warning icon in the All Smartphones page.

Company Confidential 23 . The following figure shows an example of an app control rule with criteria for disallowed apps. Security policies specify which devices the rules are applied to and the actions to associate with a rule violation. The absence of one of these apps is considered a policy violoation. The presence of an app not on this list is considered a policy violation. (In this case. since MDM-enabled iOS devices report inventory even if the MobileIron Client has been uninstalled. It does not refer to an app name you may have specified when adding the app to the app distribution library. you might create a set of Allowed rules for use by temporary employees to ensure that they are not installing personal apps on a corporate device. as well as the recipients of the information. you can create a Required rule to ensure that the removal of the MobileIron Client results in the appropriate response. • Use Disallowed rules to specify a small set of apps that are forbidden on designated devices. • Use Allowed rules to specify a small set of apps that are allowed on designated devices. For example. or Disallowed: • Use Required rules to ensure that certain apps are installed on designated devices. The alert determines the information that is sent as the result of rule violation. App Control Rule Types Each app control rule specifies that the apps meeting the given criteria be designated as either Required. The presence of a disallowed app is considered a policy violation. you might use a set of Disallowed rules to help lower exposure to apps with known security issues. App Control Rule Criteria App criteria match a specified string against the app name. “app name” refers to the uneditable app name defined by the author of the app. For example. For example.) You can also restrict criteria to a specific platform. Allowed.• define app control rules • select app control rules to the Access Control settings in the security policies assigned to target devices • configure alerts when a device violates the app control rules in its security policy The app control rule defines which apps you want to control.

However. or no alert will be generated. App Control Alerts The app control rule specifies whether violating devices should just trigger an alert or also be blocked from ActiveSync access.App Control Rules Applied in Security Policies The following figure shows app control rules applied in a security policy. the associated event must also be configured in Event Center. ActiveSync access will be blocked and an alert will be generated if the specified apps are detected on a device to which the security policy is applied. Company Confidential 24 . The following figure shows app control events in the Policy Violation Event screen. In this case.

select Apps & Files | App Control. Company Confidential 25 . 2. In Smartphone Manager. Click Add.Adding an App Control Rule To add an app control rule: 1.

specify one or more criteria to match the name of the app you want to control: • Select IS or CONTAINS to indicate whether to use an exact match. Company Confidential 26 . 4. • Disallowed: This rule specifies criteria for apps that MUST NOT be installed. For the Type option. To add an additional entry. • Allowed: This rule specifies criteria for apps that MAY be installed. • In the Device Platform list. The following figure shows an example of an app control rule with criteria for disallowed apps. enter the app name text you want to match. click the + icon.3. select the platform to which you want to apply this entry. exclusive of all other apps. In the Name field. 6. then you must select IS. Click Save when you are finished. Under Rule Entries. Do not enter wildcards. you can enter a note about the purpose of the entry. • In the optional Comment field. select the type of rule you want to define: • Required: This rule specifies criteria for apps that MUST be installed. Note that if you selected Required. specify an identifier for this rule. 5. 7. • In the App Search String.

4. Select the security policy you want to work with. Specify the rule in the appropriate security policies to apply the rule to managed devices. Click the Edit button. Company Confidential 27 . Scroll down to the Access Control section of the Edit Security Policy screen.8. In Smartphone Manager. 3. select Security & Policies | All Policies. Applying an App Control Rule to a Security Policy To apply an app control rule to a security policy: 1. 2.

10. To apply allowed-type or disallowed-type rules. 11. 6. You may not select both in the same security policy. Select the checkbox for the App Control rules option. 7. Select the allowed-type or disallowed-type rules you want to apply and click the arrow button to move them to the Enabled list. select the rules you want to apply. if configured in Event Center. Click Save. In the dropdown list. Under Rule Type: Required. if any. 9. 8. • Send Alert: Generates a policy violation alert if configured in Event Center.5. Company Confidential 28 . select either Rule Types: Allowed or Rule Types: Disallowed. Go to Event Center to configure App Control alerts. You can select from: • Block ActiveSync and Send Alert: Prevents the device from accessing email via ActiveSync and generates a policy violation alert. select the action you want to perform if the rule is violated. and click the arrow button to move them to the Enabled list.

