Compliance Rule Sets in MaaS360 MaaS360 allows you to apply sets of compliance rules on mobile devices. These rules are conditions that are checked on devices on real-time basis. If a device is not in compliance with the defined rule or conditions, MaaS360 registers it as an out-of-compliance (OOC) event, and the enforcement actions you specified will be taken on the device. You can choose what action to take, a timeframe for the action (where applicable), and you can send a custom message to the user. For example, the following rule will be invoked when a user installs a blacklisted app on a device: In this example, the user will receive an alert saying that their device is out of compliance upon installation of the app or MaaS360. They will have 24 hours after receiving the alert to uninstall the app before all content and settings deployed by MaaS360 will be wiped from the device. You can create multiple rules and assign them to different devices, depending on the needs of your organization and the users roles. Most mobile device platforms allow users to ignore and override passcode policies and application restrictions. Rules such as Enforce Enrollment are useful, especially to track users who accidentally or willfully try to remove their organization s device management and control capabilities. It s a best practice to use rules to enforce corporate standards, even if you already publish policies to your devices. In special cases, you may want to make some devices exempt from the automated actions of the compliance rule sets. You can do this by marking the device as Important through Custom Attributes. Only devices marked as Important from the Inventory on the View All Devices screen will be exempt from the automated actions. To access the Compliance Rules screen, select Security > Compliance Rules. 1
The existing rules will be displayed. Rule Set Name (Actions links) Available for Default Status Precedence Name of the compliance rule. It must be unique. Click the link under the name to perform an action: Edit: review the rule set and change it Assign: apply it to group Make Default/Clear Default: make this rule set the default for newly enrolled devices Audit: view the audit history of the rule set Delete: delete the rule set Specifies which groups the rules set can be applied to. Note: This feature is not available by default. Please contact your Account Manager or Technical Support for more information. If checked, this rule set is the default. It is automatically given to all devices when they are enrolled. Specifies if the rule set is active or inactive. Click the Show All button at the top of the screen to include inactive rule sets in the list, and click Hide Inactive to only display active ones. You can have devices with multiple rule sets assigned to them, depending on how your groups are set up. In those cases, the rule set with the lower precedence is the one that will be enforced. Note: This feature is not available by default. Please contact your Account Manager or Technical Support for more information. # of Devices Specifies how many devices have been assigned this rule set. Click on the number to see a list of those devices. Last Updated By Last Updated On Username of the person who last updated the rule set. Date of the last update. 2
Creating Rules To create a new rule, click Add Rule Set at the top of the Compliance Rules screen. Specify the group it is available for, the rule s name and an existing rule to use as a starting point. Click Continue. If you have no existing rules, you will only be asked to click Add Rule. Update the parameters and settings to create the compliance rules you want. Click the side tabs to see additional settings and parameters, which are described below. When you are finished, click Save. 3
Your new rule will appear on the Compliance Rules screen. Links under the name allow you to perform different actions: Edit: display the parameters and settings so you can change the rule set Assign: assign the compliance rule set to a group of devices, or to any new devices as they are enrolled Make Default: assign the compliance rule set to all devices that do not already have a one Audit: see the changes that have been made to the rule set over time Delete: remove the rule set Editing Rules To edit a rule set, access the Compliance Rules screen by selecting Security > Compliance Rules. Enter the first few characters of the rule s name in the Search field. As you type, rules that match the text will be displayed. 4
When you find the rule you want to change, click the Edit link below it. Make your changes to the settings and parameters, and then click Save. Assigning Rules A device must have a rule set assigned to it in order to take effect. This can be done by group, specific device or to all devices. To assign a rule, click the Assign link under the appropriate rule. Select the group or device you want to receive the rule from the pull-down menu. Enter any comments to explain the assignment. 5
