Filter
Top Products
Integrating Fiberlink MaaS360 with Cisco Identity Services Engine
36
Currently the MDM does not provide a method to mark compliance checks that are not reported to ISE.
ISE cannot assert that network security issue caused a device to be MDM non-compliant.
Device Compliance/Restrictions
Restrictions and compliance are distinct but related concepts. The user is required to meet compliance
for non-restrictive access. If a PIN lock is required, the device will be locked until the user selects a PIN
that meets the established complexity. If the camera has been disabled, the icon is removed and the user
has no way to launch the camera application. Restrictions are policy elements that are enforced without
exception. Non-compliance is when a device is operating outside of the established policy.
Non-restrictive items that could cause compliance events are things such as the minimum OS version.
The key point is that it is not possible to be non-compliant with a restriction. The exception is restrictions
that include a grace period.
Device Scanning Intervals
The MDM client application can periodically scan the device. There are several different scans that run
on different intervals. They also available as device queries:
• Device Information—General information about the device includes serial numbers, UDID, phone
number, operating system, model, battery status, etc.
• Security—Includes encryption status, device compromised, data roaming, SIM card status, and the
number of profiles installed but not active.
• Profiles—The installed profiles on the device, including those not installed by Fiberlink MaaS360.
• Apps—A complete inventory of all the applications installed on the device.
• Certificates—A list of the installed certificates on the device.
Scan information is available in device details scre
en. When a device periodically checks in with the
MDM server, it will notify the server of the current scan results.
Jailbreak/Rooted Device Enforcement
Application Compliance
Table 5 MDM Responses
Action Type Options