MobiControl[productSupport]
SOTI MobiControl 2025.1.0 introduces a range of powerful features designed to enhance device management, security, and operational efficiency. These new tools provide administrators with extensive resources to reduce manual effort and ensure consistent configurations across devices.
Platform support for Android, Apple and Windows has been elevated with several enhancements. This release introduces over 70 new features and improvements. The reach and capabilities of SOTI VPN, SOTI Surf, SOTI Hub and Settings Manager have expanded. Lastly, the SOTI MobiControl console, server, and SOTI XTreme Hub have been improved with performance and security optimizations.
Administrators can now review and approve device enrollments, ensuring that only authorized devices are enrolled, and configurations are applied only after approval.
Administrators can now assign read and write permissions to individual packages, ensuring secure access is granted only to authorized users. These permissions can be assigned in bulk, enabling admins to efficiently manage access control across multiple packages.
Administrators can now efficiently manage, upload and delete enterprise apps across device platforms from a singular location, ensuring strict app version control and maintaining user access control for uploaded enterprise apps.
Administrators can now share column views and saved searches on the Devices dashboard with users, roles and groups, streamlining collaboration and ensuring consistent access to relevant data.
Administrators can now deploy packages up to 4GB, simplifying the process of distributing large OS updates and eliminating the need for file segmentation.
Administrators can now integrate with Sectigo Certificate Authority (CA) and manage the complete lifecycle of certificates. This is available as a REST API integration, allowing the ability to issue, renew and revoke certificates issued by Sectigo CA.
Administrators can now configure automatic device load balancing across multiple deployment servers, ensuring even distribution of load and enhancing overall system reliability.
This feature update now provides a responsive search bar in the Apps dashboard, allowing users to filter app data by keywords or criteria.
Roles and their permissions can now be cloned, reducing errors and streamlining role management.
Administrators can now edit permissions for multiple profiles and app policies.
Administrators can now leverage user attributes for searching and filtering devices, as well as targeting profiles.
Administrators can now delete draft versions of profiles, simplifying profile management and reducing errors.
Users can now integrate custom attributes and custom data macros into Signal actions, streamlining workflows.
Administrators can now monitor custom attributes and trigger automated actions based on their values using Signal policies.
This update introduces new device actions triggered by policy conditions, such as device check-ins and soft reset.
This feature enables automated failover switching for Signal services in a multi-server environment, ensuring uninterrupted monitoring and seamless device operation.
Administrators can now assign priority levels to triggered alerts, improving visibility for urgent issues, enabling quick sorting and prompt action on critical notifications.
This update allows administrators to view Signal policies assigned to a device group, improving troubleshooting and management efficiency.
Administrators can now filter profile and policy assignments based on the MX version for Android-Zebra devices.
Administrators now have visibility into package dependencies within profiles, simplifying package management by quickly identifying and deleting unused packages.
This feature offers granular control over Android Enterprise app deployment schedules. Users can define specific deployment windows, including start and end times, days of the week, and recurrence patterns.
Administrators can now allow or block apps on specific Wi-Fi or cellular networks to safeguard sensitive corporate information and regulate data consumption on Android Enterprise devices.
Easily set device permissions like Camera and Location access etc., for applications deployed via App policy.
Seamlessly roll back Android Enterprise app deployments to instantly correct errors, restore functionality on devices and maintain control over app distribution.
Administrators can now specify the installation order of Android Enterprise apps through App policy, ensuring a structured deployment process.
Easily designate apps to remain hidden from the Lockdown home screen while allowing them to be accessed by visible primary apps as needed, eliminating manual Lockdown template modifications.
Administrators can now easily enable Google Play access on specific devices through the Managed Google Play payload for Android Enterprise, allowing device users to install any Google Play work app without requiring administrative approval for each app.
Enable robust audit logging for all Android device side features and customize event selections for enhanced monitoring and compliance.
Administrators can now configure Microsoft Authenticator and Imprivata Mobile Device Access (MDA) Single Sign-on (SSO) and see all prerequisites for easy configuration via Profiles, without needing to configure Shared Device.
Administrators can now automatically log out a shared device Imprivata MDA user after a specified time or device inactivity to protect confidential data and prevent unauthorized access to corporate devices.
