Category filter
Getting started with iOS device management
iOS is one of the most popular mobile operating systems created and developed exclusively for Apple devices. It is an operating system that presently powers many of the business devices, including iPhone, iPad and iPod touch. Hexnode UEM brings in a number of features associated with iOS. Jump in to know more on how to get started with iOS device management.
Enroll iOS device
Before you start enrolling your devices, you need to make sure that the APNs (Apple Push Notification service) certificate is configured on your server. Get to know more about configuring APNs certificate by tapping on the link below.
After creating the APNs certificate, you can start enrolling the devices in Hexnode UEM.
Supervised mode allows you to differentiate institutionally owned iOS devices from personal devices. It unlocks additional features and restricts many features that are inappropriate for corporate use. Go through the link below to learn more about making your iOS devices supervised.
You can pre-approve the devices using Apple DEP and distribute apps to the devices using Apple VPP.
Learn more about various ways to enroll iOS devices by following the link below.
Configure restrictions
You can control the activities of various features on your device by setting up suitable restrictions. There are a set of basic and advanced restrictions that help you control your device’s functionalities.
Basic Restrictions: Restricts device features and apps from being accessed by the user. It lists all those restrictions which can be set on all iOS devices.
Advanced Restrictions: Set up enhanced security restrictions over supervised iOS devices.
Get to know more about configuring iOS restrictions from the link below.
Separate work and personal data
Managed apps: Apps deployed on your iOS device through Hexnode are called Managed apps. You retain complete control over these apps; you can configure the apps through managed app configurations or remove the apps and their associated data on-demand or even set it to be removed when the MDM profile on the device is removed.
Managed accounts: You can set up mail and other accounts remotely with Hexnode and manage them independently from personal accounts. Hexnode allows you to configure the following accounts –
Email (IMAP/POP)
Managed domains: You can set specific domain addresses (URLs) as managed or work-related. Files downloaded from these domains will be considered managed.
Get to know more about setting up managed domains.
Business containers: By configuring business containers with Hexnode, you can prevent users from opening work-related files with personal (unmanaged) apps or accessing personal files with a work-related (managed) app.
Get to know more about configuring Business Container.
Managed storage: Devices enrolled through user enrollment have a separate Apple File System (APFS) volume containing the managed apps and data. This volume created automatically after the enrollment is encrypted separately from the user data.
Manage apps
Choose the apps you wish to see on your device and block the less essential ones. Manage, distribute and remove apps efficiently across a number of devices. Learn more about managing apps on your device by following the link below.
You can install the apps silently on your iOS devices without the user manually initiating installation only if your iOS device is supervised. Follow the link below to learn more about installing apps silently on iOS devices.
VPP (Volume Purchase Program) apps can be installed silently on supervised iOS devices. Get to know more about VPP apps and their applications from the links below:
The users can also block certain apps from functioning on the device and allow essential apps to run on the device with the blocklist or allowlist feature in Hexnode UEM. This feature prevents the installation of blocklisted apps on the device and hides the already installed blocklisted apps from the device. Click on the link below to learn more about blocklisting or allowlisting apps on the device.
Kiosk mode can be activated on iOS devices, restricting the devices to a single application or a handful of applications, blocking all others. Tap on the below link to learn more about kiosk mode and its settings. It is to be noted that the device needs to be supervised to enable kiosk mode.
Supervised mode allows you to differentiate institutionally owned iOS devices from personal devices. It unlocks additional features and restricts many features that are inappropriate for corporate use. Go through the link below to learn more about making your iOS devices supervised.
Web clip looks like an app icon that directs you to a website when clicked. You simply need to provide a label, an icon and a URL. It resembles an app on your home screen. Get to know more about web clip configuration steps by following the link below.
Prevent MDM removal
Prevent removal of the MDM profile, from the Hexnode UEM console by enrolling the devices using the Device Enrollment Program (DEP).
Network security
Ensure utmost security for your network by setting up suitable configurations for your network. You can configure Wi-Fi, VPN (Virtual Private Network), Per-App VPN and APN (Access Point Network) settings on endpoints remotely with Hexnode. Get to know more about configuring network settings by following the links below.
