The help for this version of the solution is no longer updated, so it may contain outdated information. For up-to-date information about the solution refer to the Kaspersky Secure Mobility Management 4.1 Help.

What's new

Kaspersky Secure Mobility Management 1.0

In this release, we added a wide range of features to plug-ins for MMC-based Administration Console to set up control over corporate mobile devices.

The following features were added to the plug-in for managing Android devices:

• The Kaspersky Endpoint Security for Android app now supports devices that operate in device owner mode. You can generate a QR code for app installation in device owner mode that allows you to configure different device settings.
• Features for Android devices in device owner mode:
  • Restrictions of Android operating system features. These restrictions include:
    • Device features (reset to factory settings, screen capture, calls and SMS messages, and so on).
    • Apps (the use of different apps, app installation settings, and so on).
    • Storage (mounting external media, file transfer over USB, and so on).
    • Network (Wi-Fi and mobile networks, VPN settings, and so on).
    • Location Services (the use of location and changing location settings).
  • Management of Google Chrome settings.
  • Kiosk mode (with a single app or set of apps).
  • Management of Exchange ActiveSync settings for Gmail.
  • Connection to a NDES/SCEP server.
  • Installation of root certificates on devices.
  • Silent installation of required apps and uninstallation of blocked apps defined in App Control rules.
  • Option to delete apps blocked by App Control.
• Features to configure screen unlock passwords for Android devices:
  • You can specify different password requirements.
  • You can manage the use of biometric unlock methods.
  • You can specify the password lifetime and history length.
  • You can specify the unlock password in the Administration Console and force the change on the device.
• New options for Samsung KNOX devices:
  • Option to prohibit developer mode.
  • Option to prohibit sending crash reports to Google.
• New features to configure Wi-Fi networks:
  • Support for the 802.1.x EAP security protocol and ability to configure its protection settings (such as the EAP method).
  • You can specify the list of allowed Wi-Fi networks to connect automatically and hide other networks from the user device.
• New options to delete all data on a lost or stolen Android device after failed attempts to enter the unlock password.
• Adding web clips to devices.

This release also includes the following new features in the plug-in for managing iOS MDM devices:

• The new Compliance Control component that lets you monitor iOS MDM devices for compliance with corporate security requirements and take various actions.
• You can manage apps on iOS MDM devices based on lists of allowed and prohibited apps.
• New commands are added:
  • Reset password
  • Schedule operating system update
  • Set Bluetooth state
• New features to configure VPN connections:
  • Support for the IKEv2 protocol.
  • You can set up activating the VPN connection for selected website domains in Safari.
• New option to force the use of a password on a device.
• New options to manage operating system features on supervised devices:
  • Delay software updates.
  • Manage access to USB devices.
  • Manage Wi-Fi, VPN, and Personal Hotspot settings.
  • Manage the use of NFC.

Starting from release 1.0, Kaspersky Security for Mobile no longer supports management of mobile devices by using the Exchange ActiveSync protocol (management of EAS devices). Instead, you can integrate with Exchange Server via policy settings for Android or iOS MDM devices. If you want to continue managing your devices via the Exchange ActiveSync protocol, please use earlier versions of the Kaspersky Security for Mobile solution.