Configure the lock screen to display a custom message that communicates crucial information to return the device when found and provide return instructions on a lost device without giving access to the device.
Administrators can now obtain the latest Zebra LifeGuard enrollment status of a device and the most recent firmware upgrade status via a Device Action before provisioning a new firmware update.
This feature allows administrators to automatically provision the Zebra enrollment app for Zebra LifeGuard as an Enterprise app via App policy without compromising security compliance and avoid interfacing with Google Play services.
Administrators can now seamlessly configure F5 VPN using Android Enterprise Profiles, enhancing efficiency by integrating F5 with other Android Enterprise settings.
Use this feature to leverage the SOTI MobiControl server and Android Agent connection to securely retrieve debug logs without relying on FTP. This allows for quicker log submission to SOTI support, leading to faster resolution of critical issues.
Administrators can now enforce specific OS build versions and precisely schedule firmware updates, ensuring all devices are secure and up to date with minimal operational disruptions.
Increase security and user productivity by seamlessly registering iOS and iPadOS devices with Microsoft Entra ID and perform Single-Sign-On (SSO) with Microsoft Authentication Library (MSAL)-enabled applications.
This profile payload integrates ACME Certificate Authority support into SOTI MobiControl, providing automated and secure certificate management.
This feature now allows administrators to transition from legacy Kernel Extensions (KEXTs) to System Extensions, improving system stability.
Administrators can now manage macOS PKGs containing only scripts, ensuring successful installation and configuration. This functionality empowers users to automate tasks and maintain consistent configurations across macOS devices.
This update allows seamless integration with the latest Apple Volume Purchase Program (VPP) APIs, ensuring uninterrupted app distribution and licensing management.
This feature allows users to upload, view, and manage IPA files more efficiently, reducing support calls and streamlining the app deployment processes.
Operating system images can now be deployed to multiple Windows Modern devices simultaneously. This feature streamlines the provisioning process, reducing setup time and minimizing errors.
Administrators can now monitor and manage Windows OS and Microsoft application patches and updates across all devices from a centralized dashboard, improving security posture by enabling timely patch deployment, enhancing operational efficiency through streamlined workflows, and supporting compliance efforts with comprehensive visibility and control.
Administrators can now easily implement SOTI Identity-based authentication for Windows Modern devices, ensuring security with multi-factor authentication.
Administrators can now monitor and manage peripherals connected to Windows Modern devices, ensuring availability and reliability of peripherals in real time.
This improvement allows administrators to configure Windows OS and Microsoft application updates within SOTI MobiControl, enhancing security through timely patch application.
Administrators can now automatically scan, detect, and record all hardware components of Windows Modern devices.
This functionality empowers administrators to enforce Microsoft-recommended security baselines across devices.
Administrators can now apply CIS benchmarks to their SOTI MobiControl deployment, improving security posture with standardized configurations and simplifying compliance management.
Administrators can now hide the navigation bar, set power options, run scripts, and preview videos. Additionally, new and improved HTML templates with automatic synchronization ensure consistency.
Autopilot enrollment settings can now be configured within SOTI MobiControl through a unified interface.
This feature provides comprehensive visibility into Windows Defender scan results and threats at both device and group levels.
Administrators can now create, deploy, and manage local Group Policy Objects (GPOs) for control panel, Start menu, and task bar settings within SOTI MobiControl.
Administrators can now easily manage registry keys directly through SOTI MobiControl.
This functionality empowers administrators to monitor and control Windows services directly from the SOTI MobiControl web console.
Administrators can now deploy MSIX and APPX bundles to Windows devices using App Policy.
Administrators can now access real-time updates of network details during device check-in.
This feature helps administrators manage Unified Write Filter (UWF) settings to protect system integrity.
Administrators can now manage local user group memberships directly from SOTI MobiControl.
Administrators can now select multiple SOTI XTreme Hubs to deploy content to specific device groups, optimizing resource utilization, reducing network bandwidth consumption to accelerating content delivery.
Administrators can now deploy Android Enterprise apps via SOTI XTreme Hub, minimizing network impact for faster application updates and optimizing deployment.
This update introduces automated fallback capabilities for SOTI XTreme Hub, ensuring seamless content delivery, even when the XTreme Hub is inaccessible, and automating the fallback process.
