Configuration Profiles
From Securepoint Wiki
 |
Contents
Managing profiles for iOS or Android devices in the Mobile Security Portal
Last adaptation to the version: 1.4.8 (11.2019)
- New:
-
- iOS profiles: Configuration of Exchange ActiveSync and email with placeholder variables for user name and email address
- Copy & paste of profiles (from v.1.4.8 09.2019)
- WLAN profiles can be pushed in the Networks tab (from v.1.4.7 07.2019)
- The region can be defined for Switzerland in the Security tab. (from v.1.4.7 07.2019)
- Android devices from version 10 (Q) are exclusively administered with Android Enterprise Profiles.
Preamble
In a profile, permissions, restrictions, password requirements, e-mail settings and security settings are configured.
Several users or user groups (roles) can be assigned to a profile.
Many devices or device groups (devices designated by tags) can be assigned to a profile.
For a large number of devices and users it is recommended to map the assignment via groups.
Overview of profile management
In the profile overview new profiles can be created, existing ones can be edited and deleted. The view of the profiles can be displayed in the list or tile view. You can also view details of existing profiles, update the list of profiles, and publish profiles.
General Options
Filter displayed profiles |
The search criteria can be filtered to specific areas: all Devices operating system tags roles used User |
Add profile |
Creates a new profile. The settings in the profile vary depending on the operating system. See Edit iOS / Edit Android |
Publish profile |
The transmission may take a few minutes. The changes to a profile must be published so that they can be transmitted to the devices. |
Import profile |
Show details |
Show details |
List view / Grid view |
List view / Grid view |
Switch between lists and grid view. |
Refresh |
Refresh the display |
Profile tile
The button at the top right of each profile tile provides the following options:
| Edit | Editing the settings (see below) |
| Export | Exporting the settings |
| Kopieren | New Copying the profile to the clipboard |
| Revoke | The profile is withdrawn, i.e. it is no longer available on the devices, but can be configured. |
| Delete | The profile is deleted. |
Details displayed in the profile tile:
Updated Changes have been made to the profile that have not yet been published!
PARTIALLY INSTALLED The transfer of the profile could not be completed completely.
OS IOS bzw Android
Roles Roles
Users User
Devices Devices
Tags Tags
Parts Restrictions | Security
Copy & paste of profiles
Click on the logo of the profile tile to mark it. In the general options, another field now appears under the filter mask:
| Action for selected items | Please choose | Execute the selected action with Ok | ||
| Copy | Copies one or more selected profiles to the clipboard. | |||
| Delete | Deletes one or more selected profiles | |||
| New button | Paste | Inserts a copy of a profile from the clipboard.
|
iOS profile
General iOS
General
Datei:MS v1-4-7 Profile iOS Allgemein-en.png
General Settings
| Caption | Values | Description |
|---|---|---|
| Platform | IOS | Device OS. When creating a new profile, ANDROID can also be selected here. tab and Functions differ depending on the selected operating system. |
| Name | Name | Profilname |
| Priority | 5 | The higher the number, the higher the priority. Is only used if a device is affected by multiple profiles. |
| Roles | Add roles | Klick-Box: The profile will be assigned to all devices of all users with these roles |
| Users | Add users | The profile will be assigned to all devices from these users |
| Devices | Add devices | The profile will be assigned to these devices |
| Tags | Add tags | The profile will be assigned to all devices with these Tags |
| Comment | Comment | Kommentar |
Save
Network
Network
In this section, access profiles for WiFi networks can be configured and pushed to the device.
Add a network configuration with Konfiguration hinzufügen
| Caption | Values | Description |
|---|---|---|
| Name | Name | Name of the configuration |
| Type | WiFi | Configuration type (WiFi predefined) |
| SSID | SSID | The SSID of the network |
| Security | None WEP-PSK WPA-PSK |
Security Level |
| Passphrase | Passphrase | The networks passphrases |
| Hidden SSID | Specifies whether the SSID of the network is visible (button off) or hidden (button on). | |
| Autoconnect | Enable to automatically connect the device to the network. |
Finish the configuration with Save
Restrictions
Restrictions
Configuration by clicking on Activate restrictions
Numerous restrictions can be configured to control the behavior of a device.
