MobiControl now supports ChromeOS allowing users to effortlessly enroll devices, monitor them alongside devices from other platforms, and perform essential actions such as wiping, enabling, and disabling. Connecting your Google Admin Console with MobiControl significantly streamlines administrative operations for Chrome OS.
MobiControl Administrators can now manage Apple TV devices. They can enroll the Apple TV devices in MobiControl using Automated Device Enrollment (ADE) and can deploy several payloads such as Feature Control, Single App Mode, and Conference Room Display Mode.
Enable the new Declarative Device Management protocol for Apple devices running iOS 16 or later to allow them to be proactive and autonomously report status updates. This protocol significantly reduces network traffic, decreases the latency of device status updates, and empowers the device to maintain compliant states even when offline.
Make use of this powerful feature to speed up the download of software updates and iCloud data across your macOS devices. MobiControl Administrators can now configure one or more macOS devices to save this data locally, and other devices can download from these selected devices instead of going to the cloud hosted Apple update servers.
Swiftly respond to security breaches or data leaks by remotely locking devices through the web console. This feature not only enhances data protection and device security but also offers flexibility in unlocking devices either through the web console or by using a unique PIN set by the Administrator. MobiControl ensures a prompt and secure response to potential threats, providing comprehensive control over device access for efficient incident management.
Experience seamless package management with Package Studio Support in SOTI MobiControl. Eliminate the disjointed process of using a separate desktop application by enabling the creation, viewing, and editing of packages directly within the web console. This not only enhances IT administrator efficiency but also reduces costs by removing the need for a dedicated Windows machine and streamlining all package management capabilities in one centralized platform.
Administrators can now create, save, and send JavaScript to the SOTI Surf browser to change the behaviour of web-applications. These scripts can be saved as templates to automate user actions such as auto login, autofill, and keypress options. The ability to send JavaScript can also be tailored to customize the display of web apps, such as SAP web apps, which don’t render properly in a standard mobile web browser.
To continue using the Legacy Remote Control Plugin, Customers must uninstall the current version from their local systems and re-install the plugin via the link present in the 2024.1.0 MobiControl Web Console. Remote Control via XSight is not affected.
Customers who make use of the MobiControl APIs will require an additional layer of encoding when including path parameters in their API calls which contain special characters (E.g. !@#$%^&*()+.\?/) due to security enhancements made to MobiControl’s backend.
Customers who are upgrading to 2024.1.0 from a MobiControl instance below 15.2.0 must ensure that in their database properties, the compatibility level is changed to SQL Server 2016 or greater.
Users are now able to view profile assignment options from the "Assignment" tab in the profile details dialog box. This will simplify the process users take to view profile assignments and allow them to identify wrong configurations faster and/or compare with other profiles. Three new distinct tabs for installation, profile scheduling and package options are also being introduced when configuring assignment options to improve visibility of all cards.
This feature will let administrators search for devices when assigning profiles/ policies to specific devices. Furthermore, the search filter will carry over to multiple device groups so that the query does not have to be retyped.
Users can control how many devices in bulk can be impacted by a single device action. This adds an additional layer of security for users to mitigate the risk of unwanted bulk device actions being sent to many devices. In addition, this feature will allow a configurable setting for each user/group/role that controls how many devices can be actioned by a user in one go.
This feature will provide users with a warning message in the “Edit Profile” window whenever another user is actively editing the same profile. This will help avoid situations where users accidentally over-write changes in a profile.
Experience precise control over device enrollment with enhanced criteria-based restrictions. Define enrollment criteria within Android, Apple and Linux enrollment policies tailored to your needs for seamless control over device enrolment.
Users can now limit enrollment within a user group for authentication-based enrollment. This restriction ensures that users cannot enroll beyond the defined limit specified in the restriction rules. This feature applies specifically to authentication-based enrollment, serving to curb any unauthorized use of licenses.
With this new feature, users can easily replicate existing app policies, streamlining the deployment process and saving valuable time. Clone will create an App policy in draft which can be further modified. This feature enables users to establish a foundational structure and significantly reduces the time required to initiate policy creation, eliminating the need to create the policy from the start.
Visualize your data more effectively with the numerous enhancements and adjustments that have been made to the charts in MobiControl. Charts have become more interactive with incorporate features such as drag-and-drop functionality, 2D and 3D preferences, a magnifier, and legends. The users can now create a filter query with just a click on the chart. Additionally, "Others" drilldown, will enable the users to delve deeper into the data.
This functionality will empower users to efficiently search through extensive datasets within users and permission in users, groups and roles tab using keywords. This streamlined search capability not only saves time but also boosts productivity significantly. Moreover, users can effortlessly establish mappings with users and roles through a simple click, enhancing the overall efficiency of data management.
