Installing iOS MDM Server
To install iOS MDM Server on a client device:
- In the Mobile Device Management folder of the console tree, select the Mobile Device Servers subfolder.
- Click the Install iOS MDM Server button.
The iOS MDM Server Deployment wizard starts. Proceed through the wizard by using the Next button.
- On the Select installation package step of the wizard, select the iOS MDM Server installation package that you want to install.
If there is no suitable package in the list, click the New button and create the required package.
- If necessary, on the Selecting Network Agent installation package for combined installation step of the wizard, keep the Install Network Agent together with this application check box, and then select the Network Agent version that you want to install.
Network Agent is needed for the iOS MDM Server to connect to Kaspersky Security Center. You can skip this step if Network Agent is already installed on the device where you plan to install the iOS MDM Server.
- On the Connection settings step of the wizard, in the External port for connection to iOS MDM field, specify an external port for connecting mobile devices to the iOS MDM service.
External port 5223 is used by mobile devices for communication with the APNs server. Make sure that port 5223 is open in the firewall for connection with the address range 17.0.0.0/8.
Port 443 is used for connection to iOS MDM Server by default. If port 443 is already in use by another service or application, it can be replaced with, for example, port 9443.
The iOS MDM Server uses external port 2197 to send notifications to the APNs server.
APNs servers run in load-balancing mode. Mobile devices do not always connect to the same IP addresses to receive notifications. The 17.0.0.0/8 address range is reserved for Apple, and it is therefore recommended to specify this entire range as an allowed range in Firewall settings.
- If you want to configure interaction ports for application components manually, select the Set up local ports manually option, and then specify values for the following settings:
- Port for connection to Network Agent
In this field, specify a port for connecting the iOS MDM service to Network Agent. The default port number is 9799.
- Local port to connect to iOS MDM service
In this field, specify a local port for connecting Network Agent to the iOS MDM service. The default port number is 9899.
It is recommended to use default values.
- Port for connection to Network Agent
- Under iOS MDM Server address, specify the address of the client device on which iOS MDM Server is to be installed.
This address will be used for connecting managed mobile devices to the iOS MDM service. The client device must be available for connection of iOS MDM devices.
You can specify the address of a client device in any of the following formats:
- Use device FQDN
The fully qualified domain name (FQDN) of the device will be used.
- Use this address
Specify the specific address of the device manually.
Please avoid adding the URL scheme and the port number in the address string: these values will be added automatically.
- Use device FQDN
- On the Select devices for installation step of the wizard, select the devices on which you want to install the iOS MDM Server.
- On the Move to list of managed devices step of the wizard, select whether you want to move the devices to any administration group after Network Agent installation.
This option is applicable if you selected one or more unassigned devices on the previous step. If you selected only managed devices, skip this step.
- Define other settings of the wizard. For detailed information about the remote installation of apps, please refer to Kaspersky Security Center help.
When the wizard finishes, iOS MDM Server is installed on the selected devices. The iOS MDM Server is displayed in the Mobile Device Management folder in the console tree.
The wizard proceeds to the Install APNs certificate step. If you do not want to manage the certificate right now, you can create a certificate or install an already existing certificate later.