List of possible restrictions with default values and explanations
The last column (SO) indicates if this function is only available in supervised mode (supervised only) .
| Restriction | Default | Explication | |
|---|---|---|---|
| Restrict App Usage (supervised only). | Allow all apps Do not allow specific apps Do allow only specific apps |
Konfiguriert, ob für Apps keine Einschränkung, eine Blacklist oder eine Whitelist verwendet wird. |
✓ |
|
Clickbox for selecting apps | Depending on the selection in the line above: Blacklisted Apps / Whitelisted Apps 'Searches the entire app store for possible apps. |
✓ |
| Allow App Removal | Allows the user to remove apps | ✓ | |
| Allow Trusting Enterprise Apps | Allows the user to trust enterprise apps. (Apps that can be deployed without the iTunes App Store and don't need to be authorized by Apple) | ||
| Allow Explicit Content | Allows the user to access explicit content. When activated, the SafeSearch function is switched off by search engines. | ||
| Allow Screenshots and Screen Recording | Allows the user to take screenshots or screen recordings | ||
| Allow Remote Screen Observation | Allows you to observe the screen in a classroom, for example. | x | |
| Allow use of iMessage | Allow use of iMessage (Supervised mode only) | ✓ | |
| Allow Bookstore | If this value is set to false, the iBookstore will be disabled. (Supervised mode only). | ✓ | |
| Allow Bookstore Erotica | If set to false, the user will not be able to download media from the iBookstore that is tagged as erotica. (Supervised mode only). | ✓ | |
| Allow Apple Music | If set to false, Apple Music will be disabled in the Music app. | x | |
| Allow iTunes Radio | If set to false, iTunes Radio will be disabled in the Music app. | ||
| Allow Shared Stream | If set to false, the shared stream is disabled. | ||
| Allow Wallet While Locked | If set to false, Wallet notifications will not be shown on the lock screen. | ||
| Allow UI Configuration Profile Installation | If set to false, the user is prohibited from installing configuration profiles and certificates interactively. (Supervised mode only). | ✓ | |
| Allow use of iTunes | Allows the user to use iTunes | ||
| Allow use of News | Allows the user to access and use News | ||
| Allow use of Safari | Allows the user to use Safari | ||
| Allow Game Center | Allows the Game Center (Supervised mode only). | ✓ | |
| Allow Adding Game Center Friends | Allows the user to add Friends on Game Center | ||
| Allow modifying Bluetooth settings | Allow modifying Bluetooth settings | ||
| Allow Modifying Cellular Data Usage for Apps Settings | Allows modifying cellular data usage for apps settings | ||
| Allow Modifying Device Name | Allows the user to change device names. | ||
| Allow Modifying Wallpaper | Allows you to change the background image. (Supervised mode only) | ✓ | |
| Allow Configuring Restrictions | Allows the user to configure restrictions. (Supervised mode only) | ✓ | |
| Allow Automatic Sync While Roaming | Allows automatic synchronization during roaming. | ||
| Allow iCloud Sync for Managed Apps | Allows iCloud synchronization for managed apps. | ||
| Allow Enterprise Books Backup | Allows Enterprise books to be backed up. | ||
| Allow Enterprise Books Notes and Highlights Sync | Allows Enterprise Books to synchronize notes and highlights. | ||
| Allow In App Purchases | Allows the user to make purchases within applications | ||
| Allow Multiplayer Gaming | Allows Multiplayer Gaming | ||
| Allow voice dialing while device is locked | Allows voice dialing while device is locked | ||
| Force Encrypted Backups | Forces encrypted backups | ||
| Force Apple Watch Wrist Detection | Forces Apple Watch Wrist Detection | ||
| Allow Pairing With Apple Watch | Allows Pairing With Apple Watch | ||
| Allow Erase All Content and Settings | If set to false, the user cannot choose the option "Erase All Content and Settings" in Settings → General → Reset (Supervised mode only) | ✓ | |
| Allow Internet results in Spotlight | If set to false, search results from the web will not be shown in Spotlight. | ||
| Allow iCloud Document Sync | Allows document syncing with iCloud | ||
| Allow user to accept untrusted TLS certificates | Allows user to accept untrusted TLS certificates | ||
| Allow Photo Stream | Allows Photo Stream to be used on the device | ||
