EM L18 Managing ios and Android Mobile Devices with Symantec Mobile Management Hands-On Lab



Similar documents
EM L05 Managing ios and Android Mobile Devices with Symantec Mobile Management Hands-On Lab

UP L18 Enhanced MDM and Updated Protection Hands-On Lab

EM L12 Symantec Mobile Management and Managed PKI Hands-On Lab

Using SSH Secure Shell Client for FTP

Cloud Services MDM. Control Panel Provisioning Guide

Advanced Configuration Steps

Live Maps. for System Center Operations Manager 2007 R2 v Installation Guide

Egnyte App for Android Quick Start Guide

Building a BYOD Program Using the Casper Suite. Technical Paper Casper Suite v9.4 or Later 17 September 2014

Creating a Patch Management Dashboard with IT Analytics Hands-On Lab

MaaS360 Mobile Device Management (MDM) Administrators Guide

District 211 Technology. ipad Setup Instructions

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios with TouchDown

Health Science Center AirWatch Installation and Enrollment Instructions For Apple ios 8 Devices

OneLogin Integration User Guide

Mobility Manager 9.5. Users Guide

Instructions for Configuring a SAS Metadata Server for Use with JMP Clinical

Office of Information Technology Connecting to Microsoft Exchange User Guide

APNS Certificate generating and installation

Initial Setup of Microsoft Outlook 2011 with IMAP for OS X Lion

Novell ZENworks Asset Management 7.5

AVG Business SSO Partner Getting Started Guide

Installing Windows Server Update Services (WSUS) on Windows Server 2012 R2 Essentials

WHAT IS VIRTUAL DESKTOP? WHAT YOU NEED LOG IN TO VIRTUAL DESKTOP SET UP CITRIX RECEIVER REMOTE ACCESS GUIDE

Introduction to the AirWatch Browser Guide

Sophos Mobile Control Startup guide. Product version: 3.5

Adobe Marketing Cloud Bloodhound for Mac 3.0

Adobe Summit 2015 Lab 718: Managing Mobile Apps: A PhoneGap Enterprise Introduction for Marketers

Release 2.0. Cox Business Online Backup Quick Start Guide

WatchDox Administrator's Guide. Application Version 3.7.5

Mobile Iron User Guide

Lenovo Online Data Backup User Guide Version

Contents First Time Setup... 2 Setting up the Legal Vault Client (KiteDrive)... 3 Setting up the KiteDrive Outlook Plugin Using the Legal Vault

owncloud Configuration and Usage Guide

Installing and Configuring vcloud Connector

Installation Guide. Live Maps 7.4 for System Center 2012

How to install and use the File Sharing Outlook Plugin

Booth Gmail Configuration

Sophos Mobile Control Startup guide. Product version: 3

Citrix Virtual Classroom. Deliver file sharing and synchronization services using Citrix ShareFile. Self-paced exercise guide

NotifyMDM Device Application User Guide Installation and Configuration for Windows Mobile 6 Devices

How to Remotely Access the C&CDHB Network from a Personal Device

Technology Services Group Procedures. IH Anywhere guide. 0 P a g e

Lync Online Deployment Guide. Version 1.0

Instructions for Microsoft Outlook 2003

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios Devices

Telstra Mobile Device Management (T MDM) Getting Started Guide

ManageEngine Desktop Central. Mobile Device Management User Guide

Cox Business Premium Online Backup USER'S GUIDE. Cox Business VERSION 1.0

pcanywhere Advanced Configuration Guide

FTP Over SSL (FTPS) Core FTP LE. Installing Core FTP LE"

Transitioning from TurningPoint 5 to TurningPoint Cloud - LMS 1

BlackBerry Enterprise Service 10. Universal Device Service Version: Administration Guide

Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7

Vodafone Secure Device Manager Administration User Guide

Configuration Guide. BES12 Cloud

Getting Started with Vision 6

NetSuite OpenAir Mobile for Android User Guide Version 1.3

BTC STUDENT GUIDE

VMware/Hyper-V Backup Plug-in User Guide

How To Use Senior Systems Cloud Services

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0

Installing and Configuring Login PI

SharePoint Rollins College 2011

Employee Active Directory Self-Service Quick Setup Guide

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

System Administration Training Guide. S100 Installation and Site Management

ETS. Major Field Tests. Proctor Administrator Manual

Qsync Install Qsync utility Login the NAS The address is :8080 bfsteelinc.info:8080

