SOTI MobiControl

SOTI VPN is an all-new secure tunnel that is simple to configure from the convenience of the SOTI MobiControl console. It has been specially designed for front-line worker use cases, providing them with a seamless user experience that requires no additional steps to initiate the VPN connection or provide authentication credentials, it’s all automated. On Android and Windows, SOTI VPN can be used to tunnel all device network traffic or traffic destined for specific IP ranges. Additionally, on Android, per-App VPN can be used to focus the VPN tunneling capability to only select apps.

Administrators can now control Android operating system updates for their Samsung Knox devices using the Samsung Knox E-FOTA policy within SOTI MobiControl. With this single pane of glass experience, administrators can effortlessly ensure all their Samsung Knox devices are on the exact firmware version they need for reliable business operations. This centralized management approach simplifies the upgrade process and provides greater oversight and control over the device fleet.

The Apps Dashboard centralizes app workflows, providing a consolidated view of app-related information with real-time status updates across devices. It simplifies the management of app configurations and policies, ensuring consistent deployment. The new one-click retry feature for failed installations further streamlines the process, minimizing downtime and simplifying issue resolution.

SOTI MobiControl administrators can now have a holistic overview of all their certificates in SOTI MobiControl. The Certificates Dashboard is engineered to streamline the tracking, monitoring, and management of device certificates in MobiControl. Not only does it enhance process efficiency, but it also eliminates renewal-related frustrations and proactively minimizes the risk of unnoticed renewal failures, ensuring smooth, uninterrupted device operation.

This update introduces a modern and intuitive user interface for the SOTI MobiControl installer, providing customers with clearer visibility of missing prerequisites and direct links for installation, streamlining the setup process. The enhanced installer also enables silent installations, reducing user interaction time and improving overall efficiency.

You can now start a SOTI XSight Live View (Patent Pending) session directly from the SOTI MobiControl Devices Dashboard. The Live View device action provides real-time location and critical business insights for the selected devices in SOTI XSight Live View. This feature can be used for a single device, multiple devices, or a device group.

Users can now streamline profile deployment by assigning installation priorities, ensuring profiles are installed in a specific order on Android devices. If a high-priority profile fails, users can halt lower-priority installations automatically. This reduces the need for workarounds and minimizes human error during device staging, while improving standardization, traceability, and predictability in the provisioning process. This feature is supported only on Android agent 2025.0.0.

Declarative Device Management (DDM) configurations, activations and assets allow devices to react to state changes and apply management security policies without connecting to the SOTI MobiControl server.

Administrators can now efficiently configure Wi-Fi and Kiosk Mode settings for ChromeOS devices without requiring the Google Admin console, ensuring seamless connectivity, enhanced security and customized device experiences.

Administrators can now configure apps to run in Single-App mode, restricting user access to only essential business-critical applications. Device inactivity settings are customizable, enabling the display of digital signage content during idle periods. Additionally, enhanced CTRL+ALT+DEL options for improved administrators control and dark mode capabilities in native lockdown are now available.

Introducing streamlined Windows Update management with bulk update approvals, a centralized view, and delivery optimization for faster update downloads. These enhancements reduce administrators' time and costs while, optimizing bandwidth usage.

Administrators can now export File Sync policies from one SOTI MobiControl environment and import them into another. This feature facilitates the quick transfer of File Sync policies across multiple environments, reducing the need for repetitive manual copying and lowering the risk of human error.

Administrators can now clone file sync policies, making it easier and faster to replicate existing configurations across your organization. This new feature streamlines policy management by allowing you to create identical copies of your file sync policies with just a few clicks, ensuring consistency and saving time when setting up or modifying policies.

Compliance Policy’s new SOTI Identity Compliance Access action can be used to limit the third-party applications which users may access via SOTI Identity. This action is to be used in conjunction with SOTI Identity’s Secure Access Control policy.

Administrators can now save and share assignment filters for easy reuse across multiple profiles and policies. Filters can be named, edited, and deleted, reducing the time spent on repetitive tasks and improving accuracy in filter application.

Administrators can now directly configure Shared Devices to use an Entra ID directory. There is no longer the need for the additional configuration of an Entra ID (formerly Azure AD) identity provider (IdP) which acted as an intermediatory interface. This simplifies the configuration experience for administrators and also optimizes the real-time authentication experience for mobile device users.

This feature lets SOTI MobiControl administrators configure scripts that automatically run when a device user logs out from a shared device. Administrators can delete leftover documents and app-specific logs to protect user privacy and streamline troubleshooting.

