- Kaspersky Secure Mobility Management help
- What's new
- Working in MMC-based Administration Console
- Key use cases
- About Kaspersky Secure Mobility Management
- Distribution kit
- Key features of mobile device management in MMC-based Administration Console
- About Kaspersky Endpoint Security for Android app
- About Kaspersky Device Management for iOS
- About the Kaspersky Endpoint Security for Android Administration Plug-in
- About the Kaspersky Device Management for iOS Administration Plug-in
- Hardware and software requirements
- Known issues and considerations
- Deployment
- Solution architecture
- Deployment scenarios for Kaspersky Endpoint Security for Android
- Deployment scenarios for iOS MDM profile
- Preparing the Administration Console for deployment of the integrated solution
- Configuring Administration Server settings for connection of mobile devices
- Configuring a connection gateway to connect mobile devices to Kaspersky Security Center Administration Server
- Displaying the Mobile Device Management folder in the Administration Console
- Creating an administration group
- Creating a rule for device automatic allocating to administration groups
- Creating a mobile certificate
- Deploying mobile device management systems
- Deploying a system for management using iOS MDM protocol
- iOS MDM Server deployment scenarios
- Simplified deployment scheme
- Deployment scheme involving Kerberos constrained delegation (KCD)
- Installing iOS MDM Server
- Use of iOS MDM Server by multiple virtual Servers
- Receiving an APNs certificate
- Renewing an APNs certificate
- Configuring a reserve iOS MDM Server certificate
- Installing an APNs certificate on an iOS MDM Server
- Configuring access to Apple Push Notification service
- Connecting KES devices to the Administration Server
- Integration with Public Key Infrastructure
- Deploying a system for management using iOS MDM protocol
- Installing Kaspersky Endpoint Security for Android
- Activating the Kaspersky Endpoint Security for Android app
- Installing an iOS MDM profile
- Installing administration plug-ins
- Updating a previous version of the application
- Removing Kaspersky Endpoint Security for Android
- Disconnecting an iOS MDM device from management
- Configuration and Management
- Getting Started
- Protection
- Configuring anti-virus protection on Android devices
- Protecting Android devices on the internet
- Protection of stolen or lost device data
- Configuring device unlock password strength
- Configuring a virtual private network (VPN)
- Configuring Firewall on Android devices (only Samsung)
- Protecting Kaspersky Endpoint Security for Android against removal
- Detecting device hacks (root)
- Configuring a global HTTP proxy on iOS MDM devices
- Adding security certificates to iOS MDM devices
- Adding a SCEP profile to iOS MDM devices
- Restricting SD card usage (only Samsung)
- Control
- Management
- Configuring connection to a Wi-Fi network
- Configuring email
- Installing root certificates on Android devices
- Configuring notifications for Kaspersky Endpoint Security for Android
- Connecting iOS MDM devices to AirPlay
- Connecting iOS MDM devices to AirPrint
- Bypassing the Activation Lock on supervised iOS devices
- Configuring the Access Point Name (APN)
- Configuring the Android work profile
- Adding an LDAP account
- Adding a calendar account
- Adding a contacts account
- Configuring calendar subscription
- Adding web clips
- Adding fonts
- Device owner mode
- Commands for mobile devices
- Managing the app using third-party EMM systems (Android only)
- Network load
- Participating in Kaspersky Security Network
- Data provision to third-party services
- Global acceptance of additional Statements
- Samsung KNOX
- Appendices
- Using the Kaspersky Endpoint Security for Android app
- App features
- Main window at a glance
- Status bar icon
- Device scan
- Running a scheduled scan
- Changing the Protection mode
- Anti-virus database updates
- Scheduled database update
- Things to do if your device gets lost or stolen
- Web Protection
- Get Certificate
- Synchronizing with Kaspersky Security Center
- Activating the Kaspersky Endpoint Security for Android app without Kaspersky Security Center
- Installing the app in device owner mode
- Installing root certificates on the device
- Enabling accessibility on Android 13 or later
- Enabling accessibility for the app on Android 13
- Updating the app
- Removing the app
- Applications with a briefcase icon
- KNOX app
- Using the Kaspersky Security for iOS app
- Working in Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console
- About mobile device management in Kaspersky Security Center Web Console and Cloud Console
- Distribution kit
- Key features of mobile device management in Kaspersky Security Center Web Console and Cloud Console
- About the Kaspersky Endpoint Security for Android app
- About the Kaspersky Security for iOS app
- About the Kaspersky Security for Mobile (Devices) plug-in
