Datasheet | Systems Manager

Systems Manager
Multi-platform
Enterprise Mobility Management

Overview
Meraki Systems Manager provides cloud-based, over-the-air As Cisco’s EMM solution, Systems Manager supports a variety
centralized Enterprise Mobility Management (EMM). Simply of platforms allowing for the diverse ecosystem often found
administer distributed deployments of all of your devices in today’s mobile centric world. This places Systems Manager
through a powerful web-based dashboard. in prime position to alleviate the concerns of security teams
in regulated industries, empower teachers to run their digital
Managed devices connect securely to Meraki’s cloud, classroom, and ease the burden of enterprise IT teams with
enabling device tracking, software and app deployment, distributed sites. Meraki solves the mobility management
content delivery, enforcement of security policies, identity needs of today and whatever comes next.
management, and Cisco network integration. End user
permissions can change automatically from policy information
such as time of day, geolocation, security posture, and user
group.

MOBILE DEVICE MANAGEMENT (MDM) MOBILE APPLICATION MANAGEMENT (MAM)

Total device management for mobile and desktop Industry-leading ease of use brought to software management

• Provision settings and restrictions • Deploy in-house developed and public apps

• Inventory management and device tracking • Enterprise app store and cloud hosting

• Full device wipe and selective wipe • Native app containerization with Android Enterprise,
iOS managed open-in
• Remote viewing and troubleshooting
• Managed-app configuration
• Native remote desktop support
• Volume app licensing
• Android, Apple TV, Chrome OS, iOS, macOS, Windows 10,
Windows 10 Mobile, and Microsoft Server
MOBILE IDENTITY (MI)
MOBILE CONTENT MANAGEMENT (MCM)
Simple and comprehensive policy management
Control and provision content and file-sharing
• Control access by OS type, security compliance, time of day,
• Deliver content through proprietary file sharing & backpack geolocation, and user groups
• Enable shared use of mobile devices • Identity access management (IAM) including files, apps,
• Enterprise file sync and sharing (EFSS) Dropbox integration settings & certs

• Access policies for file distribution, replacement, • Limited access roles for granular administrative access
and deletion to Dashboard

• Conditional access to files including copy/paste and e-mail • Automated network policy management on Cisco networks
attachments • Active Directory, LDAP, and OAuth integration
Cloud Architecture
and Scalability
Meraki’s cloud architecture provides a highly flexible system for
mobility management. Whether an organization starts with one
device or one hundred thousand, there is no difference in the
components required or the complexity to deploy. Simple and
quick to get started, powerful and scalable for the long term.

Mobility management is a symbiotic partnership between

device manufacturer (e.g. Apple, Google, Microsoft) and
EMM vendor. Meraki’s cloud infrastructure and agile
development model delivers features and support for
new EMM functions at lightning speed, with no patches or
software installs required.

With Systems Manager, Meraki offers the industry’s only end-to-

end solution which unifies EMM with network elements such as
WLAN, WAN, and LAN. This is achieved through native network
integration and uses a single pane of glass management
dashboard. Gain complete visibility and control from the top of
the network to the edge while also enabling typically complex
security features in a couple clicks. The intuitive Meraki
dashboard enables IT professionals to configure and deploy in
just minutes without specialized training or dedicated staff.

Onboarding and Enrollment

Systems Manager has a flexible onboarding process with a
number of curated enrollment options. These options can vary
based on the type of device and the style of onboarding. Bring
Your Own Device (BYOD) can be easily managed alongside the
stricter requirements of an organization owned device.

Enroll devices seamlessly through built-in integration with

platforms such as Apple’s Device Enrollment Program (DEP),
Systems Manager Sentry, via a web-based self-service portal
directly on the mobile device, or by installing an app from an
app store. Supervise iOS devices over-the-air with DEP or
integrate with existing Apple Configurator deployments.

With Android for Work, create personal and work profiles

and optionally implement device ownership. For macOS and
Windows devices, utilize programs like DEP and Work Access.
Alternately, Systems Manager can be deployed over the air or
on individual machines via a lightweight installer.

Once enrolled, each device downloads its configuration

from the Meraki cloud applying device restrictions, network,
and security policies automatically — eliminating manual
device provisioning.

