- Managing device features and behavior
- Managing devices with IT policies
- Importing IT policy and device metadata updates
- Creating device support messages
- Enforcing compliance rules for devices
- Sending commands to users and devices
- Deactivating devices
- Controlling the software updates that are installed on devices
- Create a device SR requirements profile for Android Enterprise devices
- Create a device SR requirements profile for Samsung Knox devices
- View users who are running a revoked software release
- Managing OS updates on devices with MDM controls activations
- View available updates for iOS devices
- Update the OS on supervised iOS devices
- Configuring communication between devices and BlackBerry UEM
- Displaying organization information on devices
- Using location services on devices
- Using Activation Lock on iOS devices
- Managing iOS features using custom payload profiles
- Managing factory reset protection for Android Enterprise devices
- Create a Factory reset protection profile
- Manually obtain a user ID for a Google account
- How factory reset protection responds to device resets
- Considerations for using a specific Managed Google Play account when setting up a factory reset protection profile
- Clear factory reset protection from a device
- Setting up Windows Information Protection for Windows 10 devices
- Allowing BitLocker encryption on Windows 10 devices
- Managing attestation for devices
- Migrate iOS devices to use a hardened channel
- BlackBerry Docs
- BlackBerry UEM 12.17
- Administration
- Managing device features
- Managing attestation for devices
- Manage attestation for Samsung Knox devices
Manage attestation for Samsung Knox devices
Samsung Knox
devicesWhen you turn on attestation,
BlackBerry UEM
sends challenges to test the authenticity and integrity of Samsung Knox
devices activated with the following activation types:
- Work and personal - full control(Samsung Knox)
- Work space only(Samsung Knox)
- Work and personal - user privacy(Samsung Knox)
- On the menu bar, clickSettings > General settings > Attestation.
- To turn on attestation forSamsung Knoxdevices, selectEnable periodic attestation challenges for KNOX Workspace devices.
- In theChallenge frequencysection, specify, in days or hours, how often the device must return an attestation response toBlackBerry UEM.
- In theGrace periodsection, specify a grace period. After the grace period expires with no successful attestation response, a device is considered non-compliant and the device is subject to the conditions specified in the compliance profile that is assigned to the user. Note that if a user's device is out of coverage, turned off, or has a dead battery, it cannot respond to the attestation challenges thatBlackBerry UEMsends andBlackBerry UEMwill consider the device to be non-compliant. If you have your organization's compliance policy set to wipe the device when it is out of compliance, when the device does not respond before the grace period expires, data on the device will be deleted.
- ClickSave.
Create a compliance profile that specifies the actions that occur when a device is considered rooted. For instructions, see Enforcing compliance rules for devices