You can also specify if you want this rule to automatically be assigned to new devices if you have Dynamic Policies or Precedence enabled in your portal. Please contact your Account Manager for more information. Note: Clicking the Auto assign to new devices does not make this rule the default rule. It assigns the rule to devices that enroll in the future, but has no effect on previously enrolled devices. Note: Clicking the Make Default link on the Compliance Rules screen makes the rule the default rule. It is given to devices that do not have a rule. If a device is removed from a group so it no longer has a rule, it will be given the default rule. When you are finished, click Submit. Setting a Rule as the Default The default rule set will be applied to all devices unless explicitly specified during enrollment, or modified. If a device is removed from a group so it no longer has a rule, it will be given the default rule. To make a rule the default, find the rule on the Compliance Rules screen. Click the Make Default link under the rule s name. Enter your password at the prompt and click Confirm. 6
The rule now has a green checkmark in the Default column indicating that it is the default. If the default rule is changed to a new rule, all devices that have the old rule set will change to the new one. Viewing the Audit History of a Rule To see the history of a rule, click the Audit link under the appropriate rule. You can see the actions that were performed, when they were performed, who performed them and the source IP address. Deleting Rules When you delete a rule, you make it inactive. It still exists, but it cannot be assigned to any devices unless it is made active again. Find the rule you want to delete on the Compliance Rules screen. You can enter characters into the Search box to help you find it. 7
Select the Delete link of the appropriate rule. You will be asked to enter your password to confirm the deletion. Precedence Note: This feature is not enabled by default. Contact your account representative for details. In MaaS360, rules can be dynamically assigned to different device groups, so the policy in force on a device can change as circumstances change. For example, you can have a device group for a specific operating system version and assign a rule to it. When a user upgrades the device, it would then become part of the new group and would get the associated rule automatically. As a result, it is possible for a device to be automatically assigned to multiple groups which have conflicting rules. Precedence allows you to prioritize rules so MaaS360 will apply the appropriate one if more than one is applicable. Click the Precedence button to view the Change Precedence dialog box, which lists the available ios and Android MDM policies. 8
You can change the policy precedence by dragging a policy box to the desired precedence level. Click Save when finished. Settings and Parameters Basic Settings Select Applicable Platforms Choose the device operating systems to which the rule should apply. Enable Real-time Compliance for OS es Specify the operating systems to which this rule will apply. ios, Android, BlackBerry, Windows Phone, Symbian, Windows Mobile, Others ios, Android, BlackBerry, Windows Phone, Symbian, Windows Mobile, Others Select all that apply. 9
Event Notification Recipients Specify the email addresses that should be notified when a device falls out of compliance, as specified by different compliance conditions. Enter email addresses for event notification Enter the valid email address of an administrator. A valid email address Click the green plus icon to enter an additional email address.. Exemptions You can make a device exempt from the rule sets by selecting Devices > Inventory, and then clicking on the appropriate device name to display detailed information about the device. Select Hardware Inventory from the pull-down menu. 10
The Hardware Inventory screen displays custom attributes. Click the Edit button, and then select Yes for the Important Device (Skip Enforcement Action) field. Save your change. Enforcement Rules On the Enforcement Rules tab, you can have MaaS360 enforce: Enrollment in MDM Specific operating system versions Support for remote wipe Support for block- and file-level encryption, or no encryption Compliance with corporate app policies for blacklisted, whitelisted and required apps Restrictions for jailbroken and rooted devices Note: Wipe allows you to wipe out all data on the mobile device and reset it to the original factory settings. In Android 2.2, the Wipe action will reset only the phone memory. However, in Android 2.3, the Wipe action will reset both the phone memory and the SD card. Note: The Block and Wipe enforcement actions are only available with Cloud Extender integration. Enrollment 11
Devices must be enrolled in MaaS360 to send data to the portal and allow administrators to take action. These settings allow you to specify what should happen depending on a device s enrollment status. Enrollment Ensure devices are enrolled in MDM and advanced management of the device has not been disabled or removed by the user. Cleared Selected, cleared Select the checkbox to expand the list of options. Trigger Action on Managed Status An event is triggered based if the device is not managed by MDM Not Enrolled, User Removed Control, Pending Control Removal, Control Removed Not Enrolled, User Removed Control, Pending Control Removal, Control Removed Select all that apply. Send Enrollment Request in Email Enforcement Action (Immediate) If the device is not managed, automatically send an enrollment request to it Action MaaS360 will take immediately after the out-of-compliance event Cleared Selected, cleared Sending a re-enrollment