Step 10. Connecting mobile devices

Expand all | Collapse all

If you previously enabled the Mobile devices protection scope in the Wizard settings, specify the settings for connecting the enterprise mobile devices of the managed organization. If you did not enable Mobile devices protection scope, this step is skipped.

At this step of the Wizard, do the following:

To set up the ports for connection of mobile devices:

  1. Click the Configure button to the right of the Mobile device connection field.
  2. In the drop-down list, select Configure ports.

    The Administration Server properties window opens, displaying the Additional ports section.

  3. In the Additional ports section, you can specify the mobile device connection settings:
  4. Click OK to save changes and return to the Quick Start Wizard.

You will have to configure authentication of the Administration Server by mobile devices and authentication of mobile devices by the Administration Server. If you want, you can configure authentication later, separately from the Quick Start Wizard.

To configure Administration Server authentication by mobile devices:

  1. Click the Configure button to the right of the Mobile device connection field.
  2. In the drop-down list, select Configure authentication.

    The Administration Server properties window opens, displaying the Certificates section.

  3. Select the authentication option for mobile devices in the Administration Server authentication by mobile devices group of settings, and select the authentication option for UEFI protection devices in the Administration Server authentication by UEFI protection devices group of settings.

    When Administration Server exchanges data with client devices, it is authenticated through the use of a certificate.

    By default, Administration Server uses the certificate that was created during Administration Server installation. If you want, you can add a new certificate.

To add a new certificate (optional):

  1. Select Other certificate.

    The Browse button appears.

  2. Click the Browse button.
  3. In the window that opens, specify the certificate settings:
    • Certificate type
    • Activation time:
      • Immediately
      • After this period expires, days
  4. Click the Properties button to view the settings of the selected Administration Server certificate.

To reissue a certificate issued through Administration Server:

  1. Select Certificate issued through Administration Server.
  2. Click the Reissue button.
  3. In the window that opens, specify the following settings:
    • Connection address:
      • Use old connection address
      • Change connection address to
    • Activation time:
      • Immediately
      • After this period expires, days
  4. Click OK to save changes and return to the Certificates window.
  5. Click OK to save changes and return to the Quick Start Wizard.

To set up issuance, automatic updating, and encryption of general-type certificates for identification of mobile devices by Administration Server:

  1. Click the Configure button on the right of the Mobile device authentication field.

    The Certificate issuance rules window opens, displaying the Issuance of mobile certificates section.

  2. If necessary, specify the following settings in the Issuance settings section:
    • Certificate lifetime, days
    • Certificate source

      You can modify the certificate templates if integration with the public key infrastructure (PKI) has been configured in the Integration with PKI section. In this case, the following template selection fields are available:

    • Default template
    • Other template
  3. If necessary, specify the following settings for automatic issuance of certificates in the Automatic Updates settings section:
    • Renew when certificate is to expire in (days)
    • Reissue certificate automatically if possible

    Certificates are automatically reissued by a Certification Authority.

  4. If necessary, in the Password protection settings section, specify the settings for decrypting certificates during installation.

    Select the Prompt for password during certificate installation option to prompt the user for password when the certificate is installed on a mobile device. The password is used only once—during installation of the certificate on the mobile device.

    The password will be automatically generated by Administration Server and sent to the email address that you specified. You can specify the user's email address, or your own email address if you want to use another method to forward the password to the user.

    You can use the slider to specify the number of characters in the certificate decryption password.

    The password prompting option is required, for example, to protect a shared certificate in a stand-alone Kaspersky Endpoint Security for Android installation package. Password protection will prevent an intruder from obtaining access to the shared certificate through theft of the stand-alone installation package from Kaspersky Security Center Web Server.

    If this option is disabled, the certificate is automatically decrypted during installation and the user will not be prompted for a password. By default, this option is disabled.

  5. Click OK to save changes and return to the Quick Start Wizard window.

    Click the Cancel button to return to the Quick Start Wizard without saving any changes made.

To enable the function for moving mobile devices to an administration group that you choose,

In the Automatic moving of mobile devices field, select the Create a moving rule for mobile devices option.

If the Create a moving rule for mobile devices option is selected, the application automatically creates a moving rule that moves devices running Android and iOS to the Managed devices group:

If such a rule already exists, the application does not create it again.

By default, this option is disabled.

Kaspersky no longer supports Kaspersky Safe Browser.

Page top