Cisco Systems manual Mobile Client Application-Fiberlink MaaS360 Agent, Mdm Apns/Gcn

Page 25

Figure 17 Enrollment Network Flows

WebEnroll

MDM

Profile

APNS

Registration

Device

Check-in

Security

Scan

Profile

Install

Device

MDM

APNS/GCN

 

 

Authenticate

 

 

User

 

 

Mobileconfig

 

 

(mdm, cert)

 

MDM Check-in

 

 

Request

 

 

 

Check-in

 

 

Notification

 

 

Policy

 

 

Assessment

 

 

293804

SCEP

Fiberlink MaaS360 can provision certificates onto the device via SCEP-PROXY. This allows profiles to contain a payload that provisions a service that requires authentication via a certificate and another payload contains the associated certificate. One such example is VPN payload for either AnyConnect or Cisco IPsec. This is discussed in more detail in Application Distribution.

Mobile Client Application—Fiberlink MaaS360 Agent

As discussed in the BYOD CVD, before the Fiberlink MaaS360 agent is installed, Software Provisioning Wizards (SPW) must be downloaded from Cisco site. For Apple iOS devices, access to the application store is not required. However, for the Android devices, the Software Provisioning Wizard (SPW) package needs to be downloaded from Google Play Store.

The following features require the Fiberlink MaaS360 agent be installed on the device:

Jailbreak Detection

Location Based Services

Application Inventory (for blacklist, mandatory apps)

Document Distribution

Data Usage Tracking

WiFi SSID Connection Tracking

Admin to user messaging via the portal (or ISE)

Integrating Fiberlink MaaS360 with Cisco Identity Services Engine

25

 

 

Image 25
Contents Revised August 6 Page Page Overview Fiberlink MaaS360 Capabilities and FeaturesCapability Features Fiberlink MaaS360-Key Capabilities Deployment Models Import MDM Certificate to ISE Getting Fiberlink MaaS360 Ready for ISEExporting the MDM Site Certificate with Internet Explorer Grant ISE Access to the Fiberlink MaaS360 API Manage Administrator Account Add Account Add MDM Server to ISE Configure the MDM API on ISE Message Explanation Verify Connectivity to MDMReview MDM Dictionaries DMZ Enterprise IntegrationFiberlink MaaS360 Cloud Extender Download Cloud Extender Installation Wizard AD Group Memberships Active Directory/LDAP IntegrationOwnership User Group Restrictions MDM Profiles Create Policies Shows the flow of this process MDM APNS/GCN Mobile Client Application-Fiberlink MaaS360 AgentDevice Ownership MDM On-boarding User ExperienceMDM Enrollment MDM Enrollment-Terms of Acceptance Pass Code Complexity Enterprise Application StoreInstallation of Maas360 Application Data at-Rest Corporate DataForced CoA from ISE Corporate WipeEnd User Portal Verify Device ComplianceISE Compliance versus MDM Compliance Action Type Options Device Scanning Intervals Device Compliance/RestrictionsManually Updating the MDM Server PINLockStatusJailbroken or Rooted devices Manage Lost/Stolen DevicesRegisterStatus Application Distribution Cisco Applications Jabber, etc Disclaimer Conclusion