Users may now export and import Apple, Windows, and Linux profiles along the existing support for Android. Profile configurations which contain certificates and passwords are now included and up to 3GB of packages may be selected. Furthermore, export and import requests are now placed in a queue with the requests of other users and are prepared in the background, allowing users to continue using the web console. (Note: Apple tvOS profiles are not supported as of this release)
Administrators can now copy general permissions from one role, user, or group to another with the copy permissions option. This reduces the effort of configuring new roles, users, or groups by allowing administrators to build from the general permissions of existing ones.
With this feature, users can now click on the statuses next to the profile execution status chart. This will open a new tab of the MobiControl web console on the devices page, where you can find the devices with that execution status, thereby streamlining the workflow of troubleshooting problematic profile statuses.
Users can now create Signal Policies that support events and properties for Linux, Windows Modern, and Windows Desktop classic devices. Moreover, users can choose additional categories for configuring conditions related to System, User and Group, Profiles, and Policies. Lastly, with the introduction of device side evaluation frequency, users can configure Signal Policies to be more responsive and allow devices to initiate Send Script actions for certain conditions even when devices are offline.
Administrators can now execute scripts after device reboots even when the device is not connected to the MobiControl Server. This avoids mobile worker disruptions by running scripts before the device is in use and ensures operational continuity post device reboot.
Administrators can set limits on incorrect attempts to access administrator mode on the device. This enhances security by guarding against brute force attacks, reducing the risk of unauthorized access and data breaches.
Administrators can now utilize JSON files for custom data generated by business applications directly within MobiControl. This enables administrators to effortlessly access and display the corresponding values in their web console. This eliminates the need to engage in complex workflows aimed at translating JSON files into INI or XML formats.
Users can easily identify devices that are connected to a VPN as they can now view both device and VPN IP addresses (IPv4/IPv6) at the same time on the Web Console. This feature will increase productivity as the employee need not determine VPN details manually for each device.
Administrators can now cancel any scheduled firmware upgrade on any compatible Zebra device through the Web Console. This update will increase the OS management efficiency of the organization and reduce the operational costs due to incorrectly scheduled upgrades.
For Samsung devices enrolled as Android Enterprise Work Managed, administrators can now deploy premium features through Samsung Knox Service Plugin (KSP) OEMConfig via Profiles through Profiles, without having to enter a Knox Platform for Enterprise (KPE) Premium License. This allows administrators to efficiently configure their Samsung devices without obtaining a KPE Premium License from the Knox Admin Portal.
Admins can now configure a Speed Control lockdown on Android devices, without requiring configuring a Device Control Lockdown. This will enable administrators to only enforce a Lockdown while their device is in motion and allowing the device to revert to the native Android experience when stationary, providing device users regular access to the device when permitted.
Configure and deploy IKEv2 Android Native VPN types including IPSec RSA, IPSec PSK and IPSec MSCHAPv2 to Android Enterprise Work Managed devices. This allows administrators to simplify VPN solution management by deploying Android Native VPN policies for the VPN client that is built into the Android operating system which avoids having to install third party VPN client apps.
Configure firewalls for Samsung devices deployed in both Android Enterprise Work Managed and Android Enterprise Corporate Personal modes. This allows administrators to either restrict or reroute users when accessing specific IP addresses through cellular network, Wi-Fi, or both.
Administrators can now factory reset their Corporate Personal Devices running Android 11 or above wiping both personal and work profiles of the device. This will reduce the loss of time and productivity for Administrators as the burden of performing a manual factory reset of the device is alleviated.
Administrators can now generate and utilize QR codes for iOS Enrollment Policies. This QR code can be downloaded and distributed to enroll your iOS fleets swiftly and smoothly.
Admins can now use the new ‘Download and Install’ option for iOS device software update actions; automatically fetching, downloading, and installing the iOS software update in a single-step.
Admins can now specify a default application in a Web Clip Profile that will be used to open the Web Clip URL. This improves the experience for the device user as the desired application will be invoked directly instead of the Web Clip invoking the default web browser.
Admins can now create App Policies using Apps from 70 new Apple App Store regions. Allowing you to deploy more apps across your fleet globally.
Configure and deploy new capabilities to iOS devices through Profiles, with the introduction of Google Accounts, Encrypted DNS, and Certificate Transparency configurations.
Admins can now set a time zone manually for their devices so that they can configure their devices according to the time zone they want rather than what is set for them by location services. Admins can also now enable or disable Diagnostic Submission for Shared iPad devices so that the privacy of their data can be protected by preventing the device(s) logs from being sent to Apple.