Confirm that the app control alerts you want to generate have been selected. Select Add New | Policy Violation Event. select Event Center | All Events. The following table summarizes these alerts: Item Description Disallowed app found App found that is not in Allowed Apps list Required app not found 5. 3. Disable any other alerts that you do not want to enable. Generate an alert if an app is found that is not on the Allowed Apps list for the designated device. 4. 2. Enter a name for the event. Generate an alert if a required app is not found on a designated device.Configuring App Control Alerts To enable app control alerts: 1. Company Confidential 29 . Generate an alert if a disallowed app is found on a designated device. In Smartphone Manager.

Click Save. Icon Description App control violation Required app violation Allowed app violation Disallowed app violation The following figure shows an icon indicating an app control violation.6. as shown in the following figure. Company Confidential 30 . Viewing App Control Status In addition to the alerts you can configure. The following table summarizes the icons related to app control. Select the entry for a device in violation to see details in the device details pane. MobileIron displays app control status for devices in the All Smartphones page.

Company Confidential 31 . which ensures that information about installed apps is sent to the VSP. and any other features dependent on inventory data will not function. and Privacy Policies App control and app inventory features are influenced by the new Apps setting in privacy policies. then app control rules. App Inventory. in-house app notifications. it is set to Sync Inventory. By default.App Control. If you set Apps to None.

BlackBerry 6.0 Support This release includes support for BlackBerry 6 devices. MobileIron functionality is much the same as with previous BlackBerry versions. The following differences should be noted: • The Lock feature does not lock the device if the user has not already set a passcode for the device. Company Confidential 32 .

therefore users do not register their devices with MobileIron. Company Confidential 33 . Use the ActiveSync Smartphones page to view Windows Phone 7 devices that are accessing enterprise email via ActiveSync.Windows Phone 7 Support This release includes base device management support for Windows Phone 7 via ActiveSync: • • • • • • Password Policy Device Inventory Device Details Allow / Block Wipe ActiveSync Policy Note: There is no MobileIron client for Windows Phone 7. Use the ActiveSync Policies page to manage these devices.

2. Note that the iOS registration procedure for the device user has changed slightly to accommodate this change. This feature also applies to newly-supported Android devices. registration of iOS devices required only a user name. Click Save. Under iOS/Android In-App Registrations Preferences. Specifically. To set up the requirement of a Registration PIN: 1. the Server Name field now displays first instead of together with the other fields requiring input for registration. or select Password and Registration PIN to require both. In Smartphone Manager. However. select Settings | Preferences.Registration PIN and/or Password (Android/ iOS) Previously. and server name from the device user. you now have the option to require a MobileIron-generated Registration PIN in place of or in addition to the password. select Registration PIN to require just a MobileIron-generated Registration PIN consisting of six characters. Company Confidential 34 . 3. password. This remains the default behavior.

Scroll down to the SMS Archive Preferences section. In Smartphone Manager. Complete the following steps to set up the SMS Archive package.x WIn 7 SMS Archive - yes - - -11 - -11 -11 - 11 SMS archiving coverage is not complete for this platform.SMS Archive Package Android BlackBerry iOS iOS4. 2. Enter the email address to display in the From field of the emails generated for archiving the SMSes. 1. Separate the email addresses with commas (. 3. there are certain devices for which the SMS data is not currently available.). click Settings | Preferences.x + MDM Symbian webOS WinMo 5 WinMo 6. Also. Enter the email addresses for the archival systems to which the generated emails are being sent. Company Confidential 35 . Use the following guidelines to complete the settings: Setting Description Forward SMS as Email Default From Address Destination Email Addresses Select On to enable the SMS Archive package.

