SOTI Pulse Logo

SOTI MobiControl

15.1

·

Build 3416

·

April 16, 2020

Upgrade Considerations

  • SOTI MobiControl 15.1.0 Build 3416 replaces the previous build (3413) posted on March 23, 2020
  • We strongly recommend following the standard IT change control practices and testing of product upgrades in pre-production environments

Contact SOTI's Professional Services and Support Team or visit the product documentation for information on proceeding with your upgrade.

Release Highlights

Faster File and Package Deployment with XTreme Hubs

XTreme Hubs advance the performance enhancements of Xtreme Technology (introduced in SOTI MobiControl 15.0.0) by efficiently scaling the solution to large numbers of Android devices distributed across numerous locations, such as retail stores. XTreme Hubs enable faster deployment of files and packages to devices and reduce the bandwidth load on the network connection between the XTreme Hubs and SOTI MobiControl servers. This is made possible by the XTreme Hubs serving as intermediaries between SOTI MobiControl deployment servers and Android Plus devices. Deployment servers push a single copy of files and packages to an XTreme Hub which then relays them to its associated devices.

Note:

Xtreme Hub functionality is only available to customers who subscribe to Premium or Enterprise Support.

Compliance Policies

Administrators can now implement personalized policies that determine what characterizes a compliant device in their environment. Compliance policies consist of a set of highly customizable criteria that use filtering logic similar to the device search. You can create multiple compliance policies, each with different criteria or different device group targets. Using Compliance policies administrators can configure automated actions such as allowing or blocking email access on devices using Office365 Exchange. Compliance polices are available for Android, iOS and Linux devices.

New Android Enterprise Capabilities

SOTI MobiControl 15.1 adds a number of new capabilities which collectively offer administrators greater control over device operating system updates to minimize workforce interruptions, provide more diagnostic information for troubleshooting application deployments and present an improved user experience for configuring Google Play Managed Apps.

General Improvements

General

  • Added ability to search for applications by name in the Device Information panel
  • Modified the Upgrade Agent device action to appear only when the device agent is incompatible and needs to be updated
  • Updated default device actions to: Remote Control, Check-In, Report Incident (in SOTI Assist enabled systems), Send Script, and Soft Reset
  • Added Terms and Conditions user acceptance status to the Device Information panel
  • Simplified the package upload process to allow administrators to upload packages while within a profile
  • Improved user experience of new package upload by highlighting new packages in the Packages list
  • Modified deployment server behavior to automatically update deployment server priority when a deployment server is deleted from SOTI MobiControl
  • Improved installer to check that the installation location has sufficient storage space to deploy SOTI MobiControl successfully
  • Individual profile configurations for the Windows, Linux, and Printer platforms were migrated to the next-generation user interface, completing the transition of the Profiles view.

Users and Security

  • Added ability to search for SOTI Identity users within the console when assigning a user to an enrolled device.
  • Increased supported key length of Generic SCEP certificates to 4096
  • Improved LDAP group search to include all groups of LDAP directories configured in SOTI MobiControl
  • Added support for SHA-384 and SHA-512 as root certificates

SOTI Identity Integration

  • Enhanced initial integration of SOTI Identity with SOTI MobiControl. SOTI Identity automatically generates default user roles from SOTI MobiControl (Administrator, Technician, Viewer, BYOD).

Android Enterprise

    • Added new device action: App Feedback Update compels Managed Apps on Android Enterprise devices to send their logs to SOTI MobiControl. Status information and logs are visible in the Device Information panel
    • Added new Lockdown controls for Android Enterprise devices running Android 9.0 or later, which include the ability to control device user access to the following:
        • Power button
        • Keyguard
        • Home Button
    • Improved Reset Account device action to allow administrators to create new or reset existing Managed Google Play accounts on devices without using a factory reset
    • Added support for performing Reset Passcode and Wipe device actions through Android Platform Notification Services
    • Added new device feature control option: Allow Backup Service
    • Added ability to send custom messages when device users attempt restricted actions on device
    • Added support for specifying strong authentication timeout requirements in the Authentication profile configuration
    • Added support for postponing operating system updates for 30 days
    • Added support for defining a daily installation window for operating system updates
    • Added support for scheduling a blackout period (up to 90 days) to block all operating system updates
    • Improved layout of app config for better user experience
    • Added support for field descriptions in app config

