Skip to main content
  • EN

Hi everybody,

 

I'm interested in obtaining further details about the processes required to differentiate between managed and unmanaged devices based on PEM certificate for iOS Device and pair value-key for Android Device.

 

My specific use cases involve a device being considered "managed" when the certificate or this key-value pair is found by the netskope client.

However, to proceed with the implementation, we must know the following details:

Configuring iOS Devices with PEM Certificate

- We are trying to configure managed iOS devices with a PEM certificate.

I would like to know if I need to generate this certificate ad-hoc or if it is available on our MDM (Workspace ONE) or Netskope tenant.

Also, I would like detailed instructions on how to configure iOS devices using Workspace ONE and on the Netskope console based on this scenario.

Configuring Android Devices with Value and Key

- We have entered the value-key into the MDM of Workspace ONE for Android devices. We would like to know if in order to make the change of these settings effective to Android devices, we need to deploy again. WS1 provides a function called "Send Application Configuration." What are the recommended procedures? does the client need to be installed again or can it be handled differently?

Hello @gianvikl12,


 


Responses to your two inquiries are below:


Configuring iOS Devices with PEM Certificate


Are you using the iOS profile or the unified client?  The unified does not currently support certificate checks.  If this is a required feature, please reach out to your local team to discuss an enhancement request.  In either case the certificate is not from Netskope.  You provide Netskope the issuing Certificate Authority's certificate and we check for certificate issued by that CA. 

Configuring Android Devices with Value and Key


You should not need to deploy again.  The Netskope client will receive the configuration in its next update which occurs on an hour interval.  You will need to push the key-value pair prior to making the change in the Netskope console for the device to be detected as managed.

As a caution, ensure that you have tested these configs between applying any policies based in the device classification as you could inadvertently block access. 

Hi @sshiflett,

 

iOS > I'm using iOS Profile deployed via Workspace One, I would need the procedure to configure this certificate on Netskope from Workspace ONE.

detailed instructions on how to configure

 

Reply


Terms & ConditionsCookie settings