You may specify the same SMTP server that you specified when you configured the VSP. To configure a privacy policy to support SMS archiving: 1. The default value is 4. Enter the number of hours that the VSP should wait before forwarding collected SMSes to their archival destinations. 5. Select Yes if you want to enable TLS for interactions with the SMTP relay server. These policies impact whether SMS content will be archived. then MobileIron attempts to connect to each in the order specified until a successful connection is established.Setting Description Host/IP Addresses Enter the host name or IP address of each SMTP server to use for relaying the email to the SMS archival destinations. If you selected Yes for the TLS Enabled option. If you specify multiple addresses. Click the Edit button. 2. TLS Enabled STARTTLS Required SMS Delivery Interval 4. indicate whether the STARTTLS protocol is required for the specified SMTP servers. as well. Select Security & Policies in Smartphone Manager. Click the Check SMTP Connection button to confirm SMTP access. Click Save at the bottom of the Preferences screen. Select the privacy policy entry. 3. Company Confidential 36 . SMS Archive and Privacy Policies MobileIron privacy policies specify whether SMS content is synchronized.

In Smartphone Manager. Monitoring SMS Archival The following monitoring options are available to track: • the number of SMSes queued for delivery • the total number of SMSes delivered Checking the SMS Archive Queue You can display the number of SMSes currently waiting to be forwarded from the VSP to the configured archive destinations: 1. Set the SMS option to Sync Content. click Settings | Preferences. Company Confidential 37 .4. Scroll down to the SMS Archive Preferences section. 2.

Note that the Send Now button is enabled only if there are queued SMSes. Scroll down to the SMS Archive Preferences section. In Smartphone Manager. which determines how often the VSP forwards the collected SMSes to the archival destinations. Note the Number of SMS in Queue statistic at the bottom of the section. Click the Check SMTP Connection to confirm connectivity. 2. 2. In Smartphone Manager. you specify the SMS Delivery Interval. Company Confidential 38 . click Settings | Preferences. Checking the Number of Delivered SMSes MobileIron keeps a perpetual count of the SMSes delivered to archive destinations. Note the Number of SMS in Queue statistic at the bottom of the section. See “Overriding the SMS Delivery Interval” on page 38 for information on attempting to deliver SMSes by overriding the delivery interval.3. Overriding the SMS Delivery Interval When you set up the SMS Archival package. To override this interval and send the SMSes immediately: 1. Click the Send Now button. 3. 3. click Settings | Preferences. A large number of queued SMSes can mean high activity or a problem with SMTP connectivity. Scroll down to the SMS Archive Preferences section. To view this number: 1.

Company Confidential 39 . See Settings | Preferences in Smartphone Manager for the configured SMTP relay. See Settings | Preferences in Smartphone Manager for the configured SMTP relay. Generates an alert if the MobileIron VSP is unable to contact the MobileIron Sentry. The alert includes available details to enable troubleshooting. Generates an alert if the configured SMTP relay does not respond to a ping or SMTP ping. In general. Event Description Sentry (standalone and integrated) cannot reach EAS server Sentry (standalone and integrated) is unreachable Provisioning Profile Expired Generates an alert if the MobileIron Sentry is unable to contact the ActiveSync server.Expanded Events System events and policy violations events have been enhanced to include several additional scenarios. this profile will be associated with an in-house app. System Events The following table lists the system events that have been added. Generates an alert if an iOS provisioning profile distributed via MobileIron has expired. SMTP Relay server is unreachable SMTP Relay server error Generates an alert if the configured SMTP relay returns an error.