2 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Profiles & Settings
Profiles & settings provide a comprehensive suite for the
wide range of device provisioning needs. This can contain
everything from device restrictions and permissions to FileVault
encryption as well as e-mail, device privacy, WiFi, VPN,
wallpaper, notifications, contacts, Web Clips, managed app
settings, education and Apple Classroom, and much more.

Combining profiles & settings with Mobile Identity establishes

a powerful way to dynamically and intelligently distribute
the required settings to the correct device given time of day,
OS type, security compliance, geolocation, and user groups
considerations.

Meraki provides the answer to complex mobility requirements

while maintaining industry-leading ease of use aimed to create
a delightful experience for administrators and end users.

Mobile provisioning becomes simple click or drag-and-drop.

Apps, Software,
and Containerization
Total application management requires control, distribution,
and visibility over not just apps but also app licenses, software
inventory, and containerization requirements. Systems
Manager installs public apps by integrating with the Apple App
Store and Google Play Store. Private apps are also managed
seamlessly through cloud-hosting or locally hosting apps and
installers for enterprise app and software deployments. The
needs of today’s application security are met through a mixture
of app blacklists and whitelists, permission management
and restrictions, and native containerization through Android
for Work (Android) and a comprehensive implementation of
managed open-in (iOS).

Mobile Identity also integrates with software management to

provide a way to create granular policies and automation for all
application needs.

Solve complex requirements with managed app settings,

software encryption, separation, and permissions. Simplify
mobile application and software deployments to a couple
clicks.

3 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Rapid Deployment and Scalability
Meraki’s cloud management platform enables mobile device Systems Manager Sentry Enrollment
initiatives to quickly scale to deployments of massive scale.
This is accomplished in part by the reliability and flexibility of Sentry enrollment also provides zero-touch deployment for
the Cisco Meraki cloud and the complete support of different administrators. Without Systems Manager, unmanaged devices
enrollment methods. Devices can be enrolled and onboarded both trying to join the network are first sent to a splash page to install
automatically for zero-touch administration or manually for more Systems Manager. Only after enrollment can devices gain access to
flexibility in other use cases. Enrollment is done through profiles the network and corporate resources.
and/or lightweight installers (agents).

Manual Enrollment
Automated Enrollment Methods
For all deployment models, Systems Manager offers a web-
iOS and macOS devices can be enrolled in Systems Manager out based self-enrollment process directly on the mobile device or by
of the box by utilizing Apple’s Device Enrollment Program. This installing a downloadable app from an app store. Systems Manager
provides a seamless deployment of Apple devices without the need also integrates with Apple Configurator, provides QR codes for
for administrators to physically touch devices. enrollment, and supports the distribution of enrollment URLs via
e-mail and SMS.
Windows devices can be enrolled over the air using Work
Access. Deployments using the lightweight installer can be done
dynamically using an Active Directory Group Policy Object (GPO) for
all the devices in a Windows domain.

Android for Work enabled devices can be automatically enrolled

when adding a company account for a work domain managed by
Google and bound to their Systems Manager network.

Administration and Management

Systems Manager is designed to help you keep your managed Deploy Software
devices up-to-date with the latest user demands and organization
requirements, while lowering the IT burden. Deploy policies and Systems Manager installs software on any number of PCs
changes seamlessly from the cloud, across thousands of devices at and Macs. Upload to the cloud or locally host MSI or EXE files for
once. PCs or DMGs for Macs, select the machines, and let the Meraki
cloud do the rest. If a device is unavailable, the software will be
enqueued and installed the next time it comes online. Systems
Automated Device Provisioning Manager also supports Mac apps through the Apple App Store.

Devices are provisioned based on user group, OS type, security

compliance, time of day, and geolocation. Automatically deliver Deploy Apps
apps, network, and security settings specific to each device & user.
For iOS devices, Systems Manager is integrated with the Apple
App Store and Apple’s Volume Purchase Program. Google Play is
Email Configuration supported on Android devices. Additionally, enterprise apps are
supported on both iOS and Android. Systems Manager makes
Enable provisioning of email accounts and mail settings including it easy to distribute apps to ten users or thousands and on any
encryption, stored mail history duration, and access permissions on number of devices.
enrolled Apple iOS and Android devices.