- About the Kaspersky Security for Mobile (Policies) plug-in
- Hardware and software requirements
- Known issues and considerations
- Deploying a mobile device management solution in Kaspersky Security Center Web Console or Cloud Console
- Managing mobile devices in Kaspersky Security Center Web Console and Cloud Console
- Managing group policies
- Defining policy settings
- Configuring anti-virus protection
- Defining device unlock settings
- Configuring protection of stolen or lost device data
- Configuring app control
- Configuring compliance control of mobile devices with corporate security requirements
- Configuring user access to websites
- Configuring feature restrictions
- Protecting Kaspersky Endpoint Security for Android against removal
- Configuring synchronization of mobile devices with Kaspersky Security Center
- Kaspersky Security Network
- Exchanging information with Google Analytics for Firebase, Firebase Performance Monitoring, and Crashlytics
- Configuring notifications on mobile devices
- Detecting device hacks
- Defining licensing settings
- Configuring events
- Configuring events about the installation, update, and removal of apps on users' devices
- Network load
- About mobile device management in Kaspersky Security Center Web Console and Cloud Console
- Application licensing
- Comparison of solution features depending on the management tools
- Contact Technical Support
- Sources of information about the application
- Glossary
- Activating the application
- Activation code
- Administration group
- Administration Server
- Administrator's workstation
- Android work profile
- Anti-virus databases
- Apple Push Notification service (APNs) certificate
- Application management plug-in
- Certificate Signing Request
- Compliance control
- Device administrator
- End User License Agreement
- Group task
- IMAP
- Installation package
- iOS MDM device
- iOS MDM profile
- iOS MDM Server
- Kaspersky categories
- Kaspersky Private Security Network (KPSN)
- Kaspersky Security Center Administrator
- Kaspersky Security Center Web Server
- Kaspersky Security Network (KSN)
- Kaspersky update servers
- Key file
- License
- License term
- Manifest file
- Network Agent
- Phishing
- Policy
- POP3
- Provisioning profile
- Proxy server
- Quarantine
- SSL
- Standalone installation package
- Subscription
- Supervised device
- Unlock code
- Virus
- Information about third-party code
- Trademark notices
Working in MMC-based Administration Console > Deployment > Deploying mobile device management systems > Connecting KES devices to the Administration Server > Using Google Firebase Cloud Messaging
The help for this version of the solution is no longer updated, so it may contain outdated information. For up-to-date information about the solution refer to the Kaspersky Secure Mobility Management 4.1 Help.
Using Google Firebase Cloud Messaging
To ensure timely responses of KES devices on Android to the administrator's commands, you must enable the use of Google Firebase Cloud Messaging (hereinafter referred to as FCM) in the Administration Server properties.
To enable the use of FCM:
- In Administration Console, select the Mobile Device Management node, and the Mobile devices folder.
- In the context menu of the Mobile devices folder, select Properties.
- In the folder properties, select the Google Firebase Cloud Messaging settings section.
- In the Sender ID and Server key fields, specify the FCM settings: SENDER_ID and API Key.
FCM service runs in the following address ranges:
- From the KES device's side, access is required to ports 443 (HTTPS), 5228 (HTTPS), 5229 (HTTPS), and 5230 (HTTPS) of the following addresses:
- google.com
- fcm.googleapis.com
- android.apis.google.com
- All of the IP addresses listed in Google's ASN of 15169
- From the Administration Server side, access is required to port 443 (HTTPS) of the following addresses:
- fcm.googleapis.com
- All of the IP addresses listed in Google's ASN of 15169
If the proxy server settings (Advanced / Configuring Internet access) have been specified in the Administration Server properties in Administration Console, they will be used for interaction with FCM.
Configuring FCM: retrieving SENDER_ID and API Key
To configure FCM, the administrator must perform the following actions:
- Register on Google portal.
- Go to Developers portal.
- Create a new project by clicking the Create Project button, specify the project's name, and specify the ID.
- Wait for the project to be created.
On the first page of the project, in the upper part of the page, the Project Number field shows the relevant SENDER_ID.
- Go to the APIs & auth / APIs section and enable Google Firebase Cloud Messaging for Android.
- Go to the APIs & auth / Credentials section and click the Create New Key button.
- Click the Server key button.
- Impose restrictions (if any), click the Create button.
- Retrieve the API Key from the properties of the newly created key (Server key field).
Article ID: 253997, Last review: Dec 27, 2024