OS updates
You can also update your iPhones and iPads to the latest version of iOS, provided your devices are supervised. Follow the link below to learn more about updating the OS using Hexnode UEM.
Administrators can also delay the iOS updates for up to 90 days on supervised devices. During this period, the user will be not be prompted to update the device to the latest OS version. It helps organizations to check for bugs/issues or determine the compatibility of the deployed applications with the latest OS versions. Learn how to delay OS updates on supervised iOS devices by clicking on the below link.
Web content filtering
You can prevent access to certain websites in your organization with the web content filtering feature. Learn more on how to block access to unwanted websites by following the link below.
Block access to unwanted websites…
Activation lock bypass
You can bypass the activation lock using Hexnode UEM, thus unlocking the device that had been locked to protect the device from being reset by someone anonymous. Please note that the devices need to be enrolled in Hexnode UEM prior to resetting. Get to know more about bypassing activation lock by following the link below.
Remote view
The Remote view feature for iOS devices enables the admin to remotely view the enrolled devices directly from their Hexnode UEM console. Admin can monitor the device end activities directly from their console. Learn more about the remote view feature of Hexnode UEM from the link below.
Mobile Data Management
Users can track and manage mobile data usage on their iOS devices with the Network usage rules feature in Hexnode UEM. This feature lets you control cellular data usage or roaming data usage by the managed apps on your devices. This notifies and allows the administrators to control the unnecessary data expenses in an organization. Follow the link below to learn more about managing mobile data usage.
Hexnode UEM offers a comprehensive data management solution that enables you to monitor and control the data consumption of iOS devices enrolled in the Hexnode UEM console. Administrators can set data usage limits and will receive email notifications when these limits are exceeded.
Personalization
You can customize exactly how the apps are arranged on-screen. Apps, App groups and Web Clips can be added to the Home Screen Layout.
Customizing Home Screen Layout…
You can customize the lock screen and home screen wallpaper of the devices by setting up wallpaper configurations. Thus, the organization can easily configure its company logo as the wallpaper across the entire fleet of devices.
Hexnode enables administrators to upload and customize a list of new fonts, allowing them to tailor the device’s font type to their preferences. These custom fonts will be applied exclusively to managed apps that support font functionality. For more details, refer to the link below.
IT administrators can remotely set a lock screen message on iOS devices (iPhone and iPad) through the Hexnode UEM console. In case a device is lost or misplaced, the lock screen message can assist the finder in returning the device to its owner. For more information, visit the link below.
Certificate management
Security risks associated with accessing work emails, Wi-Fi, VPN, and other resources from unauthorized devices can be mitigated by authenticating these devices with digital certificates.
The Simple Certificate Enrollment Protocol (SCEP) is a widely used standard for certificate management, enabling the deployment of certificates from a trusted certificate authority (CA) to devices.
Apple devices support the use of security certificates for authentication, enabling seamless access to corporate services when these certificates are installed on the devices.
Set up Proxy
Organizations can configure Global HTTP Proxy settings on iOS devices to route all HTTP network traffic through a designated proxy server. This proxy server acts as an intermediary between the devices and the internet, ensuring that any potential intruders attempting to intercept sensitive data can only access the proxy address, while keeping the company’s servers anonymous and secure.
Configure Global HTTP Proxy settings…
Troubleshooting
App logs offer crucial information about an application’s performance, behavior, and any errors it encounters during operation. Retrieving Hexnode App Logs from iOS devices is important for administrators to understand how the Hexnode UEM app functions, troubleshoot issues, and maintain optimal performance. For more details, follow the link below.
AirPrint
AirPrint is a feature on Apple devices that allows you to print high-quality output without the need to download or install specific printer drivers. You can wirelessly print photos and documents from your iOS devices using an AirPrint-enabled printer connected to the same Wi-Fi network as your device. For more information, visit the link below.
AirPlay
AirPlay enables wireless streaming and sharing of content to your Apple TV or AirPlay-enabled speakers. Hexnode’s AirPlay-based policy for iOS allows your devices to connect seamlessly to AirPlay-enabled devices on the same network. Administrators can add multiple AirPlay-enabled devices, enabling iPhones and iPads to connect to them with ease.