check its status. Contact MobileIron Support for information on troubleshooting this issue. You can schedule this service. Apps are specified as Required. Event Description App Control Disallowed app found Generates an alert if an app that is specified as Disallowed is not installed on a device.Event Description SMS Message archive queue is full Generates an alert if the queue of messages to be archived exceeds 100. This indicates a possible problem with the service. but failed. Apps are specified as Required. or Disallowed under Apps & Files | App Control. If the task was initiated (automatically or manually) during that 24 hour period. causing a backlog in the queue. MAI data processing has not succeeded for more than 24 hours Generates an alert when 24 hours has elapsed since the last time the MAI data processing task ran successfully. App found that is not in Allowed Apps list Company Confidential 40 . then the alert will still be generated. Generates an alert if an app that does not appear on the list of allowed apps has been detected on a device. or Disallowed under Apps & Files | App Control. Allowed. or launch it manually from Mobile Activity Intelligence | Settings in Smartphone Manager. In response to this alert. you should check the health of the SMTP relay server and confirm that it is correctly configured under Settings | Preferences in Smartphone Manager. Policy Violations Events The following table lists the policy violations events that have been added. Allowed.

or Disallowed under Apps & Files | App Control. Generates an alert if an iOS device has its Data Protection feature turned off. an Android user has obtained or provided an app with root access to the device. That is. Apps are specified as Required. Generates an alert if an Android device having a disallowed OS version is detected. Device Settings Passcode is not compliant iOS iOS Configuration not compliant Data Protection is disabled Restored Device connected to server Android Disallowed Android OS version found Compromised Android device detected Company Confidential 41 . Allowed. Generates an alert if a compromised Android device is detected. Generates an alert if an iOS device does not have the expected security policy or application settings. This state may indicate that a setting was changed or was not applied successfully. You can specify disallowed versions in the security policy.Event Description Required app not found Generates an alert if an app that is specified as Required is not installed on a device. Generates an alert if a device is detected having a passcode that does not meet the requirements specified in the associated security policy. Generates an alert if a previously wiped device has been restored and attempts to connect through MobileIron.

Outbound HTTP Proxy for Gateway Transactions and System Updates You can now configure an outbound HTTP proxy for the MobileIron VSP. In Smartphone Manager. Scroll down to the HTTP Client Preferences section. This proxy is intended primarily for organizations that require an HTTP proxy for communications with the MobileIron Gateway and for system updates. 2. MapQuest requests are also routed through this proxy. Note: See MobileIron Support for assistance in implementing this feature. select Settings | Preferences. To configure the proxy: 1. Company Confidential 42 .

At this point. Specify the amount of time to wait for the connection setup to complete. See MobileIron Support for help with applying these settings. What the HTTP Outbound Proxy Does Not Apply To The HTTP outbound proxy does not apply to the following areas: • • • • APNS for MDM or the MobileIron Client MobileIron Sentry BES integration SCEP-to-CA connections Company Confidential 43 . Use the following guidelines to complete the fields in this section: Field Description HTTP Proxy URL HTTP Proxy Auth Name HTTP Proxy Auth Password HTTP Client Connect Timeout HTTP Client Socket Timeout 4. Enter the URL for the outbound HTTP proxy. Specify the amount of time to wait for a response from the proxy server. Click Save. the settings are saved. Enter the authentication password for the HTTP proxy. but not applied. Enter the authentication name for the HTTP proxy.3.

you may want to exclude from registration all devices of a particular platform. Navigate to the Registration Preferences section. you may want to prevent helpdesk personnel from mistakenly registering the unsupported platform in the Admin Portal. All methods of registration now exclude the selected platforms. if corporate policy dictates that a particular device platform will not be supported. In Smartphone Manager. you may want to prevent users from selecting the platform during self registration. Click the left arrow button to move the selected platforms to the Disabled Platforms list. select the platform you want to exclude. select Settings | Preferences. In the Enabled Platforms list. To exclude a device platform from registration: 1. 3. 5. Shift-click platforms to select more than one. Company Confidential 44 . 4. 2. Click Save.Specifying Eligible Platforms for Registration In some cases. Likewise. For example.

API Additions The following APIs have been added for this release: • • • • • • • Get Devices by App Name Get Policies Get Policies by Device UUID Get All App Settings Get App Settings by Type Get App Settings by Device UUID Apply Policy to Label/Remove Policy fromLabel Company Confidential 45 .

Sign up to vote on this title
UsefulNot useful