One thing to note about MDMs is that they all do essentially the same things - that is - what Apple lets them do - this has changed over time with each new version of iOS
Do we need a solution that works for iOS and desktop deployment?
Should we consider BYOD for the future (i.e. other mobile devices?) Do we have a price range?
This could apply to staff, students, and even visitors
System management dashboard is free (they hope we will look at their cloud managed switches when we need to upgrade)
No limit on number of devices that can be managed with Systems Manager
Android support is in beta
Installers for Windows, OS X, iOS, Android
Tag devices to organize
Asset management
iOS - client details - can clear passcode, lock device and erase device, check managed settings and apps ( overview of device)
Mobile profiles: can push policies to devices - ex disallow gaming or enforce movie ratings etc., set passcode requirements, wifi settings, vpm, web clips, server side digital credentials and backpack
Enrollment for iOS devices - just enter Network ID
App management - systems manager is connected to the app store; use tags to send apps to specific devices; can remove app with MDM and prevent backup of data; systems manager is also integrated to VPP; copy and paste purchase codes.
Some people use Configurator for initial deployment and Systems Manager after that
Security for iOS devices - it is possible to lock a profile on a device (only can be removed if password is known); can also do this with BYOD by requiring WiFi profile to access internet
Non iOS devices - overview info (location, inventory info, remote desktop, screenshot, software inventory - can uninstall apps
Cloud management architecture:
devices connect to meraki servers; our system admins manage through secure web services; management data encrypted with TLS
No user traffic passes through the cloud
PCI level 1 certified
No on-premise hardware or server required
99% uptime
Accelerated deployment for Mac/PC wia active directory GPO
Deploy apps and profiles to iOS; deploy software to Mac and PC
Scans PCs for Antivirus software protection
Note: Cisco plans to purchase Meraki - Cisco plans to create a new division called Cisco’s Cloud Networking Group led by Sanjit Biswas, Meraki’s CEO. This group will operate independently with the intent to preserve Meraki’s culture of innovation, fully integrated business model and low TCO.
Lightspeed - MDM product is available 2012/13 school year
we signed up for the beta test. The current version is designed for education environments
It has a hierarchical approach (district / building / department / class etc.)
Integrated with app store - can upload vpp spreadsheets.
Future version will allows teachers to manage devices with MyBigCampus.
New version added Global Proxy support - allows us to make the iPads go through the Lightspeed filter whether iPads are located in or out of the school buildings.
This is the MDM we decided to use (mostly due to the ability to use our filter)
Mobile Device Management (MDM) Research
Considerations
From Apple Workshop
Tasks performed by MDM solutions
Profile Manager
http://www.apple.com/education/resources/information-technology.html
- Lion server
- Can be used with MDM
- Appearance is similar to iPhone configuration utility
- Users can manually download profiles, or profiles can be automatically pushed to users
- Users can unenroll from an MDM server
- Can use payload variables to set up usernames, email addresses etc.
- Webclips are especially useful if not using MDM (maybe set up url for help desk site)
- Configure calendars (school schedule, lunch schedule etc.)
- Changes take effect on associated devices as soon as profile is saved
- iTunes Configuration
- iTunes Prefs - uncheck “Check for new software updates automatically”
- Disable automatic backups (use Terminal:
- defaults write com.apple.iTunes AutomaticDeviceBackupsDisabled -bool true
- Download apps (VPP)
MerakiLightspeed - MDM product is available 2012/13 school year