4 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Enforce Restrictions Full Device Wipe and Selective Wipe

Restrictions allow organizations to control how devices are used. Systems Manager provides a mechanism to prevent enterprise
Disable FaceTime, the App Store, and control gaming and media data from getting into the wrong hands. The selective wipe
content consumption by content rating. Restrict access to iCloud feature removes all configuration profiles and apps that have been
services to disallow backup of sensitive information to Apple’s previously pushed to a device via EMM, while keeping the device
infrastructure. Disallow applications and application permissions. enrolled for the purposes of tracking. Full device wipe, or factory
reset, removes everything, including the management profile, to
completely erase all data and remove the device from Systems
Security Compliance Manager.

Systems Manager helps organizations protect mobile devices

and data with customizable security policies. Deploy fine-
grained policies to check whether devices are encrypted, locked,
jailbroken, and running the latest OS version before dynamically
assigning device settings, apps, and content in order to secure
resources and data. Require a passcode on devices before pushing
Exchange settings, limit jailbroken devices to the guest network, or
revoke privileges if devices violate security policies.

Visibility, Diagnostics, and Control

Systems Manager starts to monitor managed devices as soon as Systems Manager provides built-in software inventory
they enroll. Policies continue to be applied to devices anywhere in management, simplifying software license management, even
the world, even if they lose internet connectivity. Live diagnostics in multiplatform environments. See all installed software on
tools help with troubleshooting and daily administration tasks. managed computers and apps on mobile devices. Alternatively,
Use Systems Manager’s visibility of devices, users, software and type the name of a particular application in a Google-like search
applications on your network to provide end to end security and bar to search through a comprehensive list of installed software
management right from the dashboard. across managed devices. Easily identify devices running outdated
software, track down compliance or licensing issues, or uninstall
unauthorized software right from the dashboard.
Asset Management
Manage hardware inventory using Systems Manager’s built-in
catalog of machines by CPU type and speed, system model, or
Systems Manager gathers available information from the
operating system build. Systems Manager also tracks wireless
device’s GPS, WiFi connection, and IP address to provide a device’s
adapter details, including make, model and driver version, helping
physical location, down to street-level accuracy. Privacy controls
track down connectivity issues.
are available to turn off location reporting for sensitive devices
and users.

5 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Live Troubleshooting and Diagnostics Privacy Settings

Systems Manager provides a suite of real-time diagnostic tools. When applicable, ensure user privacy by limiting access to device
Initiate remote desktop, take a screenshot, see the current process location and BSSID tracking. Access rights can be used to limit
list, and remotely reboot or shutdown Macs and PCs. For remote administrative capabilities over managed devices including
desktop access, Systems Manager automatically configures a disabling remote desktop, software inventory, reading device
VNC server and establishes a secure end-to-end tunnel back to profiles, installing applications, and the ability to remote wipe
the dashboard. These tools enable complete remote systems devices.
management, even in complex network environments with multiple
firewalls or NAT gateways.
Cellular Data Management
Manage daily requests for iOS and Android devices, like remotely
clearing the passcode, locking a device, or even erasing data in
Set limits for cellular data usage across all managed devices.
the event that the device is compromised. Monitor device statistics
Create multiple policies for different plan thresholds, and attach
like battery charge and device memory usage centrally from the
policies to apps and settings in order to restrict access, data, and
dashboard.
functionality if a device goes over a plan’s limit. Track data usage
over time as well as on demand while recieving e-mail alerts and
taking action dynamically given data limit violations.
Email Notification Alerts

Configure fine-grained alert policies to send email notifications to

monitor devices, software, compliance, and connectivity. Be notified
when unauthorized software is installed on a managed device,
when specified devices (like critical servers) go offline, and when
the Systems Manager agent or profile is removed from a managed
device.

6 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Network Integration – Sentry WiFi Security

Systems Manager Sentry Automatically provision EAP-TLS WLAN authentication with unique
certificates without a need to manage a certificate authority or
RADIUS server. When a device fails security compliance, e.g. due
Systems Manager is unique in the EMM market as it is part of to the user disabling the antivirus or jailbreaking a device, have
a complete and integrated IT stack which includes wireless, Systems Manager remove the certificate from the device and the
switching, security, security cameras, and phones and is entirely device from the network.
managed by one single pane of glass. As part of Cisco Meraki’s
end-to-end IT solution, Systems Manager provides visibility and Requires: Systems Manager (SM) and Meraki Wireless (MR)
functionality not available with standalone EMM products. This
gives an IT team more time to focus on their organization’s mission
instead of spending time on integration or complex configuration. Sentry VPN Security
Device on-boarding, settings assignment, application management,
and network access, are just some IT responsibilities that can be Provision client VPN automatically including unique usernames and
simplified, automated, and dynamically updated with Systems passwords while controlling access based on security compliance,
Manager Sentry. time of day, user group, and geolocation.

