Adding mobile devices to the list of managed devices

To add a mobile device of a user to the list of managed devices, a shared certificate must be delivered and installed on the device. Shared certificates are used by Administration Serve for identifying mobile devices. After a shared certificate is delivered and installed on a mobile device, the latter appears in the list of managed devices. Mobile devices of users are added to the list of managed devices by means of a Wizard.

Starting the New Mobile Device Connection Wizard

To start the New Mobile Device Connection Wizard:

If the method for adding the mobile device was selected using the Add mobile device button in the Mobile devices folder, the Wizard displays the Select users window. In the Select users window, select the users, user groups or Active Directory user groups for which you want to add mobile devices to the list of managed devices.

Adding a mobile device if a shared certificate is delivered using an App Store link

To install Kaspersky Safe Browser from App Store on an iOS device and then connect the device to the Administration Server:

  1. In the Operating system window of the Wizard, select iOS for the type of operating system of the mobile device.
  2. In the iOS MDM device protection method window of the Wizard, select Install Kaspersky Safe Browser by using App Store link.
  3. In the Certificate source window of the Wizard, you have to specify the method for creating the shared certificate that Administration Server will use to identify the mobile device. You can specify a shared certificate in one of the following ways:
  4. In the User notification method window of the Wizard, define the settings for notifying the mobile device user by SMS or email about certificate creation:
    • Show link to installation package
    • Send link to Kaspersky Safe Browser
  5. In the Result window, click Finish to close the Certificate Installation Wizard.

After the Wizard finishes its activities, a link and a QR code will be sent to the user's mobile device, allowing the download of Kaspersky Safe Browser through the App Store. The user clicks the link or scans the QR code. Next, the operating system of the mobile device prompts the user to accept installation of Kaspersky Safe Browser The user installs Kaspersky Safe Browser on the mobile device. After installation, the user rescans the QR code to retrieve the Administration Server connection settings. When the QR code is rescanned in Safe Browser, the user retrieves the Administration Server connection settings and a shared certificate. The mobile device connects to the Administration Server and downloads a shared certificate. The certificate installed on the mobile device is displayed in the Mobile Devices folder, which is a subfolder of the Mobile Device Management folder in the console tree.

If Kaspersky Safe Browser has been previously installed on the mobile device, the user must independently enter the settings for connecting to the Administration Server. After that, you must install the shared certificate on the mobile device. In this case, Kaspersky Safe Browser will not be downloaded and installed.

Adding a mobile device if a shared certificate is delivered within an iOS MDM profile

To connect an iOS device to the Administration Server using iOS MDM:

  1. In the Operating system window of the Wizard, select iOS for the type of operating system of the mobile device.
  2. In the iOS MDM device protection method window of the Wizard, select Use iOS MDM profile of iOS MDM Server.

    In the field that appears below, select the iOS MDM Server.

  3. In the Certificate source window of the Wizard, you have to specify the method for creating the shared certificate that Administration Server will use to identify the mobile device. You can specify a shared certificate in one of the following ways:
  4. In the User notification method window of the Wizard, define the settings for notifying the mobile device user by SMS or email about certificate creation:
    • Show link to installation package
    • Send link to Kaspersky Safe Browser
  5. In the Result window, click Finish to close the Certificate Installation Wizard.

The iOS MDM profile is automatically published on the Kaspersky Security Center Web Server. The mobile device user receives a notification with a link for downloading the iOS MDM profile from the Web Server. The user clicks the link. Next, the mobile device's operating system prompts the user to accept the iOS MDM profile installation. The user must agree to install the iOS MDM profile before the iOS MDM profile can be downloaded to the mobile device. After the iOS MDM profile is downloaded and the mobile device is synchronized with the Administration Server, the device is displayed in the Mobile devices folder, which is a subfolder of the Mobile Device Management folder in the console tree.

For the user to proceed to the Kaspersky Security Center Web Server by using the link, connection with the Administration Server over port 8061 must be available on the mobile device.

Adding a mobile device if a shared certificate is delivered using a Google Play link

To install Kaspersky Endpoint Security for Android from Google Play on a KES device and then connect the device to the Administration Server:

  1. In the Operating system window of the Wizard, select Android as the mobile device operating system type.
  2. In the Kaspersky Endpoint Security for Android installation method window of the Wizard, select By using a Google Play link.
  3. In the Certificate source window of the Wizard, you have to specify the method for creating the shared certificate that Administration Server will use to identify the mobile device. You can specify a shared certificate in one of the following ways:
  4. In the User notification method window of the Wizard, define the settings for notifying the mobile device user by SMS or email about certificate creation:
    • Show link to installation package
    • Send link to Kaspersky Safe Browser
  5. In the Result window, click Finish to close the Certificate Installation Wizard.

After the Wizard finishes, a link and a QR code will be sent to the user's mobile device, allowing download of Kaspersky Endpoint Security for Android. The user clicks the link or scans the QR code. Next, the mobile device's operating system prompts the user to accept installation of Kaspersky Endpoint Security for Android installation. After Kaspersky Endpoint Security for Android is downloaded and installed, the mobile device connects to the Administration Server and downloads a shared certificate. After the certificate is installed on the mobile device, the device is displayed in the Mobile Devices folder, which is a subfolder of the Mobile Device Management folder in the console tree.

Adding a mobile device if a shared certificate is delivered within a mobile app

To install Kaspersky Endpoint Security for Android on an Android device and then connect that device to the Administration Server:

Kaspersky Endpoint Security for Android published on the Administration Server is used for installation.

  1. In the Operating system window of the Wizard, select Android for the mobile device operating system type.
  2. In the Kaspersky Endpoint Security for Android installation method window of the Wizard, select By using a link from Web Server.

    In the field that appears below, select an installation package or create a new one by clicking New.

  3. In the Certificate source window of the Wizard, you have to specify the method for creating the shared certificate that Administration Server will use to identify the mobile device. You can specify a shared certificate in one of the following ways:
  4. In the User notification method window of the Wizard, define the settings for notifying the mobile device user by SMS or email about certificate creation:
    • Show link to installation package
    • Send link to Kaspersky Safe Browser
  5. In the Result window, click Finish to close the Certificate Installation Wizard.

The mobile applications package of Kaspersky Endpoint Security for Android is automatically published on the Kaspersky Security Center Web Server. The mobile applications package contains the app, the settings for connecting the mobile device to the Administration Server, and a certificate. The mobile device user will receive a notification containing a link for downloading the package from the Web Server. The user clicks the link. After this, the operating system of the device prompts the user to accept the installation of the mobile applications package. If the user agrees, the package will be downloaded to the mobile device. After the package is downloaded and the mobile device is synchronized with the Administration Server, the device is displayed in the Mobile devices folder, which is a subfolder of the Mobile Device Management folder in the console tree.

Page top