email when a user removes control can help them get back in compliance. Alert Alert, Block, Wipe Wipe will restore the device to the original factory settings. Enforcement Action (Later) Specify action to be taken after the out of compliance (OOC) event a certain number of hours or days later. Send an alert one hour later. Hours, Days Alert, Block, Wipe to add one or more actions that will occur after the user has had time to remediate the noncompliance. Wipe will restore the device to the original factory settings. Notify User user of the out of compliance (OOC) event Email, Device Notification Email, Device Notification Notify Admins Administrator of the out of compliance (OOC) event, other email addresses You can send an email to the list of recipients defined on the Basic Settings side tab ( ) or create a custom list of recipients. Enter a custom message to be delivered to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. 12
OS Versions Some versions of different operating systems have or support stricter security features than others. You can set up the rule to take action if a device doesn t have the correct version. Name Description Default Values Valid Values Comments OS Versions Ensure that your managed devices are up to date with the required OS versions. Please note that version check may be invalid on Rooted or Jailbroken devices. This rule would be enforced on enrolled devices that have the complete OS version information. Cleared Selected, cleared Select the checkbox to expand the list of options. A jailbroken or rooted device can be set up to report in to the server as any OS version, bypassing this rule. We recommend that if you use this setting, you also check for jailbroken/rooted devices. Select OS Version Mode Specify how you will validate the OS versions. Different fields will be displayed depending on the option you select here. Specify Version Range Specify Version Range, Specify Allowed Versions, Specify Disallowed Versions If you select Specify Version Range, you can select a minimum and maximum OS version for each of the operating systems. For Specify Allowed Versions and Specify Disallowed Versions, you can choose an OS and version. Click the green plus icon to add more than one. 13
Name Description Default Values Valid Values Comments Enforcement Action (Immediate) Define the action to be taken immediately after an OOC Alert Alert, Block, Selective Wipe, Change Policy, Wipe, Remove Control, Hide Device Alert: send a message about the OOC event Block: the device cannot access corporate resources Selective Wipe: corporate settings, apps and content distributed by MaaS360 will be deleted Change Policy: assign a different policy to the device Wipe: reset the device to factory settings Remove Control: the MaaS360 app will be deleted from the device; it cannot access corporate access Hide Device: mark the device as inactive in MaaS360 reporting, but do not remove MaaS360 s control Enforcement Action (Later) Specify action to be taken after the out of compliance (OOC) event a certain number of hours or days later. Send an alert one hour later. Hours, Days Alert, Block, Wipe to add one or more actions that will occur after the user has had time to remediate the noncompliance. Alert: send a message about the OOC event Block: the device cannot access corporate resources Wipe: restore the device to the original factory settings. Notify User user of the out-of-compliance, Other Email to add more addresses. Notify Admins administrator(s) of the, Other Email to add more addresses. A custom message to be sent to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. 14
Remote Wipe Support Some older devices cannot be wiped remotely. If you want to prevent those devices from being enrolled and accessing your corporate resources, create a rule about remote wipe support. Remote Wipe Support Certain older devices cannot be wiped remotely. Some organizations choose to prevent those devices from accessing corporate resources. This setting allows you to take action if a user tries to enroll one of these devices. Cleared Selected, cleared Select the checkbox to expand the list of options. Enforcement Action (Immediate) Define the action to be taken immediately after an OOC Alert Alert, Block, Selective Wipe, Change Policy, Wipe, Remove Control, Hide Device Alert: send a message about the OOC event Block: the device cannot access corporate resources Selective Wipe: corporate settings, apps and content distributed by MaaS360 will be deleted Change Policy: assign a different policy to the device Wipe: reset the device to factory settings Remove Control: the MaaS360 app will be deleted from the device; it cannot access corporate access Hide Device: mark the device as inactive in MaaS360 reporting, but do not remove MaaS360 s control 15
(Enforcement Action Later) Specify action to be taken after the out of compliance (OOC) event a certain number of hours or days later. Send an alert one hour later. Hours, Days Alert, Block, Wipe to add one or more actions that will occur after the user has had time to remediate the noncompliance. Hours: perform the action after the specified number of hours Days: perform the action after the specified number of days Alert: send a message about the OOC event Block: the device cannot access corporate resources Wipe: restore the device to the original factory settings. Notify User user of the out-ofcompliance, Notify Admins administrator(s) of the, A custom message to be sent to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. Encryption Support Some older devices cannot be encrypted. If you want to prevent those devices from being enrolled and accessing your corporate resources, create a compliance rule to notify administrators and prevent it. 16