Systems Manager continuously keeps track of mobile identity Requires: Systems Manager (SM) and Meraki Security (MX)
and device posture and will dynamically adjusts policies to match.
Security threats are constantly evolving which makes deploying
a safe and secure connectivity infrastructure paramount to any
organization. When Systems Manager is deployed on a Meraki Sentry WiFi Settings
network infrastructure, it enables context-aware security and
connectivity. Below is a list of features found in the Systems Provision WiFi settings automatically to connect managed devices
Manager Sentry suite. to a Meraki MR wireless network. Sentry WiFi settings eliminate
the need for an administrator to enter manual WiFi settings and
configuration or update when there are changes to an MR network
in the same organization.
Sentry Enrollment

Integration with Meraki access points (MR series) enables network

administrators to only allow devices managed with Systems Sentry VPN Settings
Manager to access the network. Sentry enrollment also provides
zero-touch deployment for administrators through a user self- Provision VPN settings automatically to connect managed devices
service portal. Without Systems Manager, unmanaged devices to a Meraki MX security appliance. No need to insert manual
trying to join the network are sent to a splash page to install VPN settings or update given changes to an MX network in the
Systems Manager. Only after enrollment can devices gain access to same organization.
the network and corporate resources.

Requires: Systems Manager (SM) and Meraki Wireless (MR)

Sentry Policies

Meraki network settings such as firewall rules, traffic shaping

policies, and content filtering can be dynamically changed based
on mobile identity information from Systems Manager. Network
access is controlled, updated, and remediated automatically based
on granular policies ranging from OS type and time schedule to
security posture and current user.

Requires: Systems Manager (SM) and Meraki MX or MR

7 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Multi - OS Management

Android 4.4+ (Android for Work 5.0+)

including phones, tablets & more

Chrome OS (G Suite or G Suite for Education acct.)

including Chromebook, Chromebox & more

iOS 5+ (Systems Manager App requires iOS 7+)

including Apple iPad, iPod Touch, and iPhone

tvOS 10.2+
including Apple TV generation 2 and later

macOS 10.7+
including Macbook, iMac, Mac mini, Mac Pro & more

Windows 10, 8.1, 8, 7, and Windows 10 Mobile

including Surface, tablets, desktops, laptops & more

Windows Server 2016, 2012, 2008 R2

8 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Specifications
Supported Platforms Software and App Management

Android 4 or higher including phones, tablets & more (Android for Work requires 5.0+) Inventory installed software and apps

Chrome OS including Chromebook & more (G Suite or G Suite for Education account) Custom deployment of software and public App Store and Google Play apps

iOS 5 or higher including iPad, iPod Touch, & iPhone (SM app requires iOS 7 or higher) Integration with Apple App Store and Apple’s Volume Purchase Program

macOS 10.7 or higher including Macbook, iMac, Mac mini, Mac Pro, & more Integration with Google Play Store and Android for Work

Microsoft Server 2016, 2012, 2008 R2 Host files up to 3GBs on the Meraki cloud

tvOS 10.2 or higher including Apple TV 2nd generation and later Software installation via .msi or .exe on PC and .dmg on Mac

Windows 10, 8.1, 8, 7 including Surface, tablets, desktops, laptops, & more Software uninstallation (Mac and Windows)

Windows 10 Mobile, 8.1 including Surface, Lumia, HTC, Nokia, & more Uninstallation of apps (Android and iOS)

Restrict app installation

Management Restrict in-app purchase
Managed via the web with Meraki’s secure browser based dashboard Unauthorized software and app installation monitoring and notification
Centralized administration of managed devices Install enterprise apps
Organization level two-factor authentication App blacklist and whitelist (Android and iOS)
Role-based administration

Inventory data export to CSV Content Management

Remote command line Custom deployment of files, documents, apps (Android and iOS)
Administrative event log and activity log Update and deploy the latest file version to devices (Android and iOS)
Automatic alerts for installed software, geofencing, enrollment, and security reporting Manage and distribute app licenses (iOS and macOS with VPP)
Copy profiles across different networks Device license assignment (iOS with VPP)
Install available OS updates (iOS and macOS - requires DEP) Deploy iBook licenses

