Complete Mobility Management Solutions for SAFE and KNOX

AirWatch provides complete management for Samsung for Enterprise (SAFE) and Samsung KNOX Galaxy S smartphones, Galaxy tablets and Galaxy Note devices. SAFE devices are enterprise ready with enhanced device level security and management capabilities. KNOX devices offer even more enhanced security and management capabilities at a container level. Remotely manage settings, policies, applications and functionality on SAFE and KNOX devices.

Native plus SAFE and KNOX API Integration

AirWatch allows you to manage any Android device through native capabilities supported on the platform, as well as Samsung SAFE and KNOX specific APIs. To view a list of native Android functionality supported, please visit the Android page. The functionality below is specific to Samsung SAFE and KNOX devices and is available through our integration with Samsung APIs.

AirWatch Android Agent

In order to manage Samsung SAFE and KNOX devices, you must first download the AirWatch Agent available in the Google Play Store. We’ve developed an intelligent agent that supports multiple vendors and operates within multiple versions of the Android OS to simplify the enrollment process for your end users.

Samsung KNOX

Samsung KNOX offers application and container level security and management. A dual persona separates personal and corporate content and applications, making KNOX ideal for government and Bring Your Own Device (BYOD) programs.

Container Level Policies

  • User authentication
  • Email
  • App level VPN
  • SSO
  • Approved applications
  • Certificates

Security

  • Automated security
    • Disable screen capture
    • Disable third-party app screen sharing
    • Disable USB access to container storage
  • Configurable security
    • Enforce pin/password authentication policies
    • Configure container-level administrator policies

Corporate Resources

  • Configure native email client for EAS
  • Secure email data and attachments
  • Manage single sign on (SSO) across corporate services inside a container
  • Automatic data encryption at-rest and in-transit

Samsung SAFE

Samsung SAFE offers device level management and security designed for line-of-business devices and Bring Your Own Device (BYOD) programs.

Device Level Policies

  • Passcode
  • Encryption
  • Restrictions
  • Email
  • VPN
  • Wi-Fi
  • Application management
  • Reporting
  • Remote troubleshooting

Security

  • Device security
    • Enforce password policy
    • Enforce lock screen settings
  • Device encryption
    • Internal storage
    • SD card
    • AES-256 bit standard
    • FIPS 140 compliant
  • Restrictions (examples, 100+ available)
    • Applications
      • Google Play Store
      • YouTube
      • Camera
    • Functionality
      • Access to settings
      • Factory reset
      • Home key
      • USB sync
      • Cloud backups
    • Network
      • Blacklist Wi-Fi networks
    • Roaming
      • Enable data when roaming
      • Enable push notifications when roaming
    • Phone & Data
      • Call/SMS limits and restrictions
      • Maximum data usage
    • Web browsing
      • Disable native browser
      • Restrict third-party browsers
      • Security restrictions
  • Certificates
    • Silently install/remove authentication certificates for Email, Wi-Fi and VPN

Corporate Resources

  • Email/Calendar/Contacts
    • Configure native email client for Exchange ActiveSync (EAS)
    • Allow native user experience
    • Disable copy/paste, forwarding attachments and HTML email
    • Set email settings, including sync, signatures, and notifications
    • Configure POP3/IMAP email accounts
    • Enable S/MIME encryption and certificate authentication
  • Wi-Fi & VPN Networks
    • Connect to VPN networks, including L2TP, PPTP, IPSec, IPSec Xauth PSK, IPSec Xauth CRT, IPSec Hybrid RSA, Cisco AnyConnect and legacy Android VPN
    • Provision WEP, WPA/WPA2 Enterprise settings
    • Require minimum Wi-Fi security and certificate security levels
    • Restrict users from connecting to unmanaged networks or modifying settings
    • Force user to use Wi-Fi networks when available to avoid cellular data usage
    • Blacklist/whitelist networks

Applications

  • Silently install/update/remove internal apps
  • Silently remove public apps
  • Wipe application data
  • Prevent un-installation of required apps
  • Limit app installation to whitelisted apps
  • Silently remove blacklisted apps (if installed)
  • Disable system/pre-loaded apps

Remote Management and Control

  • Remote management
    • Device lock
    • Device wipe
    • Reboot device
    • Activate GPS radio
  • Remote view and control
    • Ruggedized remote control
    • Remote view for wrapped apps