After Kaspersky Endpoint Security for Android is installed on a mobile device, you can connect the device to Kaspersky Security Center. The data necessary for connecting the device to Kaspersky Security Center is transmitted to the mobile device together with the other settings listed in the configuration file. After connecting the device to Kaspersky Security Center, you can use group policies to centrally configure the app settings. You can also receive reports and statistics on the performance of Kaspersky Endpoint Security for Android.
Prior to connecting devices to Kaspersky Security Center, make sure that the following conditions are fulfilled:
Prior to connecting devices to Kaspersky Security Center, it is recommended to do the following:
To connect a device to Kaspersky Security Center:
KscServer
field, enter the DNS name or IP address of the Kaspersky Security Center Administration Server. The default port is 13292.DisableNotification = True
setting.After connecting, the app shows all notifications. You can disable certain app notifications in the policy settings.
Do not disable app notifications if you do not use Kaspersky Security Center. This could cause a user to not receive notifications about the license expiring. As a result, the app will stop performing its functions.
After the connection settings are configured, Kaspersky Endpoint Security for Android displays a notification prompting you to grant the following additional rights and permissions:
Due to the specific characteristics of an Android work profile (absence of the Accessibility service), the App Control and Anti-Theft features are unavailable in the app.
When the user grants the necessary rights and permissions, the device will be connected to Kaspersky Security Center. If a rule for automatically moving devices to an administration group has not been created, the device will be automatically added to the Unassigned devices folder. If a rule for automatically moving devices to an administration group has been created, the device will be automatically added to the defined group.
Kaspersky Endpoint Security provides the following devices name format:
A device ID is a unique ID that Kaspersky Endpoint Security for Android generates from the data received from a device. For mobile devices running Android 10 or later, Kaspersky Endpoint Security for Android uses the SSAID (Android ID) or checksum of other data received from the device. For earlier versions of Android, the app uses the IMEI. You can configure device name format in the group policy.
In SOTI MobiControl, you can use the %DEVICENAME% macro in the KscDeviceName
field. This macro allows you automatically get the device name from the SOTI MobiControl console to Kaspersky Security Center.
You can also add a tag to the device name. This makes it easier to find and sort devices in Kaspersky Security Center. The tag is available only for VMware AirWatch.
To add the tag to the device name:
KscDeviceNameTag
field, select the values:{DeviceSerialNumber}
– Serial number of the device.{DeviceUid}
– Unique device identifier (UDID).{DeviceAssetNumber}
– Device asset number. This number is created internally from within your organization.We recommend using only these values. VMware AirWatch supports other values, but Kaspersky Endpoint Security cannot guarantee work these values.
You can add some values (for example, {DeviceSerialNumber} {DeviceUid}
). The tag will be added to the device name in Kaspersky Security Center. A space separates the tag and the device name. For example, if the device name is Google Pixel 2 a10c6b75f7b31de9 22:7D:78:9E:C5:1E
, then 22:7D:78:9E:C5:1E
is UDID tag. If you use Kaspersky Security Center and VMwareAirWatch, the tag allows you to identify devices in both consoles. To match the device, select the same values for the device name (for example, the serial number of the device).
After the device is connected to Kaspersky Security Center, the app settings will be changed according to the group policy. Kaspersky Endpoint Security for Android ignores the app settings from the configuration file that was configured in the EMM Console. You can configure all sections of the policy except the following sections:
Due to the method used to deploy a work profile, you cannot apply group policy settings from the Android work profile section. These settings can be applied only if the work profile was created using Kaspersky Security Center.
Page top