iOS

    • Added native support for the following MDM features introduced in iOS 13.0:
      • WPA3 in the WiFi profile configuration
      • SIM card specification in the Network Restrictions profile configuration
      • New Extensible Single Sign On profile configuration
      • Mail, Calendar, Contacts domains in Per-app VPN profile configurations
      • OAuth, Mail, Calendar, Contacts, Notes, Reminders options for the Exchange ActiveSync profile configuration
      • Ability to prevent the Files app from accessing external files in the Restrictions profile configuration
      • Ability to update eSIM cellular plan information
      • IKEv2 VPN profile configuration for iOS

macOS

  • Enhanced the privacy preferences for macOS, which allows administrators to limit the control each application has for private services like camera, address book, microphone, and so on
  • Enabled the automatic deployment of the Remote Control profile during macOS enrollment
  • Added Apple Device Enrollment Program (DEP) information to device information panel for devices enrolled using DEP

Printer

  • Added ability to manage certificates for Zebra printers. SOTI MobiControl supports status certificates or certificates configured through a certificate authority. Administrators can also automate the authentication of enrolled printers to a specific WiFi network without manually having to set up a WiFi connection on every printer.

SOTI Surf

    • Added new Privacy Settings to the SOTI Surf profile configuration
      • Disable Third Party Cookies: prevents third-party websites from reading or saving browser cookies
      • Restrict File Types: restricts device users from downloading files based on file extensions
    • Added ability to configure the SOTI Surf app to automatically launch or relaunch when its profile configuration is modified. Administrators can also specify a restart delay time.
    • Added support for macro variables in home screen URL or URLs in the home screen catalog. Macro variables can be custom attributes or device information based such as device identifier or MAC address.
    • Added ability to configure SOTI Surf to open a file immediately after it is downloaded

APIs

The following REST APIs were introduced in MobiControl 15.1.0:

    • Android Enterprise Migration Certificates
      • Get Android Enterprise Migration certificate information of an OEM (GET)
      • Upload Android Enterprise Migration Certificate of an OEM (PUT)
    • Compliance Policies
      • Retrieve list of compliance policies (GET)
      • Create new compliance policy (POST)
      • Manage existing compliancy policy (GET, PUT, DELETE)
      • List and update actions of a compliancy policy (GET, PUT)
      • Manage assignment of the compliance policy to devices and device groups (GET, PUT, DELETE)
      • Enable the compliance policy (POST)
      • Disable the compliance policy (POST)
      • Retrieve list of logs associated with the compliance policy (GET)
      • Run the compliance policy against associated devices (POST)
    • Devices
      • Retrieve executable compliance policy actions triggered on a device (GET)
      • Retrieve the status of all compliance policies assigned to the device (GET)
      • Run a compliance policy on the device (POST)
    • Mail Servers
      • Retrieve list of configured email servers (GET)
      • Create a new configuration to email server (POST)
      • Manage existing email server configuration (GET, PUT, DELETE)
      • Rename the email server (PUT)
      • Update the email server configuration (PUT)
      • Test the email server configuration (PUT)
    • Reports
      • Download CSV of filtered list of compliance policies (GET)
      • Email filter list of compliance policies (POST)
    • Search
      • Execute advanced (raw) MobiControl Search request (POST)
      • Start SOTI MobiControl search synchronization with SOTI MobiControl database (POST)

Bug Fixes

MC‑93780 Added caching for Device Group Tree to improve device check in performance
MCMR‑18625 Alert rules were not triggered when applied to root group
MCMR‑19520 External SD card encryption alert was being triggered even though no external SD card was inserted in device
MCMR‑19533 Email notifications were not sent after an alert was triggered
MCMR‑20191 A timeout configuration was added to accommodate long-running processes that failed due to an inadequate timeout period
MCMR‑20281 Mail on Android devices stopped working when a management service in a load-balanced environment that leveraged ERG was temporarily shut down
MCMR‑20353 Windows Mobile and CE devices did not enroll successfully when using the SOTI MobiControl Stage Agent
MCMR‑20419 Custom Attributes were not propagated to devices after they were assigned in the console
MCMR‑22303 Fixed issue that limited the total enrollment of Android Enterprise Managed devices to 10
MCMR‑22296 Occasionally, upgrade failed when database tables were modified and caused the database size to increase significantly