IIS, FTP Server and Windows

dotmailer for Salesforce Installation Guide Winter 2015 Version

GO!Enterprise MDM Device Application User Guide Installation and Configuration for BlackBerry

Skype for Business for Android

LYNC 2010 USER GUIDE

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Preparing for GO!Enterprise MDM On-Demand Service

QuickBooks Business Accounting Software for Windows

Table of Contents. 1. Content Approval...1 EVALUATION COPY

Getting Started Guide: Getting the most out of your Windows Intune cloud

DESKTOP CLIENT CONFIGURATION GUIDE BUSINESS

Novell Filr. Mobile Client

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Licensing Guide BES12. Version 12.1

Frequently Asked Questions

CAS CLOUD WEB USER GUIDE. UAB College of Arts and Science Cloud Storage Service

Manufacturing Representative SSL VDM Login User s Guide

How To Configure A Windows 8.1 On A Windows (Windows) With A Powerpoint (Windows 8) On A Blackberry) On An Ipad Or Ipad (Windows 7) On Your Blackberry Or Black

Macs are not directly compatible with Noetix.

Creating an Apple APNS Certificate

Akin Gump Strauss Hauer & Feld LLP Remote Access Resources (DUO)

VIRTUAL SOFTWARE LIBRARY REFERENCE GUIDE

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Windows and MAC User Handbook Remote and Secure Connection Version /19/2013. User Handbook

OWA - Outlook Web App

NSi Mobile Installation Guide. Version 6.2

User Management Tool 1.6

Charter Business Phone. Online Control Panel Getting Started Guide. Document Version 1.0

Transcription:

EM L18 Managing ios and Android Mobile Devices with Symantec Mobile Management Hands-On Lab Description The Symantec Mobile Management platform continues to expand it s offering with new support for native agent based management of Android devices. This lab will give the user hands on experience with configuration and settings required to add these devices to the existing SMM infrastructure. We will examine some of the differences in available actions across supported native agent devices such as Android and understand how the latest offering continues to offer the Enterprise a common platform experience This lab assumes a basic familiarity with SMM 7.1 and the SMP platform. At the end of this lab, you should be able to Understand the improvements in the UI for SMM 7.2 Be familiar with the process of creating profiles and policies for Android Mobile devices Have an understanding of the differences between managing ios and Android devices Be able to create Mobile Library content and deliver to targeted groups of devices Apply actions to Android mobile devices Be familiar with Mobile Inventory and Reporting capability Notes A brief presentation will introduce this lab session and discuss key concepts. The lab will be directed and provide you with step-by-step walkthroughs of key features. Feel free to follow the lab using the instructions on the following pages. You can optionally perform this lab at your own pace. Be sure to ask your instructor any questions you may have. Thank you for coming to our lab session.

Getting Started Before you begin, you will need to be sure that the SMM-Exchange and SMM-Server virtual machines have been started (in that order). Once the VM s have finished loading, you will be ready to begin. Unless otherwise stated, all of the exercises should be done from the SMM-Server virtual machine. Lets explore some of the new configuraton UI changes in SMM 7.2 The upcoming release of SMM 7.2 will introduce native Android agent based management and will continue to improve upon the existing ios management capabilities. The user interface has also been adjusted to make navigating to the areas of most importance easier for administrators. In this exercise we will take a first look at some changes to the console interface. 1. On the SMM-Server, open the Symantec Mangement Console from the desktop shortcut. 2. Select Home > Mobile Management 3. Click on the arrow to expand the options in the Settings tab. Note: This area has been redesigned and separated from the former Configuraton tab. 4. Click on the arrow to expand the options in the Device Management tab. Note: This area has been redesigned and separated from the former Configuraton tab as well and has also added access points accessible from other multi-level selections. 5. Click on the arrow to expand the options in the Overviews and Reports tab. Note: This is a new tab which allows easier access to areas previously contained in the Inventory tab as well as in system reports. Creating this tab allows for quicker access to commonly used areas for reporting. Devices by operating system is the default listed dashboard. Looking at new ios configuration settings 1. Click back on the arrow to expand the options in the Device Management tab. 2. Click on Configuraton Editor 3. In the center column, select the ios Profiles tab if not opened Note: No additional profile configurations have been added or are required, but there are updated changes to support newer ios5 functionality 4. Click on the EAS configuration profile 2 of 12