Home screen layout and uploading wallpaper and homescreen images (iPad only)
Security

Device location using device WiFi, IP address, and GPS data

Device Restrictions
Containerization, separation of managed and unmanaged data (via managed open-in
Restrict use of camera (iOS and Android)
with iOS and Android for Work with Android)
FaceTime, Siri, iTunes Store, multiplayer gaming, and Apple Music (iOS)
Unenrollment monitoring and notification
Restrict content consumption (YouTube, explicit music & podcasts, content rated movies,
Antivirus, antispyware, firewall, disk encryption, passcode and password, screenlock
TV shows, and apps) (iOS)
timeout , and jailbreak and root detection
Enforce passcode policies and failed entry device wipe policy (Android, iOS, Mac, PC)
Restrict access to iCloud (iOS and macOS)
Single App or Kiosk mode (Android and iOS)
Restrict users to accept untrusted TLS certificates (iOS)
Autonomous Single App mode (iOS)
Force encrypted backup (iOS) encrypted storage (Android) FileVault 2 (macOS) encrypt
device internal storage (Windows 10 Mobile) Automatic and whitelisted content filter (iOS)

Global HTTP Proxy (iOS) Restrict use of AirDrop (iOS)

Enforce passcode policies and failed entry device wipe policy (Android, iOS, Mac, PC) Restrict changes to cellular data usage for apps ( iOS)

Scan client device for Systems Manager before allowing network access Toggle Voice and Data Roaming Settings (iOS)

(Android, iOS, Mac, PC) Restrict which Airplay devices are listed (iOS)

Simple Certificate Enrollment Protocol (SCEP) Keep device name up-to-date (iOS)

Customer Certificate Signing for certificate provisioning Manage unmanaged apps (iOS)

Access rights to limit Dashboard control (e.g. cannot erase BYOD devices iOS and Mac) Lock wallpaper and device name (iOS)

Dynamic profile management - security compliance, geofence management, time Managed domains, Safari autofill domains (iOS)
schedule, minimum running OS, App black/whitelist, and data limit thresholds Notification settings and disallowing changes to notification settings (iOS)
Lost Mode (iOS) Show/hide apps (iOS)
Always-on, On-demand, and Per-app VPN, AnyConnect VPN SSID whitelisting (Android and iOS)

9 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Troubleshooting and Live Tools Monitoring
Remote device lock, unlock, and wipe (Android, iOS, Mac, and Windows) Hardware vitals and specs reporting
Remote reboot and shutdown (iOS, Mac, and Windows) Network access, connectivity, signal strength monitoring
Remote desktop and screenshot (Mac and Windows) Restriction compliance monitoring
Access device process list (Mac and Windows) Device location with device WiFi connection, IP address, and GPS data
Send instant notification to device (Android, iOS, Mac, and Windows) Battery, storage, RAM and CPU usage, outage monitoring
Monitor active TCP connections, TCP stats, and routing table (Mac and Windows) Override location based on network/IP information (e.g. when GPS isn’t an option)
Selective Wipe (Android, iOS, and Mac)

Toggle voice, data roaming, and hotspot (iOS) Automatic Provisioning

Command Kiosk-mode or Single App mode on demand (Android and iOS) Group Policy integration into the Cisco Meraki hardware stack

Initiate Airplay remotely (iOS) Dynamic tags based on mobile identity including geolocation, security posture, and time

Active Directory and LDAP group integration to automatically apply tags, owners, & users
Network Configuration Deployment Automatically distribute and revoke app licenses with VPP
Deploy WiFi settings including WPA2-PSK & WPA2-Enterprise (Android, iOS, Mac, and Do Not Disturb - Pause updates for mission critical devices & stage Kiosk Mode updates
Windows)

Deploy VPN configuration and authentication settings (Android, iOS, and Mac) Email Settings
Deploy server side digital certificates (Android, iOS, Mac, and Windows) Exchange ActiveSync email account provisioning (Android and iOS)
Scan client device for Systems Manager before allowing network access (Android, iOS, Restrict outgoing mail to only the managed account in mail app (iOS)
Mac, and Windows)
Client certificate-based authentication
Deploy Airplay destinations and passwords
Use custom domains and domain formats
Cisco ISE MDM API Integration
Force the use of SSL when using ActiveSync