IT administrators can now deploy applications as managed applications from both the 'App Store' and uploaded PKG files, with the real-time status updates on the Web Console. Additionally, the preinstalled unmanaged applications can now be converted into managed ones, from the Application listing under the Device Info screen. Finally, the managed apps will now get uninstalled automatically upon device un-enrollment from MobiControl or upon the App Policy un-assignment, deletion.
Administrators now have access to a comprehensive listing of iOS Apps compatible with multiple Apple platforms. This update significantly enhances the app search and selection experience within the macOS App Policy, providing greater empowerment for SOTI MobiControl administrators. Moreover, it enables the seamless distribution and installation of iOS Apps, specifically tailored for Apple Silicon-based macOS devices.
This enhancement provides SOTI MobiControl administrators with precise control over application execution. The update empowers administrators to prevent OS updates by blocking the OS updater process. Additionally, in cases where a process is restricted from execution, the device user will receive informative notifications regarding the blocked applications and processes.
This new feature gives SOTI MobiControl Administrators more visibility in the script execution. Administrators can now define whether they want to get the result and output of the scripts sent to devices or not.
MobiControl Administrators can now enroll devices with a more secure and precise way with identity providers (IdP) along with Lightweight Directory Access Protocol (LDAP) and Active Directory (AD) protocols. This resolves the ambiguity in the previous Directory enrollment policy which arose when there were multiple enrollment policies which had user groups that contained the same user.
IT administrators can effectively monitor and enforce compliance for Windows Modern devices. Easily set and manage compliance criteria based on diverse device and app properties. View non-compliant devices in the web console, receive email notifications, and implement conditional access for applications. This feature ensures seamless alignment with business requirements, enhancing monitoring efficiency and enabling proactive identification and management of compliance issues.
IT administrators can now control website access on Windows Modern devices. Effectively manage allowed and blocked websites, domains, and IP addresses, seamlessly applying restrictions on devices for Chrome, Firefox, and Edge web browsers. Users gain access only to defined web content, reducing security risks and data leakage on unsecured networks. This feature enhances business efficiency, promoting a secure work environment while boosting productivity.
Enhance device security by enabling IT administrators to effortlessly activate and configure Windows Hello settings through the MobiControl web console. This feature allows users instant access to Windows Modern devices using a secure PIN, facial recognition, or fingerprint, mitigating the risks associated with password reuse and vulnerability to phishing attacks. IT administrators gain control over configuration settings, providing a seamless and efficient login experience while strengthening protection against credential theft.
Empowering IT administrators, this feature enables the effortless activation or deactivation of the Sandbox environment for individual devices or groups via the web console with a single click. It safeguards Windows Modern devices during application testing, streamlining security across extensive device fleets. This capability minimizes malware risks and ensures a secure testing environment.
Admins can now see the status of scripts associated with the package sent to devices via packages and request the output of executed scripts from the device by enabling the Capture Script Status and Output toggle while sending a script to the device.
This functionality empowers administrators to establish password compliance for users, requiring them to set a password that meets specific criteria, ensuring that passwords used on their Linux devices are robust and serve as a crucial initial defense against security breaches.
SOTI Surf now supports single sign-on authentication via SOTI Identity, enabling users to sign-in once and have access to all their essential webapps. This feature provides a more seamless, efficient, and productive user experience within a more secure user verified workflow.
Administrators can now configure SOTI Surf to render web content in Desktop mode by default, removing the need for users to toggle the rendering mode themselves.
Additionally, administrators can now customize the User-Agent value that is advertised by SOTI Surf to ensure compatibility with websites which have specific expectations about the web browser being used.
With the recent Microsoft announcement to end support for Microsoft SharePoint 13, SOTI Hub has deprecated support for Microsoft SharePoint 13. SOTI Hub will continue to support Microsoft SharePoint Online.
MCMR-33383 |
SOTI Identity users were unable to view and edit Profile permissions |
MCMR-34116 |
Profiles were stuck on ‘Pending Install’ status on certain Zebra devices |
MCMR-31498 |
Improved performance for phone call profiles with multiple phone numbers |
MCMR-32331 |
Improved overall web console performance |
MCMR-34820 |
Packages were not loading correctly within profiles |
MCMR-35354 |
Logging out of Azure shared device using the device action in the web console did not work |
MCMR-33498 |
Profile assignment failing due to previously configured package installation date not being updated. |
The following REST APIs were introduced in MobiControl 2024.1.0:
Export and Import Profiles Improvements
File Sync Policies
Reports
Data Collection Policy
Device Relocation Policy
Telecom Expense Management Policy
Email Servers
Cloud Link Agent
Enterprise Resource Gateway
Printer Administrative Server
Servers and Logs
Bulk Action Limits
Zebra LifeGuard OTA