Encryption Support Ensure that managed devices support the designated encryption levels. Cleared Selected, cleared Select the checkbox to expand the list of options. Trigger Action on Hardware Encryption Status Define the conditions that determine an outof-compliance Block-level, Not Supported, Filelevel, No encryption Block-level, Not Supported, Filelevel, No encryption Block-level: the device does not support blocklevel encryption Not supported: the device does not support encryption. File-level: the device does not support filelevel encryption No encryption: the device can be encrypted, but it is not currently Enforcement Action (Immediate) Define the action to be taken immediately after an OOC Alert Alert, Block, Selective Wipe, Change Policy, Wipe, Remove Control, Hide Device Alert: send a message about the OOC event Block: the device cannot access corporate resources Selective Wipe: corporate settings, apps and content distributed by MaaS360 will be deleted Change Policy: assign a different policy to the device Wipe: reset the device to factory settings Remove Control: the MaaS360 app will be deleted from the device; it cannot access corporate access Hide Device: mark the device as inactive in MaaS360 reporting, but do not remove MaaS360 s control 17
(Enforcement Action Later) Specify action to be taken after the out of compliance (OOC) event a certain number of hours or days later. Send an alert one hour later. Hours, Days Alert, Block, Wipe to add one or more actions that will occur after the user has had time to remediate the noncompliance. Alert: send a message about the OOC event Block: the device cannot access corporate resources Wipe: restore the device to the original factory settings. Notify User user of the out-ofcompliance, The standard email address list for the rule is defined on the Basic Settings tab. Notify Admins administrator(s) of the, A custom message to be sent to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. Application Compliance MaaS360 policies allow you to blacklist, whitelist (allow) and require specific apps. If a user who has been assigned one of those policies tries to install an app that has been restricted or is missing an app that is required, the action specified in the compliance rule will be taken. 18
Application Compliance Ensure that devices are in compliance with app management requirements, as defined by the policy assigned to the device. Cleared Selected, cleared Select the checkbox to expand the list of options. Enforcement Action (Immediate) Define the action to be taken immediately after an OOC Alert Alert, Block, Selective Wipe, Change Policy, Wipe, Remove Control, Hide Device Alert: send a message about the OOC event Block: the device cannot access corporate resources Selective Wipe: corporate settings, apps and content distributed by MaaS360 will be deleted Change Policy: assign a different policy to the device Wipe: reset the device to factory settings Remove Control: the MaaS360 app will be deleted from the device; it cannot access corporate access Hide Device: mark the device as inactive in MaaS360 reporting, but do not remove MaaS360 s control (Enforcement Action: Later) Specify action to be taken after the out of compliance (OOC) event a certain number of hours or days later. Send an alert one hour later. Hours, Days Alert, Block, Wipe to add one or more actions that will occur after the user has had time to remediate the noncompliance. Alert: send a message about the OOC event Block: the device cannot access corporate resources Wipe: restore the device to the original factory settings. 19
Notify User user of the out-ofcompliance, The standard email address list for the rule is defined on the Basic Settings tab. Notify Admins administrator(s) of the, A custom message to be sent to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. Jailbroken (ios) and Rooted (Android) Devices 20
MaaS360 can detect when a device is jailbroken or rooted, and perform the actions you specify. Jailbroken (ios) and Rooted (Android) Devices Define actions to be taken if a device with this Cleared Selected, cleared Select the checkbox to expand the list of options. Enforcement Action (Immediate) Define the action to be taken immediately after an OOC Alert Alert, Block, Selective Wipe, Change Policy, Wipe, Remove Control, Hide Device Alert: send a message about the OOC event Block: the device cannot access corporate resources Selective Wipe: corporate settings, apps and content distributed by MaaS360 will be deleted Change Policy: assign a different policy to the device Wipe: reset the device to factory settings Remove Control: the MaaS360 app will be deleted from the device; it cannot access corporate access Hide Device: mark the device as inactive in MaaS360 reporting, but do not remove MaaS360 s control (Enforcement Action: Later) Specify action to be taken after the out of compliance (OOC) event a certain number of hours or days later. Send an alert one hour later. Hours, Days Alert, Block, Wipe to add one or more actions that will occur after the user has had time to remediate the noncompliance. Alert: send a message about the OOC event Block: the device cannot access corporate resources Wipe: restore the device to the original factory settings Notify User user of the out-ofcompliance, The standard email address list for the rule is defined on the Basic Settings tab. 21