| Allow iCloud Photo Library | Allows iCloud Photo Library to be used on the device | ||
| Allow iCloud Backup | Allows backup using iCloud | ||
| Require iTunes password for all purchases | Require the user's iTunes password to be entered for every purchase | ||
| Apps Ranking Number | 1000 |
Ranking number for apps | |
| Movies Ranking Number | 1000 |
Ranking number for movies | |
| TV Shows Ranking Number | 1000 |
Ranking number for TV Shows | |
| Region Code | Germany | Two-character code for the region used to specify ratings }} | |
| Accept Cookies in Safari | Klickbox | Accepting cookies
|
|
| Allow AutoFill in Safari | Allows autocomplete in Safari browser. | ||
| Allow JavaScript | AllowS JavaScript in Safari | ||
| Allow Pop-ups | AllowS Pop-ups in Safari | ||
| Enable Fraud Warning | Enables fraud warning in Safari | ||
| Allow Predictive Keyboard | Allows Predictive Keyboard (Supervised mode only) | ✓ | |
| Allow Keyboard Shortcuts | Allows Keyboard Shortcuts (Supervised mode only) | ✓ | |
| Allow Auto Correction | Allows Auto Correction (Supervised mode only) | ✓ | |
| Allow Spell Check | Allows Spell Check (Supervised mode only) | ✓ | |
| Allow Define | Allows Define(Supervised mode only) | ✓ | |
| Enable allow open from unmanaged to managed | Allows managed apps to access unmanaged documents. | ||
| Enable allow open from managed to unmanaged | Allows unmanaged apps to access managed documents. | ||
| Treat AirDrop as Unmanaged Destination | When activated, protected (managed) data is prevented from leaving the device unauthorized by Airdrop. | ||
| Allow Handoff | If this value is set to "false", handoff is deactivated. Handoff allows you to continue an activity started on an iOS-device on another device. | ||
| Touch ID/Face ID zum Entsperren erlauben}} | Allow Touch ID/Face ID to Unlock Device | ||
| Allow Modifying Notifications Settings | Allows Modifying Notifications Settings | ||
| Allow incoming AirPlay requests | Allows incoming AirPlay requests | ||
| Allow pairing with Remote app | Allows pairing with Remote app | ||
| Allow dictation | Allows dictation | ||
| Allow Camera Use | Allows the user to use the camera | ||
| Video-Konferenz erlauben}} | Allow Video Conferencing | ||
| Allow Siri | Allows Siri | ||
| Allow Siri While Locked | Allows Siri while device is locked | ||
| Enable Siri Profanity Filter | Enables Siri Profanity Filter (Supervised mode only) | ✓ | |
| Allow Siri User Generated Content | When false, prevents Siri from querying user-generated content from the web. | ||
| Allow App Installation from Apple Configurator and iTunes | Allow only a connected Mac host to install applications | ||
| Allow Automatic App Downloads | Allows Automatic App Downloads (Supervised mode only) | ||
| Allow Automatic App Downloads | Allow the user to install applications | ||
| Allow Modifying Passcode | The user is allowed to change the pass code. (Supervised mode only) | ✓ | |
| Allow Modifying Touch ID/Face ID | The user is allowed to change the Touch ID/Face ID. | ✓ | |
| Allow diagnostic submission | Send diagnostic and usage stats to Apple | ||
| Allow modifying diagnostics settings | The user is allowed to change the diagnostic settings. |
Save
Passcode
Passcode
Configuration by clicking on Activate Passcode
| Operation | Default | Description | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Require Passcode on Device | Enforces the use of a passcode before using the device | ||||||||||||||||
| Set maximum number of failed attempts | Number of passcode entry attempts allowed before all data on device will be erased
| ||||||||||||||||
| Set auto-lock | The number of minutes for which the device can be idle (without being unlocked by the user) before it gets locked by the system Automatic lock after 15 | ||||||||||||||||
| Set maximum passcode age | The number of days for which the passcode can remain unchanged 730
| ||||||||||||||||
| Restrict password complexity | Allows restricting password complexity
| ||||||||||||||||
| Use Passcode History | Allows defining the number of different passcodes required between the reuse of passcodes
| ||||||||||||||||
| Use grace period for device lock | Allows defining the maximum time in minutes to unlock the phone
| ||||||||||||||||
Exchange ActiveSync
Exchange ActiveSync
It is possible to retrieve emails via https connections.
