In the WSO2 app-manager, is there any check so that we can check that the device is rooted or not.And if the device is found rooted than can we restrict the access to the Appstore from that device.If yes please tell how can we implement.Any suggestion will really be helpful.
You need to integrate WSO2 EMM with app manager and you have to enrol your device in EMM to install apps. Anyway when you enrol your device in EMM it will not allowed to enrol rooted devices. So there is no way rooted device to access the app manager and install apps. simply you don't have to explicitly implement this. This feature already there.:)
Related
I am facing problems while connecting with the emm store from my device.
I want to know what changes I have to make so that I can access emm store and can download the apps on my device. Any help will really be appreciated. I am not able to understand this
You do not have to perform any android configurations for the emm server in order to enroll android devices. EMM server contains configurations for android.
In the documentation you are provided with instructions how to modify
the agent app to use https protocol rather than http protocol and
generate a new .apk file.
In order to connect your login to store and install applications to your device you need to provide related permissions to the related user. Use the carbon console for grant permissions
Good day
Ime looking to bring the EMM onboard in our already successful WSO2 environment but just need some help.
1) The latest EMM (2.0.0) seem to not be able to restrict/enforce the applications a device is allowed to have installed. I want to have only white listed apps installed on a device. Is this possible?
2) If a policy disables functionality e.g. the camera, all the user has to do is click on the app, deregister from EMM and bypass the policy as needed. After the user is done he/she can just register again. This does introduce the risk of a user installing unwanted software on a COPE device thus compromising the device.
3) If you have a COPE device registered and the user uninstalls the EMM app, do you loose all the monitoring functionality and control?
Thanks in advance for you assistance. :-)
Please see the answers in line.
1) That whitelisting and blacklisting part is still in progress. With a future release you should be able to block the Google play app, Apple app store app etc. and enforce only the whitelisted apps to your devices.
2) Yes that is where the monitoring helps. It needs to track whether the user has removed the app or not. Anyway if you have policies created in advance and assigned it to roles with enforce selection even after they enroll again it should get pushed back to that device.
3) Yes it is. Specially in Andorid it rely on this agent app. Other platforms like iOS will have the OS based MDM capability where this will not have any effect. Anyway Android is also going towards the same profile concept in newer Android versions. Apparently we are going to support them in a future release. For the existing versions that is how Android has provided the APIs.
I want to create an iOS app to manage the devices that enroll such the same functions on the webpage (monitor devices status and push configurations to devices). Does EMM provide some API or SDK for development?
We do have APIs for every platform. Check here for iOS. Others are listed there as well.
You will need to get a account from apple developer. In order to manage apps and distribute you will need this. Read the full doc and it will mention about the provisioning of apps in development portal.
I'm trying out the beta/unreleased code for EMM 2.0 (which I believe is now MDM) and I undestand that the mobile app store and publisher function have been moved to Enterprise Store, however I'm unable to see/add mobile apps - I only see Gadgets and Sites.
I was looking for the source in case I missed the plugin, but at https://github.com/wso2/carbon-store/tree/master/features/extensions I only see Gadgets and Sites.
Can someone tell me how to enable mobile apps and/or point me to the mobile app plugin source?
FYI, I installed ES from http://wso2.com/products/enterprise-store/ and also master branch from the following:
https://github.com/wso2/product-mdm.git
https://github.com/wso2/carbon-device-mgt-plugins.git
https://github.com/wso2/carbon-device-mgt.git
You can use WSO2 App Manager,
Please read this doc to integrate it with WSO2 EMM
https://docs.wso2.com/display/APPM100/Mobile+Apps+Configurations
WSO2 is working on integrating app management features with WSO2 EMM 2.0.0. Device and App Management both features will be shipped with EMM 2.0.0 once it is released.
I found two products open sourced in Github called MDM and EMM of WSO2
I didn't get completely what is the difference btw both of them.
WSO2 EMM is a unique mobile solution that is open source, user-friendly and distributed under the Apache Software License v2.0. WSO2 EMM includes two key aspects: Mobile Device Management (MDM) and Mobile Application Management (MAM). EMM enables organizations to secure, manage and monitor Android and iOS powered devices (e.g., smart phones, ipod touch devices and tablet PCs), irrespective of the mobile operator, service provider, or the organization. In addition, EMM also enables organizations to manage mobile application (app) life cycles via the Publisher, distribute mobile apps to users registered with EMM via the Store, and manage mobile apps (i.e., install and uninstall in bulk, blacklist, and more) via the EMM Console. EMM, maintains a compliance monitoring process to detect devices that are non-compliant to the assigned policy. In addition, EMM supports SSO and multi-tenancy.
Documentation - https://docs.wso2.com/display/EMM110/WSO2+Enterprise+Mobility+Manager
Features - http://wso2.com/products/enterprise-mobility-manager/
Enterprise Mobility Management (EMM) is the term for the comprehensive security and enablement platforms that are evolving specifically for mobility. Mobile Device Management (MDM) is one of the facets within a complete EMM solution, providing a broader set of tools for IT. These include the ability to require a PIN lock, identify and exclude jailbroken or hacked devices, and the power to remotely lock the device in case of loss. While today’s EMM products feature more granular and less intrusive controls, MDM features remain an important foundational piece of mobile enablement.
WSO2 MDM is of products which was in the 1st release (1.0.0) of WSO2 Enterprise Mobility Manager suite. MDM was targeted for managing Enterprise mobile devices (iOS & Android). Its other component is MAM which is targeted for managing Enterprise mobile applications. You can find that component in github. However in the latest release of WSO2 Mobility suite, MDM & MAM components were merged into a single product called EMM. It contains the bug fixes & some improvements also.