Getting Started with Cisco Meraki Systems Manager

7th August 2020
Cisco Meraki Systems Manager logo on white background

Cisco Meraki’s cloud-based enterprise mobility management tool, Systems Manager, is one of the leading MDMs

Increasing numbers of HardSoft customers are looking for a Mobile Device Management (MDM) solution to help manage their mobile devices remotely, so we thought we’d tell you more about how to get started.

Systems Manager covers Mobile Device Management, Mobile Application Management, Mobile Content Management, and Mobile Identity Management. What this means is systems manager is going to give you a lot of granular control over what’s happening with the devices you manage.

When you first begin trying to set up Systems Manager, it could seem intimidating because there is a lot of powerful things you can do to your managed devices, but don’t worry! This quick start guide will help you learn the basics of systems manager so you can go through a smooth deployment.

One of the biggest advantages of Systems Manager is the ability to enrol and manage so many different operating systems. Different operating systems may have differing enrolment methods into Systems Manager. To make this simple, you can go to add devices, and then see the steps to enrol each operating system. If this is your first time using an enterprise mobility management solution, don’t feel overwhelmed by this. As you go through your device enrolments, you may need to learn more about a specific device or a specific operating system that’s enroling. For example, Android devices for Android. There are two main ways you can be enroled in. If the devices are not owned by your organisation, you will likely want to use the BYO D or bring your own device enrollment method and the Android BYO enrollment method.

Cisco Meraki Logo (Feature Image)

The devices utilise containerisation to separate the work data from the pre-existing personal data for tighter control. There’s also the device owner enrolment. When the Android device is enroled via device owner enrolment, the devices entire storage becomes the work container. This allows your Meraki dashboard to fully control the apps and restrictions on the device.

Another quick example of how some details about your enrolment may differ between operating systems is with Apple devices, for Apple devices, you are required to create. What’s called an Apple push notification service token before you can enrol any devices. Don’t worry, it’s very easy to do. You can also use some optional programs that Apple builds and integrate them with Meraki systems manager to get some great functionality, like the device enrolment program which allows devices to be pulled out of the box for the very first time and automatically enrol into Systems Manager.

You can use the Apple volume purchase program to purchase apps on a mass scale and always maintain ownership of the apps you purchase. If you’re a school, you may also want to use Apple School Manager and shared iPad. You can also use Apple configurator to enrol and supervise iOS devices.

Of course, apps are an important part of an EMM solution. This is easy for Systems Manager. You can configure the apps that you want your devices to have from Systems Manager apps page for additional information on installing apps on your devices. Check the apps and software documentation profiles from the Systems Manager settings page. You can configure device, settings and profiles. This allows you to configure things like restrictions, email accounts, via active sync passcode, and password policies, VPN settings, WiFi settings, and so much more. For additional information on installing profiles on your devices check out the profile and settings guide tags. Tags are an important fundamental feature of Systems Manager.

For a first-timer, it may seem confusing at first, we’ll break it down for you so you can understand it really easily. You can tag devices with any tag name you want, such as ’employee’ and then you can tag apps and profiles with the same employee tags, link devices, apps, and profiles together. This allows you to only install apps and profiles on the devices that you want. This is very powerful, tagging different groups of devices with the apps and profiles that are important for those end users. That way a student device could have tighter restrictions and different apps than an employee device. As a followup to tags, you can also create security policies. There’s a lot of security policies, and you can check your devices for such as if a device has antivirus running.

Cisco Meraki Systems Manager Dashboard

If it has a certain app installed, if a device is jailbroken or rooted, the security policy simply checks if the device has checked in to the dashboard at least every 30 minutes. When the device is checking into Systems Manager every 30 minutes, this policy is green and therefore it’s compliant with this policy. However, when the device has been offline for more than 30 minutes, this security policy turns red indicating that this device is now failing the security policy. What makes security policies so useful is now you can use this security policy compliance status as a dynamic tag. So if a device is compliant with the security policy, a profile can be added. And if a device is failing a security policy, a profile can be removed.

You can take this same security policy and set up email alerts based on the security policy status. So whenever a device fails a security policy, you and your Systems Manager Administrators can get an email alert sent to you. Geo-fencing works in a very similar way to security policies, for geo-fencing. You build a geo-fence boundary in the dashboard and then the device will report if it is violating, or if it is compliant with this geo-fence boundary, just like security policies dynamic tag, you can use the geo-fence tag to add and remove a profile based on the device’s location. Using tags, security policies and geo-fence policies together can give you some really powerful and robust logic checks.

Cisco Meraki’s System Manager is the only solution that provides joined-up management of mobile devices, Macs, PCs, and the entire network from a centralised dashboard.

You can add Systems Manager to your lease for an additional £0.70 per week, if you’d like to find out more give our sales team a call on 020 7111 1643 or email sales@hardsoft.co.uk