5. Create a new payload by selecting the yellow asterisk in the right hand column Note: New email security settings like Allow Move and Use Only in Mail allow for new increased security options 6. Click Cancel 7. Under ios Configuration, select the Restrictions profile 8. Create a new payload by selecting the yellow asterisk in the right hand column 9. Select the Device Functionality tab Note: New settings for control of Siri voice control and other increased options 10. Click on the all new Security/Privacy tab Note: New security restrictions available 11. Click on the all new icloud tab Note: Important new controls for use of icloud, critical settings for customers. 12. Click Cancel 13. Under ios Configuration, select the W-Fi profile 14. Create a new payload by selecting the yellow asterisk in the right hand column Note: New Auto Join and Proxy configuration settings 15. Under the Proxy setting, use the drop down to select Manual 16. Scroll down to see where additional configuraton entries can be made 17. Change the dropdown to Automatic to note the changes, click Cancel when done. 3 of 12

Creation of Android Settings and Policies Like ios, configuration of Mobile Management Android settings is done in the Symantec Management Console. Android devices are configured using configuration settings, which control specific features of the device. These profiles are composed of Android configuration settings and are delivered to the Android device to configure and manage the device utilizing the available Android APIs by Symantec Mobile Management. Android supports a very small subset of device management options when compared to ios. Android settings are configured in the Configuration Editor page 1. In the Configuration Editor, select the Android Configuration tab in the center column. Note: As with ios, Configuration Editor provides both editing of policies (profiles) and storage of the policies in the Configuration Editor s library of policies. These policies are stored here, but applied in a different configuration UI. Create Android Passcode Profile 1. Under Android Configuration select Passcode. 2. In the right hand pane click on the yellow asterisk at the top New Payload. 3. Input name of new passcode policy called Lab Passcode and a brief description. 4. Set the dropdown under Password Complexity to Alphanumeric. 5. Set Maximum number of failed attempts value to 4. 6. Using the dropdown set the value for Minimum Passcode Length to 5. 7. Click button to Save Changes. View Android Device Options Profile 1. Under Android Configuration select Device Options. 2. In the right hand pane click on the yellow asterisk at the top New Payload. Note: As stated, Android supports a very small subset of device options 3. Click Cancel Exploring further Android Integration with NitroDesk Touchdown The SMM 7.2 release will be integrated with Nitrodesk s Touchdown email client to enable email setup and selective wipe (Android does not support the former with the native email client). TouchDown runs on your Android phone, and provides you with the ability to receive and send e-mails, manage your contacts, view your appointments from your company's exchange server. It itegrates with SMM and allows for a common platform control for Android device management not available with native API s. 4 of 12

View Touchdown account settings options 1. Under Android Configuration select Touchdown Account. 2. In the right hand pane click on the yellow asterisk at the top New Payload. 3. Scroll to view options for configuration of this account. 4. Click Cancel View Touchdown Policy settings options Using Touchdown allows for a broader range of device controls than are available with native API s. In this section we will explore some of those configuration settings so that you may familiarize yourself with some of the optons available. 1. Under Android Configuration select Touchdown Policy. 2. In the right hand pane click on the yellow asterisk at the top New Payload. 3. Select the Password tab Note: This is similar to the previous passcode options, but is configurable via Touchdown and specific to that application. 4. Click on the Device Options tab. Note: Much greater ability to set and configure device options than what is available natively. Of note are Security and Storage Card Feature settings. 5. Click on the Email tab Note: Email control options include such settings as Disable ability to copy from or paste to an email 6. Click Cancel New server based settings for expanded Mobile device options 1. In the left hand console column, click on the arrow to expand the options in the Settings tab. 2. Select Mobile Management Server Settings 3. Click the Enrollment tab Note: There are new Android and Windows Phone minimum OS settings for enrollment/management 4. Click the C2DM tab Note: This is a new tab for use with Android devices. It is a simple message services that provides for remote actions, similar to what APNS does for ios. 5. Click the Symantec MPKI tab 5 of 12

