To add an iOS mobile device to the list of managed devices, a shared certificate must be delivered and installed on the device. Shared certificates are used by Administration Server for identifying mobile devices. A shared certificate for an iOS mobile device is delivered within an iOS MDM profile. After a shared certificate is delivered and installed on a mobile device, the device appears in the list of managed devices.
Kaspersky no longer supports Kaspersky Safe Browser.
You can add mobile devices of users to the list of managed devices by means of the Mobile device connection wizard.
To connect an iOS device to the Administration Server by using a shared certificate:
Start the Mobile device connection wizard in one of the following ways:
Use the context menu in the User accounts folder:
In the console tree, expand the Advanced folder and select the User accounts subfolder.
In the workspace of the User accounts folder, select the users, security groups, or Active Directory security groups whose mobile devices you want to add to the list of managed devices.
Right-click and in the context menu of the user account, select Add mobile device.
The Mobile device connection wizard starts.
In the workspace of the Mobile devices folder click the Add mobile device button:
In the console tree, expand the Mobile Device Management folder and select the Mobile devices subfolder.
In the workspace of the Mobile devices subfolder, click the Add mobile device button.
The Mobile device connection wizard starts.
On the Operating system page of the wizard, select iOS as the mobile device operating system type.
On the Selecting iOS MDM Server page, select the iOS MDM Server.
On the Select users whose mobile devices you want to manage page, select the users, security groups, or Active Directory security groups whose mobile devices you want to add to the list of managed devices.
This step is skipped if you start the wizard by selecting Add mobile device in the context menu of the User accounts folder.
If you want to add a new user account into the list, click the Add button and enter the user account properties in the window that opens. If you want to modify or review the user account properties, select the user account from the list and click the Properties button.
On the Certificate source page of the wizard, specify the method for creating the shared certificate that Administration Server will use to identify the mobile device. You can specify a shared certificate in one of the following ways:
Select this option to specify a certificate file that was created earlier.
This method is not available if multiple users were selected at the previous step.
On the User notification method page of the wizard, define the settings for notifying the mobile device user by SMS or email about certificate creation:
Selecting this option allows you to configure user notification of connection of a new mobile device.
You can select the email address type, specify an additional email address, and edit the message text. You can also select the type of the user phone for sending an SMS message, specify an additional phone number, and edit the SMS message text.
If the SMTP Server has not been configured, no email messages can be sent to users. If SMS notification has not been configured, no SMS messages can be sent to users.
On the Result page, click Finish to close the wizard.
The iOS MDM profile is automatically published on the Kaspersky Security Center Web Server. The mobile device user receives a notification with a link for downloading the iOS MDM profile from the Web Server. The user clicks the link. Next, the mobile device's operating system prompts the user to accept the iOS MDM profile installation. The user must agree to install the iOS MDM profile before the iOS MDM profile can be downloaded to the mobile device. After the iOS MDM profile is downloaded and the mobile device is synchronized with the Administration Server, the device is displayed in the Mobile devices folder, which is a subfolder of the Mobile Device Management folder in the console tree.
For the user to proceed to the Kaspersky Security Center Web Server by using the link, connection with the Administration Server over port 8061 must be available on the mobile device.