This feature gives users a visual indicator in the web console when a remote-control session is active on a device. Users can also see the duration of the session and identify who initiated it, enhancing the auditing process for administrators.

Signal now supports the following device actions when a policy is triggered: blocking Exchange access, allowing/blocking SOTI Hub access, clearing SOTI Hub’s cache, and logging out Shared Devices.

Automated actions from Signal, such as relocating a device or triggering an alert, are now supported based on device’s entry or exit of an outdoor geofence.

Administrators can monitor the status of their Cloud Link Agents using Signal Policies, allowing administrators to configure automated actions whenever a Cloud Link Agent related event occurs. This feature eliminates the need to manually monitor the health of Cloud Link Agents, which can lead to faster issue discovery and resolution.

Administrators can now configure automated device actions of “unenroll device” or “disable device” whenever the assigned user is in a disabled state. This only applies to users belonging to Microsoft Active Directory. This setting can be configured in enrollment policies when the directory authentication is selected.

Administrators can now perform bulk deletions of packages via the web console. This feature enables efficient removal of multiple unused or outdated packages at once, streamlining system maintenance.

This update introduces real-time monitoring of SOTI MobiControl's database size, specifically for environments using SQL Express, to effectively manage the 10 GB size limit. SOTI MobiControl now provides proactive notifications when the database reaches a preset threshold of 90%. These notifications enable administrators to take timely action, preventing unexpected failures and reducing potential downtime.

When configuring a Signal Policy's send script action, users can now access Script Manager. This feature enables efficient management of script operations, including adding, deleting, and modifying device scripts across various types supported in SOTI MobiControl, such as JavaScript, Legacy Script, PowerShell, and more. This streamlined process saves time and lets users perform these tasks seamlessly during Signal Policy configuration.

SOTI MobiControl now supports Microsoft SQL Server 2022, enhancing security for enterprise customers. This update ensures IT policy compliance, reduces security vulnerabilities, and allows customers to utilize the latest SQL Server features.

Administrators can now filter profiles, enrollment policies, and app policies by device type for more precise results, improving operational efficiency.

Administrators can now sort Custom Attributes in ascending or descending order within Device Details, streamlining data organization and improving workflow efficiency.

Administrators can now share to their device users a device-specific, one-time password generated by SOTI MobiControl to enter administrator mode on the Android agent. Once used, MobiControl automatically regenerates the device-specific administrator password, ensuring security and ease of use. This enhancement provides a secure and efficient way to allow administrative access on devices, improving overall device management and control.

Administrators can execute legacy scripts when a device is inactive via the Device Inactivity payload. This allows administrative scripts to be executed only when the device is idle and avoids mobile worker disruption.

Administrators can now disable Media Access Control (MAC) address from being randomized for a specific Wi-Fi Service Set Identifier (SSID) via the Wi-Fi payload in profiles. This allows devices to retain a static MAC address which a Network administrator can use to allow access to corporate Wi-Fi networks.

When configuring your Managed App settings, simply fill in the required fields and export the configuration. This allows you to easily apply the Managed App configuration to another App Policy targeting the same app.

Administrators can now enforce a unique 4 to 16-digit Android OS Personal Identification Number (PIN) requirement for their shared device users, ensuring devices are secured before completing the login process., This action maintains IT security policies while protecting the mobile worker’s data with a personalized PIN.

Administrators can now view suggestions for new namespaces and functions as they type their JavaScript script just as they would in an IDE (integrated developer environment). In addition, errors will be highlighted allowing the user to troubleshoot their scripts.

Administrators can now use the SOTI MobiControl Companion, an enterprise app that supports devices enrolled through Google's Android Management API (AMAPI) to provide a range of features that extend beyond the native AMAPI capabilities. These include Remote View, File Sync policy, Out of Contact management, and many more. This is applicable only for Android devices enrolled as Android Enterprise Work Profile and Corporate Personal via AMAPI.

Quickly search and navigate to over 90 Feature Control settings available in the profile.

Assign specific network slices to managed apps on a carrier's 5G Standalone (SA) network. This ensures that all traffic for a designated managed app are routed to the slice identified by a specified Data Network Name (DNN) or App Category, which can be obtained from your carrier provider. Additionally, you can now enforce your iOS device to use mobile data.

Automatically reset the device, erase data, connect to Wi-Fi, and enroll in SOTI MobiControl.

As part of the App Policy, select the day and time for app updates to occur.

As part of Apple Advanced Configurations, administrators can now configure accessibility settings for their iOS devices.

