Configuring a global HTTP proxy on iOS MDM devices
To protect the user's internet traffic, configure the connection of the iOS MDM device to the internet via a proxy server.
Automatic connection to the internet via a proxy server is available for controlled devices only.
To configure global HTTP proxy settings on the user's iOS MDM device:
In the console tree, in the Managed devices folder, select the administration group to which the iOS MDM devices belong.
In the workspace of the group, select the Policies tab.
Open the policy properties window by double-clicking any column.
Complete the following steps within 15 minutes. Otherwise, you may face an error when saving changes to the policy.
In the policy Properties window, select the Global HTTP Proxy section.
In the Global HTTP proxy settings section, select the Apply settings on device check box.
Select the type of global HTTP proxy configuration.
By default, the manual type of global HTTP proxy configuration is selected, and the user is prohibited from connecting to captive networks without connecting to a proxy server. Captive networks are wireless networks that require preliminary authentication on the mobile device without connecting to the proxy server.
To specify the proxy server connection settings manually:
In the Proxy settings type drop-down list, select Manual.
In the Proxy server address and port field, enter the name of a host or the IP address of a proxy server and the number of the proxy server port.
In the User name field, set the user account name for proxy server authorization. You can use macros from the Macros available drop-down list.
In the Password field, set the user account password for proxy server authorization.
To allow the user to access captive networks, select the Allow access to captive networks without connecting to proxy check box.
To configure the proxy server connection settings using a predefined PAC (Proxy Auto Configuration) file:
In the Proxy settings type drop-down list, select Automatic.
In the URL of PAC file field, enter the web address of the PAC file (for example: http://www.example.com/filename.pac).
To allow the user to connect the mobile device to a wireless network without using a proxy server when the PAC file cannot be accessed, select the Allow direct connection if PAC file cannot be accessed check box.
To allow the user to access captive networks, select the Allow access to captive networks without connecting to proxy check box.
Click the Apply button to save the changes you have made.
As a result, once the policy is applied, the mobile device user will connect to the internet via a proxy server.