Systems Manager is Cisco Meraki’s cloud-based enterprise mobility management tool. This covers mobile device management (MDM), mobile application management, mobile content management, and mobile identity management. What this means, is Systems Manager is going to give you a lot of granular control over what’s happening with the devices you manage.
When you first begin trying to set up Meraki’s Systems Manager, it could seem intimidating because there are a lot of powerful things you can do to your managed devices, but don’t worry! This quick start guide will help you learn the basics of Systems Manager, so you can go through a smooth deployment.
One of the biggest advantages of Meraki’s systems manager is the ability to enrol and manage so many different operating systems. Different operating systems may have different enrollment methods into Meraki systems manager. To make this simple, you can go to Systems Manager, add devices, and then see the steps to enrol each operating system. If this is your first time using an enterprise mobility management solution, don’t feel overwhelmed!
As you go through your device enrollments, you may need to learn more about a specific device or a specific operating system that’s enrolling. For example, Android devices for Android. There are two main ways you can be enrolled. If the devices are not owned by your organisation, you will likely want to use the BYOD or bring your own device enrollment method and the Android BYO enrollment method.
The devices utilise containerisation to separate the work data from the pre-existing personal data for tighter control. There’s also the device owner enrollment. When the Android device is enrolled via device owner enrollment, the devices entire storage becomes the work container. This allows your Meraki dashboard to fully control the apps and restrictions on the device. Another quick example of how some details about your enrollment may differ between operating systems is with Apple devices. For Apple devices, you are required to create what’s called an ‘Apple push notification service token’ before you can enrol any devices. Sounds like a big name, but don’t worry. It’s very easy to do. And there’s great documentation to help you along the way for Apple devices.
You can also use some optional programs that Apple builds and integrate them with Meraki systems manager to get some really awesome functionality like the device enrollment program, which allows devices to be pulled out of the box for the very first time and automatically enrol into Meraki Systems Manager. You can use the Apple Volume Purchase Program to purchase apps on a mass scale and always maintain ownership of the apps you purchase.
If you’re a school, you may also want to use Apple School Manager and shared iPad. You can also use Apple configurator to enrol and supervise iOS devices.
Of course, apps are an important part of an EMM solution. This is easy for Meraki’s Systems Manager. You can configure the apps that you want your devices to have from Systems Manager apps page for additional information on installing apps on your devices check out the apps and software documentation profiles from the systems manager settings page.
You can configure device, settings and profiles. This allows you to configure things like restrictions, email accounts, via active sync passcode, and password policies, VPN settings, wifi settings, and so much more for additional information on installing profiles on your devices.
You can tag devices with any tag name you want like employee, and then you can tag apps and profiles with the same employee tag tags, link devices, apps, and profiles together. This allows you to only install apps and profiles on the devices that you want. You can start tagging different groups of devices with the apps and profiles that are important for those end users. That way, a student device could have tighter restrictions and different apps than an employee device. As a followup to tags, you can also create security policies. There are a lot of security policies, and you can check your devices for such as if a device has antivirus running if it has a certain app installed if a device is jailbroken or rooted and so much more.
You can take this same security policy and set up email alerts based on the security policy status. So whenever a device fails a security policy, you and your Muraki administrators can get an email alert sent to you. Geo-fencing works in a very similar way to security policies for geo-fencing. You build a geo-fence boundary in the dashboard like this one, and then the device will report if it is violating, or if it is compliant with this geo-fence boundary, just like security policies dynamic tag, you can use the geofence tag to add and remove a profile based on the device’s location, using tags security policies and geo-fence policies together can give you some really powerful and robust logic checks.
We hope that’s helped you get started with Systems Manager, but if you need more in-depth help give out expert technical team a call on 020 7111 1643 or use the webchat on our home page.