This article lists all available configuration settings for mobile devices in Sophos Central Mobile.
Applies to the following Sophos product(s) and version(s)
Sophos Cloud Mobile
Sophos Central Mobile - Available configuration settings
Some settings work only for specific devices or mobile platforms. This is indicated by small icons which are next to the settings.
- This icon means that the setting can be used on iOS devices
- This icon indicates that it can only be used on Android devices which meet specific requirements. A tool-tip shows the requirement if you leave your mouse on the icon.
If there is no icon displayed next to a setting, it works on all supported platforms.
Password Policy (all settings available on all supported platforms)
- Password complexity - defines the accepted characters: PIN, alphabetic or both (Complex).
- Minimum password length - configure the minimum length of the password which has to be defined.
- Maximum number of login attempts - specifies how many failed logon attempts are allowed before the device will be wiped.
- Maximum password age (days) - defines how long a password is valid until a new one has to be configured.m
- Maximum auto lock (minutes) - limits the choices available to the users in the device settings ("Settings | General | Auto-Lock").
- App Store - downloads from the respective app store won't be possible after defining this settings (available for Android Samsung SAFE, LG and iOS devices).
- Camera - no photos or videos can be taken anymore using the "Camera" app (available for Android and iOS devices)
- Taking screenshots - users won't be able to use the key combination Home + Power anymore to take screenshots (available for Android Samsung SAFE, LG Gate, Sony and iOS devices).
- Native browser - disables the Safari browser on the device (only available for Android Samsung SAFE, LG Gate, Sony and iOS devices).
- Sending diagnostic data device vendor - diagnostic logs won't be send anymore (only available for Android Samsung SAFE, LG Gate and iOS devices)
- Backup to iCloud - a backup of the device cannot be saved anymore in the iCloud (only available for iOS devices)
- Touch ID usage to unloack device - disables the Touch ID of iPhone 5S devices (only available for iOS devices).
- Sharing docs from managed to unmanaged accounts or apps - Forwarding documents to an app from an account configured by Sophos Central will also not be possible (only available for iOS devices).
- Sharing docs from unmanaged to managed accounts or apps - Forwarding documents to an account configured by Sophos Central will also not be possible (only available for iOS devices).
- Control center / Widgets on lock screen (e.g. Wi-Fi, volume, Bluetooth,...) - the control center which can be pulled up from below the screen will be disabled in the lock screen. (only available on iOS and Samsung SAFE devices)
- Notifications on lock screen (e.g. SMS, email, calls,...) - app notifications won't be displayed anymore on the lock screen. (only iOS devices)
Exchange Email settings (only available on iOS and Android Samsung SAFE, LG Gate and Sony devices)
Within this section, you can send specific email settings for an email account to your users’ mobile devices.
These “Available settings” can be configured in “System settings | Exchange Settings“. In there, you have the following configuration possibilities when pressing the “Add” button:
- Server - specify the FQDN of the email server.
- Days to synchronize - defines the synchronization value for this email account
- Use SSL - Enables SSL for the connection from the device to the email server
- Account information - you have three options "Take information from Sophos Cloud user details", "Take information from Sophos Cloud user details with email as login" or "Define exchange information for one user here". If the first option is used, the entries of the fields "Email address" and "Exchange Login" will be used for the fields "Exchange email" and "Exchange login" for every user the profile will be deployed to. This option is used like a variable. Using the second option the users email address will be put in the "Exchange Login" and "Exchange Email" fields.
Using the third option, you can specify these fields manually to configure one specific account.
- Exchange login - the login required for the Email Server which might differ from the email address.
- Exchange email - the email address of the account which should be used. This can also be configured in the user details of each user.
Wi-Fi Settings (all settings available on all supported platforms)
Within this section, you can send a configuration for a Wi-Fi to your users’ mobile devices. These “Available settings” can be configured in “System settings | Wi-Fi Settings“.
In there, you have the following configuration possibilities when pressing the “Add” button:
- Network name (SSID) - Specify the name of the wireless network
- Security type - select the security protocol used to protect the WLAN. Available settings are: "None", "WEP", "WPA/WPA2"
- Password - Enter the password which was used to secure the key
- Connect automatically - If this setting is enabled, the device will connect to the WLAN automatically if it is in range (only available for iOS devices)
- Hidden network - Mark this checkbox, if the network is hidden (only available for iOS devices)
- Proxy - If a Proxy is required within this WLAN you can enable it here (only available for iOS devices)
Available settings are "None", "Manual", "Automatic". Using "Automatic" an additional field is displayed where you can enter the Proxy URL.
Using "Manual" will display the following additional fields:
- Proxy server - the URL of the proxy server which should be used.
- Proxy port - the port the proxy server is listening on.
- Proxy authentication - if the proxy requires authentication, enable this checkbox.
- Proxy user - specify a user name which should be used to authenticate at the Proxy.
- Proxy password - password of the user configured in "Proxy user".
What are SAFEv2+ enabled devices / Android SAFE devices?
SAFEv2+ enabled devices are specific Samsung devices which support the Samsung specific API to configure settings on the device.
The Sophos Mobile Control client automatically detects if a device supports this feature or not. If the device supports it, the Sophos Mobile Control client will ask the user to accept the"Samsung KNOX License Agreement".