Notify Admins administrator(s) of the, A custom message to be sent to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. Corporate Resources for Blocked Devices Note: These settings are being deprecated over time, although they are still supported for customers who are currently using them. We recommend that you use policies to restrict access to corporate resources instead of compliance rules. Geo-Fencing Geo-Fencing Rules can be set up after you ve created approved locations. You can change the policy in force on the device based on its location, or specify actions that should take place if the device is removed from one of the approved locations. To set up a location, mouse over Security and select Locations. You can assign policies to certain device groups or all devices while they are in that location. 22
Geo-Fencing If a device falls out of compliance at a location, predefined actions can be taken. Cleared Selected, cleared Select the checkbox to expand the list of options. Enforcement Action (Immediate) Define the action to be taken immediately after an OOC Alert Alert, Block, Selective Wipe, Change Policy, Wipe Alert: send a message about the OOC event Block: the device cannot access corporate resources Selective Wipe: corporate settings, apps and content distributed by MaaS360 will be deleted Change Policy: assign a different policy to the device Wipe: reset the device to factory settings (Enforcement Action: Later) Specify action to be taken after the out of compliance (OOC) event a certain number of hours or days later. Send an alert one hour later. Hours, Days Alert, Block, Wipe to add one or more actions that will occur after the user has had time to remediate the noncompliance. Alert: send a message about the OOC event Block: the device cannot access corporate resources Wipe: restore the device to the original factory settings. Notify User user of the out-ofcompliance, Notify Admins administrator(s) of the, A custom message to be sent to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. Monitoring Rules Use the Monitoring Rules to monitor SIM changes, when a user s device is roaming, and any operating system version changes. 23
SIM Changes You can send messages to the user and to the administrators if a SIM card is changed. SIM Changes Notify User Take specified actions if a device s SIM card is changed. user of the out-ofcompliance Cleared Selected, cleared Select the checkbox to expand the list of options., Notify Admins administrator(s) of the, A custom message to be sent to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. Roaming Changes You can notify users and administrators if the user starts to roam. 24
Roaming Changes Notify User Notify Admins Send email notifications if the user is roaming. user of the out-ofcompliance administrator(s) of the A custom message to be sent to the recipients. Cleared Selected, cleared Select the checkbox to expand the list of options.,, A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. OS Version Changes You can send a message to an administrator and user if the device s operating system version changes. Roaming Changes Notify User Notify Admins Send email notifications if the device s operating system version has changed. user of the out-ofcompliance administrator(s) of the A custom message to be sent to the recipients. Cleared Selected, cleared Select the checkbox to expand the list of options.,, A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. 25
Expense Management Expense Monitoring Rules apply to mobile data usage. You can monitor both roaming and in-network data usage, and take action based on the usage thresholds. Roaming Mobile Data Usage You can send administrators or users up to three messages warning them that a device is reaching its roaming limit. Roaming Mobile Data Usage First Warning Level (%) Specify if you want MaaS360 to track mobile data usage and provide alerts. Specify the threshold at which the first warning will be sent. Cleared Selected, cleared Selecting the checkbox causes the other fields to appear. Select a value 50%, 60%, 70% This value will be incorporated in the message for the variable %limit%. 26
Actions Second Warning Level (%) Actions Third Warning Level (%) Actions Specify if you want to send a message to the administrator, the user or both. The message that will be sent when the threshold is met. You can use the provided message or create a custom one. Specify the threshold at which the second warning will be sent. Specify if you want to send a message to the administrator, the user or both. The message that will be sent when the threshold is met. You can use the provided message or create a custom one. Specify the threshold at which the third warning will be sent. Specify if you want to send a message to the administrator, the user or both. The message that will be sent when the threshold is met. You can use the provided message or create a custom one. First Warning Level: You have used %limit% of your monthly roaming mobile data usage limit. Alert User, Alert Administrator Default message, a custom message up to 140 characters. Select a value 70%, 80%, 90% This value will be incorporated in the message for the variable %limit%. Second Warning Level: You have used %limit% of your monthly roaming mobile data usage limit. Alert User, Alert Administrator Default message, a custom message up to 140 characters. Select a value 90%, 100%, 110%, 120%, 150%, 200% Third Warning Level: You have used %limit% of your monthly roaming mobile data usage limit. Alert User, Alert Administrator Default message, a custom message up to 140 characters. This value will be incorporated in the message for the variable %limit%. 27