Note: Symantec MPKI configuration has been moved from previous config file changes into real console settings. Mobile Library Content Creation and New Targeting capabilites The Symantec Mobile Library provides enhanced Enterprise App Store capabilities. The Mobile Library enables companies to deliver content and application listings to their end user Mobile devices via the Mobile Management agent. The Mobile Library is delivered to the agent as a set of RSS feeds. In this exercise we will create Mobile Library content and look at changes in the delivery options within SMM 7.2 Building a Mobile Library consists of two steps: 1. Building the Mobile Library Feeds. 2. Adding applications and content to a specific Mobile Feed. Building the Mobile Library Feeds 1. Go to Home > Mobile Management > Device Management > Mobile Library Editor. 2. Click on the New Feed button at the top of the Library feed table. 3. Enter a unique integer in Feed ID field as an identifier such as 001. 4. Change Feed Language to the appropriate language for your device. 5. Add a feed with the title New Sales data. 6. Enter a brief Feed Description, e.g. Latest product Sales data. 7. Click OK button. 8. Feed will now appear in the list of Mobile Feeds but is not yet published. Adding Web Content to a specific Mobile Feed 1. Click the ITEMS button at the top of the Mobile Library Editor window. 2. Select New Sales data feed using the dropdown at the top left corner. 3. Select New Item to create content for the feed. Note: The agent supports 3 types of Feeds: Application A commercial or in House application Document Word documents, PDF s and Excel Spreadsheets Media Video links, MP4, photos, MP3, Web links, etc. File limitations are determined by device capabilities and feed selections will be based upon content created and required usage. 6 of 12

4. Add Item Name Salesforce. 5. Add Item Version 1.1. 6. Add Item Author your name. 7. In Item description add link to Salesforce.com. 8. Select Media in Item Category. 9. Select Other in Item Type. 10. Select Android in Platform Type. 11. Select Recommended in Item Priority. 12. Click on Select Files in right pane and browse to c:\lab Files\Mobile Library Content\salesforce.png. NOTE: Content added to the Mobile Library requires a 57x57 pixel icon in.png format. 13. Click on Upload Files to upload content. 14. Click Close when uploading complete. You will now see that the Item Icon path has been automatically created. 15. Enter http://www.salesforce.com/ in Item Link. 16. Click the Item is Published checkbox to distribute the item to agents. 17. Click OK button to save changes. 18. Click the FEEDS button at the top of the Mobile Library Editor window. 19. Click Green Edit button on right side of the created New Sales Data feed. 20. Click the Feed is Published checkbox to publish the feed content. 21. Click the Is Feed Default checkbox to set this as the default feed. 22. Click OK button to save changes. Create Mobile Configuration Policy and Target delivery of a specific Mobile Feed SMM 7.2 will include the ability to target mobile library feeds based upon standard SMP groups. Now that you have created Mobile Configuration Profiles, you will need to target them for deployment to devices using a Mobile Configuration Policy. The Mobile Configuration Management page can be accessed via the new UI Device Management > Go to policy management. Create New Mobile Device Configuration Policy 1. Right mouse click on the Mobile Configuration Policies folder. 2. Select the New> Mobile Device Configuration Policy. 7 of 12

3. Under Profile Settings click checkbox User can remove profile (this will apply to all Profiles contained within the Policy). 4. Under Configuration settings, click the yellow asterisk. 5. Select the Lab Passcode Profile. 6. Scroll to the bottom and click OK. Profiles selected will now appear in the configuration settings. Now you can use Feed Settings to determine which Mobile library feeds are included with this policy. 1. Under Feed Settings, click the yellow asterisk. 2. Select the lab Mobile Library Feed previously created. 3. Click OK Feeds selected will now appear in the Feed Settings. Next you must create targeting rules to use to determine which mobile devices will be targeted with the policy and Feed. 1. Click on the arrow button at the right side of the Applied To divider. 2. Click on the Apply To button > Mobile Devices, this will open the select resources dialog box. 3. Click the Add rule button. 4. Select exclude resources NOT in from the first dropdown. 5. Select Resource list from the second dropdown. 6. Click the Browse button to search for a device to target with this policy. 7. When the Select Resources page opens use drop down to select Mobile group. 8. Choose the device to target for this policy or search for device name. 9. Use arrow to move selection to the right side Selected resources box. 10. Click OK button at bottom. 11. Click the Update results button to verify which devices are targeted. 12. Click OK button again to save selection. Note: If you wish to apply the policy to all Android agent managed Android devices, you can choose Apply to> Quick Apply > and choose All Android Devices Managed with MDM selection in the menu. 13. Click Save Changes at bottom of screen. 14. At top of Policy Rules/Actions screen toggle red Off button to green On' to enable Policy for distribution. 15. Click Save Changes at bottom of screen. 8 of 12