Enable S/MIME when using ActiveSync

Sentry Security
Managed app settings for email in Gmail app (Android and iOS)
Sentry Policies - Network policy enforcement based on posture (Android, Chrome, iOS,
Mac, and Windows) Use device owners to automatically insert e-mail addresses specific to users on a device

Sentry Enrollment - Integrated self service onboarding (Android, iOS, Mac, and Windows)
Cellular Data Management
Sentry WiFi Security - Single click EAP-TLS deployment (Android, iOS, Mac, & Windows)
Generate global and individual reports for cellular data usage (Android and iOS)
Sentry VPN Security - Auto provision mobile client VPN (Android, iOS, Mac)
Monthly counter and plan start date for tracking usage by plan (Android and iOS)
Sentry WiFi Settings - Auto configure WLAN settings (Android, iOS, Mac, and Windows)
Policies to specify single or multiple data limit thresholds (Android and iOS)
Sentry VPN Settings - Auto configure VPN settings (Android, iOS, Mac, and Windows)
Use policies to take action on devices going over their data limit (Android and iOS)

Device Enrollment Restrict changes to cellular data usage for apps ( iOS)

App enrollment (iOS and Android) Toggle data roaming and personal hotspot (iOS)

Auto enrollment through DEP (iOS 7+ and macOS 10.10+)

Teacher’s Assistant
On-device enrollment (iOS, Android, Mac, Windows)
Teacher portal with limited access roles (e.g. limit device visibility to those only in the
Integration with Apple Configurator & Profile Manager (iOS and Mac)
classroom or only during specific times)
SMS or email enrollment invitation (iOS, Android, Mac, Windows)
Lock devices into single app mode
Local installer deployment (Mac and Windows)
Configurable time schedules
Integration with Active Directory’s GPO (Windows)
Initiate AirPlay on an iOS device to an Apple TV
Quarantine devices upon enrollment (Android, Chrome, iOS, Mac, Windows)
Push files to students using backpack and managed shared/switching student profiles
Chrome OS Device Managment through G Suite and G Suite for Education
Full support for Apple Classroom and Apple School Manager (ASM)
Multi-user authentication - change device software, settings, & access (Android and iOS)
Multi-user and shared tablet support for both Apple and Android devices

10 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Native Systems Manager API (RESTful to automate commands & customize reporting) Disable volume adjustment

Remote device lock, unlock, and wipe (Android, iOS, Mac, and Windows) Prevent USB file transfer

Remote reboot and shutdown (iOS, Mac, and Windows) Prevent tethering and mobile hotspots

Remote desktop and screenshot (Mac and Windows) Prevent mounting physical media storage

Access device process list (Mac and Windows) Restrict modification of accounts

Send instant notification to device (Android, iOS, Mac, and Windows) Restrict access to ADB (Android Debug Bridge)

Monitor active TCP connections, TCP stats, and routing table (Mac and Windows) Restrict app permissions

Selective Wipe (Android, iOS, and Mac)

Toggle voice, data roaming, and hotspot (iOS)

Command Kiosk-mode or Single App mode on demand (Android and iOS)

Initiate Airplay remotely (iOS)

Cisco Security Connector

For supervised iOS devices running iOS 11+

Requires Systems Manager and a license for either Cisco AMP for endpoints and/or
Cisco Umbrella licensing

Protect end users from connecting to malicious destinations

Encrypt internet (DNS) requests

Defend against phishing

Provide insight into activity during incident investigations

Build audit reports of user, device, and app traffic

Coverage on corporate networks, public Wi-Fi, and cellular networks

Android (Android Enterprise)

Whitelist apps

Control System apps

Disable all screen lock features (Android Marshmallow 6.0+)

Disable notifications (Android Marshmallow 6.0+)

Disable un-redacted notifications (Android Marshmallow 6.0+)

Disable fingerprint (Android Marshmallow 6.0+)

Disable camera (Android Marshmallow 6.0+)

Disable trust agents (Android Marshmallow 6.0+)

Prevent installation of apps from unknown sources

Prevent cross profile copy and paste (Android Enterprise/Android for Work)

Prevent app control e.g. uninstalling apps, clearing app data, and force stopping apps
(Android Enterprise/Android for Work)

Enforce application verification (Android Enterprise/Android for Work)

Android Device Owner

Restrict modification of WiFi settings

Disable SMS

Disable screen capture

Disable data roaming

Disable factory reset

11 Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com