In-Network Roaming Data Usage You can send administrators or users up to three messages warning them that a device is reaching its in-network data usage limit. In-Network Data Usage First Warning Level (%) Actions Second Warning Level (%) Actions Specify if you want MaaS360 to track innetwork data usage and provide alerts. Specify the threshold at which the first warning will be sent. Specify if you want to send a message to the administrator, the user or both. The message that will be sent when the threshold is met. You can use the provided message or create a custom one. Specify the threshold at which the second warning will be sent. Specify if you want to send a message to the administrator, the user or both. Cleared Selected, cleared Selecting the checkbox causes the other fields to appear. Select a value 50%, 60%, 70% The value will be incorporated in the message for the variable %limit%. First Warning Level: You have used %limit% of your monthly innetwork mobile data usage limit. Alert User, Alert Administrator Default message, a custom message up to 140 characters. Select a value 70%, 80%, 90% The value will be incorporated in the message for the variable %limit%. Alert User, Alert Administrator 28
The message that will be sent when the threshold is met. You can use the provided message or create a custom one. Second Warning Level: You have used %limit% of your monthly innetwork mobile data usage limit. Default message, a custom message up to 140 characters. Third Warning Level (%) Specify the threshold at which the third warning will be sent. Select a value 90%, 100%, 110%, 120%, 150%, 200% The value will be incorporated in the message for the variable %limit%. Actions Specify if you want to send a message to the administrator, the user or both. Alert User, Alert Administrator The message that will be sent when the threshold is met. You can use the provided message or create a custom one. Third Warning Level: You have used %limit% of your monthly roaming mobile data usage limit. Default message, a custom message up to 140 characters. Group Based Rules Note: This feature must be turned on by Customer Engineering. You can also create advanced rules for groups that will perform actions at certain intervals. Click the Add a New Rule button. 29
Enter the rule details. to create another rule. Enter Rule Name Create a name for the rule. Name of the rule Group Name Select the group from the pull-down list. No Group Selected Any existing user or device group. Enforcement Action (Immediate) Define the action to be taken immediately after the specified period. Alert Alert, Block, Selective Wipe, Change Policy, Wipe, Remove Control, Hide Device Alert: send a message about the OOC event Block: the device cannot access corporate resources Selective Wipe: corporate settings, apps and content distributed by MaaS360 will be deleted Change Policy: assign a different policy to the device Wipe: reset the device to factory settings Remove Control: the MaaS360 app will be deleted from the device; it cannot access corporate access Hide Device: mark the device as inactive in MaaS360 reporting, but do not remove MaaS360 s control 30
(Enforcement Action: Later) Specify action to be taken a certain number of hours or days later. Send an alert one hour later. Hours, Days Alert, Block, Wipe to add one or more actions that will occur after the user has had time to remediate the noncompliance. Alert: send a message about the OOC event Block: the device cannot access corporate resources Wipe: restore the device to the original factory settings. Notify User user of the out-ofcompliance Email, Device Notification Email, Device Notification The standard email address list for the rule is defined on the Basic Settings tab. Notify Admins administrator(s) of the, A custom message to be sent to the recipients. A custom message, up to 1024 characters. <^`~$* []{}> cannot be used. Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described in this document is furnished under a license agreement or nondisclosure agreement. The software may be used or copied only in accordance with the terms of those agreements. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or any means electronic or mechanical, including photocopying and recording for any purpose other than the purchaser s personal use without the written permission of Fiberlink Communications Corporation. All brands and their products are trademarks or registered trademarks of their respective holders and should be noted as such. Fiberlink Communications Corporation 1787 Sentry Parkway West Blue Bell, PA 19422 November 2014 31