Administrators can now view critical information about SOTI XTreme Hub, such as target devices, number of groups served, and recent file syncs.
Devices can now communicate with SOTI XTreme Hub using either the Fully Qualified Domain Name (FQDN) or IP address.
Administrators can now create SOTI XTreme Hub enrollment policies in the modern console, eliminating the need to use the legacy console.
This feature provides an integrated VPN solution within SOTI MobiControl, eliminating the need for third-party VPN services. Users can now establish secure VPN tunnels and utilize split tunneling to secure all or select traffic flowing between iOS devices and network resources, such as corporate app servers.
This feature provides more configuration options to administrators when the user is redirected from blocked websites. Administrators can now configure the user experience to display a simple message without redirecting or disabling the message from the user.
This new feature optimizes the integration with ProGlove by reducing the number of manual entries needed to perform a scan.
Administrators can now access documents that are stored on enterprise file servers via the Server Message Block (SMB) protocol by providing additional access to enterprise documents.
This feature helps users manage their device connectivity by allowing them to toggle mobile data on or off directly through the Settings Manager, even in lockdown mode.
This feature allows users to efficiently configure essential accessibility settings without granting full device access, maintaining security and control. The minimum agent requirement for this is SOTI MobiControl Agent 2025.0.4.
| MCMR‑33871 | Android: "Wipe Program Data" was greyed out, but the administrator was still able to wipe the program data using a script. |
| MCMR‑35101 | Old application files were still stored in DB for Apple platform after upgrading an enterprise application. |
| MCMR‑35129 | Agent and plugins fail to load in SOTI MobiControl web console. |
| MCMR‑35688 | Deleted packages could be assigned in profiles via API. |
| MCMR‑35750 | Android: Japanese translation of “Speed Lockdown is Deactivated” property in the Lockdown profile was incorrect |
| MCMR‑35751 | Android: Japanese translation of "Automatic" word in the Wi-Fi profile was not correct. |
| MCMR‑35946 | Under heavy system load, payloads were occasionally removed from profiles if they failed to load during an update. |
| MCMR‑36120 | Japanese translation of “Automatic” on the Configurations tab in Device Details was incorrect. |
| MCMR‑36564 | Windows Classic Lockdown removed Sysinternals Autologon settings, requiring reapplication. |
| MCMR‑36568 | SOTI MobiControl Administrators could not edit user passwords when the global setting for the "access policy" was toggled off for "Allow users to change account password". |
| MCMR‑36656 | Deployment of select Microsoft mobile applications for Android via App Policy Enterprise app method was failing. |
| MCMR‑36674 | MS Authenticator failed to start if Safari was blocked by Feature Control. |
| MCMR‑36684 | Certain macOS macros and scripts examples did not work as described in the documentation. |
| MCMR‑36718 | Granting "Import Reports" permission did not show “Reports” option in the hamburger menu. |
| MCMR‑36733 | Restricted apps for macOS devices were not blocked after applying a "Block Process" payload |
| MCMR‑36803 | The device logs showed "Add new device" every time the agent connected to the deployment server. |
| MCMR‑37225 | Windows, Android: Compliance policy status was not updating on the device if policy assignment used custom data with an “equal to” operator. |
| MCMR‑37383 | Android: Lockdown templates did not apply on the device when changes were made frequently. |
| MCMR‑37442 | The Notification badge did not appear on the SOTI MobiControl Agent app icon when the device received a notification |
| MCMR‑37585 | Android: Profiles were stalled on "Pending Install" and would not install after a new enrollment. |
| MCMR‑37653 | The Agree button on iOS agent had an incorrect German translation. |
| MCMR‑37806 | Inaccurate user logs were generated during certain local user login failure. |
| MCMR‑37887 | Custom Attributes / Custom Data were updated only on manual refresh after making updates. |
| MCMR‑38053 | The daily autoSync of the Apple VPP token was preventing new apps or licenses from updating during the scheduled sync. |
| MCMR‑38164 | Time sync policy when using the deployment server option was not working. |
| MCMR‑38241 | Selecting SOTI Surf as target application in Web clips prevented the browser from opening. |
| MCMR‑38601 | SOTI Surf was unresponsive at first launch. |