Restrict access to Shared iPad for Business devices to authenticated users only.

As part of Apple Advanced Configurations, administrators can now configure accessibility settings for their iPadOS devices. In addition to device assignment, you can assign this configuration to Shared iPad users as well.

Create a managed administrator user account to enable zero-touch deployment for improved security and access to system settings and data.

IKEv2 provides more efficient, advanced encryption and enhanced security protocols to establish a secure, encrypted VPN connection.

End-users can sign in at the macOS login window, which will automatically authenticate them with the corporate Identity Provider and sign the user into apps and websites.

Automatically deploy and manage App Store applications with VPP support and Enterprise Applications for tvOS devices.

You can now deploy Microsoft Store and .exe apps through the Windows Modern app policy. The improved user interface ensures a seamless and efficient app deployment experience.

New app catalog has been introduced, allowing users to view and install suggested apps while distinguishing between mandatory and optional ones. Administrators can now manage app visibility to ensure compliance and security.

Administrators can now remove apps from the app listing, block non-administrator users from installing apps, and view a complete list of installed applications. The app status system has been enhanced with a new "Failed" status for Windows Modern devices.

Administrators can now preview configured Lockdown device screens directly from the web console, allowing for verification and accuracy checks before deployment.

Health attestation attributes are now available as search parameters in SOTI Search, allowing for more precise filtering and management of device security and compliance.

Administrators can now view current logged-in user details on Windows Modern devices in real time on SOTI MobiControl web console, improving security and operational efficiency.

Administrators can now create local users, define group memberships (Standard or Administrator), manage passwords and delete accounts on Windows Modern devices through the SOTI MobiControl web console, streamlining security and user management.

Administrators can now configure Microsoft Single-App Kiosk Mode with an improved UI, the ability to select from available applications, support for Microsoft Edge in digital signage, enhancing productivity and simplifying kiosk setup.

Administrators can now control Microsoft Edge browser settings on managed devices via SOTI MobiControl, including password manager, allow/block lists, incognito mode, and homepage settings, enhancing security and governance.

After a Windows Modern device is re-imaged or reset, SOTI MobiControl checks device identifiers based on settings defined in Global Settings. If the criteria are met, a new device entry is not created, preventing duplicates and conserving licenses.

Administrators can now manage and schedule device reboots, ensuring that security policies and configuration changes take effect promptly. This enhances device functionality and reduces the need for manual intervention.

Administrators now have a dedicated payload for Defender Antivirus, providing improved visibility and granular control over configurations. This update reduces security risks, ensures compliance, and streamlines antivirus management.

Administrators can now deploy SOTI Surf on Windows devices, providing a customized, secure and tailored browser experience on Windows Modern devices (versions 10 and 11) via a Windows SOTI MobiControl profile.

Administrators can now enable a toggle from the SOTI MobiControl web console for Android Classic and Enterprise to collect browsing data, including web visits and errors. The collected data is accessible in SOTI XSight dashboards.

SOTI Hub can now be used to access the files that are hosted in MobiControl’s Content Library. Content Library serves as a simple and convenient document repository for both on-premises and cloud customers for Android and iOS devices. By being built-in to MobiControl, administrators don’t have to worry about the complexities large scale document systems like Microsoft SharePoint, which is ideal when they have relatively few documents that need to be made available to MobiControl managed mobile devices.

Starting with SOTI MobiControl 2025.0.0, the option to enroll Windows Phone and Windows HoloLens devices has been removed.

Starting with SOTI MobiControl 2025.0.0, we are ending support for the enterprise app option within the Windows Modern app policy. Users will no longer be able to upload XAP file formats and cannot see or setup Enterprise app configurations under Global Settings.

Starting with SOTI MobiControl 2025.0.0, Alert rules are deprecated. Upon upgrade from an earlier release version to 2025.0 pre-existing Alert Rules will be automatically converted to Signal Policies. After the upgrade, Administrators will receive an in-product notification with details of the conversion. Successfully converted policies appear in the Signal policies section. It is important to note that the converted policies will be initially disabled. Administrators must review and enable these policies for them to take effect.

The administrative interface of Content Library, MobiControl’s built-in document repository, has been migrated from the web console’s legacy user interface to the modern interface. The configuration of document distribution to devices, which used to be performed via Content Library Policies, is now performed via the SOTI Hub profile payload. Device users who previously access the Content Library documents via the MobiControl Agent will now do so via the SOTI Hub app on Android and iOS devices.