Note: Policy distribution will not typically happen instantaneously. The policies are rechecked periodically for updates and agents will be notified after the policies have been reevaluated by the server. Force Policy Update on Device 1. From the Symantec Management console choose Manage > Mobile > Devices. 2. Right click device name in right hand pane and select Android > Update Policies. 3. Click OK button when prompted to update. 4. Click Close. Applying Actions to Android Devices In this exercise we will examine the area within Symantec Mobile Management to be able to control allowed actions on Android devices. There are a number of allowed actions that can be performed on the device, and there are a number of places within Symantec Mobile Management to perform these actions. 1. In the Symantec Management Console navigate to Manage > Mobile > Devices. 2. Expand the tree in the left pane if not open and select Mobile. 3. In the Mobile Resources pane, right click on an Android device. 4. After menu loads move mouse to Android. 5. Select Lock Device. 6. Click the OK button to confirm. 7. Click Close. 8. The Android device would now be locked and prompt the user to enter a passcode if a passcode policy is still assigned. Let s look at another area of interest with some additional options 1. Right-click your Android device again. 2. After the menu loads select Resource Manager at the top. 3. A new page will open showing some additional device information. Note: Notice the options in the left pane, device control options are the same with the addition of Add to organizational group. Selecting this option allows you to add the device to groups of agents/devices, which can then be used to organize items as well as apply policies based on group. 9 of 12

Using Resource Manager to View Detailed Device Data The Mobile Management Server stores detailed information about managed devices that can be viewed using the Resource Manager. Examples of the information stored are device status, history, and specific Android content data should it be required. In this exercise we will look at some of these attributes. With existing Resource Manager page open, select View > Inventory from the top menu bar, or alternately: 1. In the Symantec Management Console navigate to Manage > Mobile > Devices. 2. Expand the tree in the left pane if not open and select Mobile. 3. In the Mobile Resources pane right click on your Android device. 4. After menu loads move mouse to Resource Manager. 5. Select View > Inventory from the top menu bar. 6. You will see the data about the device configuration. The middle window shows a tree view of different types of data. Click to expand the Mobile Inventory to view mobile device data. Mobile Management Reports Mobile Management Reports provide out of the box reporting on a number of different parameters across the mobile devices being managed. In addition there are new reports added for this release of Symantec Mobile Management 7.2. Some of the most commonly used reports are now available under the Overviews and Reports dashboard. Looking at new Reports 1. From the Symantec Management Console navigate to Reports > All Reports. 2. Expand the Mobile Management tree in the left pane. 3. Click on the Unauthorized Devices report Note: This report contains a view of unauthorized devices across device OS type based upon the listed criteria such as Jailbroken/rooted devices, unsupported OS version, or Unapproved user account. Android Agent and Instructor-Led Demonstration In this exercise we will install the Mobile Management Agent on an Android device and enroll the device for management. Due to limitations in our lab environment, some of this exercise may be an instructor lead demonstration. These are the general steps used and may vary slightly from actual based upon the particular Android device used. 1. Open the AVD Manager from the shortcut on the SMM-Server desktop. 2. In the Android Virtual Device Manager window, Select the Lab_AVD device 10 of 12

3. Click the Start button on the right hand side. 4. In the Launch Options window, click the Launch button Note: Android emulator is now launching, this may take a minute or two to open. 5. Once the emulator opens, slide the lock icon to the right over the unlock icon to open 6. Click the Apps button in the upper right hand corner 7. Click on the Browser icon to open a browser on your Android device. 8. Navigate to http://192.168.128.131/mobilemanagement 9. The agent.apk file should begin to download 10. Open your download package 11. Click Install and agent app will appear on the device. 12. Once complete, Click on the agent to open and begin enrollment. 13. In the server settings used for enrollment type http://192.168.128.131/mobileenrollment/symc-androidenroll.aspx. 14. De-select the checkbox to Require SSL 15. Click the Submit button 16. Click OK to enter credentials 17. In User name type your user name. 18. In Password type any password. Note: If the agent were setup for authentication then these would be valid Domain username and passwords. 19. Click the checkbox indicating if this is a corporate owned device 20. Click on the Submit button. 21. Accept the EULA and click Submit 22. Host service status will change from Inactive to Active 23. If prompted, respond to the Security notice to Activate the device. 24. Click device Home button. Demonstration of applying Android actions 1. In the Symantec Management Console navigate to Device Management > Manage Mobile Devices. 2. In the Manage Mobile Devices pane, right click on an Android device. 3. After menu loads move mouse to Android. 4. Select Lock Device. 5. Click the OK button to confirm. 6. Click Close. 7. The Android device would now be locked. 11 of 12

12 of 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information