Configuration by clicking on Activate exchange
| Operation | Default | Description |
|---|---|---|
| Payload Certificate UUID | Select certificate | UUID of the certificate that is used for authentication. |
| Exchange ActiveSync Host | Enter host | Host name or IP address of the Exchange server. |
| Past Days of Mail to Sync | 7 |
synchronization period |
| Use SSL | Send all communication through Secure Socket layer | |
| Email Address | Select Email Address | The address of the account to be synchronized (e.g. "john@company.com"). New The entry %device_email% reads the email address from the user settings of the user to whom the device is assigned. |
| Domain\User | Username | Domain\user (e.g.: ttt-point.local\user ). The field must remain empty if the device is to ask.New The entry %device_user%} reads the user names from the user settings of the user to whom the respective device is assigned. |
| Password | Password | The password for the account |
| Prevent Move | If set to true, messages may not be moved out of this email account into another account. | |
| Prevent App Sheet | If set to true, this account will not be available for sending mail in third party applications | |
| Allow Mail Drop | If set to true, this account is allowed to use Mail Drop. | |
| S/MIME Enabled | If set to true, this account will support S/MIME | |
| S/MIME Signing Enabled | If set to true, this account will enable message signing. | |
| S/MIME Encryption Enabled | If set to true, this account will support message encryption. | |
| S/MIME Enable Per-Message Switch | If set to true, enable the per-message encryption switch. | |
| Disable Mail Recents Syncing | If set to true, this account is excluded from address Recents syncing. |
Save
Email
A mail profile can be configured in the Email Settings.
These settings affect IMAP or POP3 accounts.
Settings for Exchange ActiveSync must be made in the corresponding tab!
Configuration by clicking on Activate Email
| Operation | Default | Description | ||||
|---|---|---|---|---|---|---|
| Account Description | Account Description | The display name of the account (e.g. "Company Mail Account") | ||||
| Account Name | Account Name | The display name of the user (e.g. "John Appleseed") New The display name can be combined with the variable %device_user_name%. The variable reads from the user settings of the user to whom the respective device is assigned the fields first name and last name. e.g.: {ic | ||||
| Email Address | Email Address | The address of the account (e.g. "john@company.com") New The entry %device_email% reads the email address from the user settings of the user to whom the device is assigned. | ||||
| Prevent Move | If set to true, messages may not be moved out of this email account into another account. | |||||
| Disable Mail Recents Syncing | If set to true, this account is excluded from address Recents syncing. | |||||
| Allow Mail Drop | If set to true, this account is allowed to use Mail Drop. | |||||
| Prevent App Sheet | If set to true, this account will not be available for sending mail in third party applications | |||||
| S/MIME Enabled | If set to true, this account will support S/MIME | |||||
| S/MIME Signing Enabled | If set to true, this account will enable message signing. | |||||
| S/MIME Encryption Enabled | If set to true, this account will support message encryption. | |||||
| S/MIME Enable Per-Message Switch | If set to true, enable the per-message encryption switch. | |||||
Incoming mails | ||||||
| Operation | Default | Description | ||||
| Mailserver | Mailserver | Hostname or IP Address | ||||
| Port | 993 |
Port number for incoming mail | ||||
| Account Type | IMAP |
The protocol for accessing the email account | ||||
| Username | Select user | The username used to connect to the server for incoming mail New The entry %device_user%} reads the user names from the user settings of the user to whom the respective device is assigned. | ||||
| Path Prefix | Path Prefix | Path prefix for IMAP mail server | ||||
| Incoming Mail Server Authentification | authentication method | The authentication method for the incoming mail server None Password CrammD5 NTLM HTTPMD5 | ||||
| Password | Password | The password for the incoming mail server | ||||
| Use SSL | Send outgoing mail through Secure Socket Layer | |||||
| Outgoing mails | ||||||
| Operation | Default | Description | ||||
| Mail Server | Mail Server | Hostname or IP address for outgoing mail | ||||
| Port | 587 |
The port number for outgoing mail | ||||
| Username | Select user | The username used to connect to the server for outgoing mail. New The entry %device_user%} reads the user names from the user settings of the user to whom the respective device is assigned. | ||||
| authentication type | authentication method | The authentication method for the outgoing mail server Password CrammD5 NTLM HTTPMD5 | ||||
| Outgoing Password Same As Incoming | SMTP authentication uses the same password as POP/IMAP
| |||||
| Use SSL | end outgoing mail through Secure Socket Layer | |||||
Save
Security iOS
Security
Numerous settings are configured, that control the security of web applications.
Configuration by clicking on Activate security
| Aktion | Default | Beschreibung | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Region | Germany / EU | Geographical assignment of the VPN endpoint | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Protocol | TCP | Protocol used for VPN tunnel. TCP or UDP | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Portfilter Type | Filter network traffic based on network ports. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Open | all ports are open | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Closed | Only port 80 (http) and 443 (https) are enabled. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Selection | Port filter rule selection: Specify which port collections are open for network traffic:
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| SSL interception | Default | Defines whether or not to intercept SSL traffic. The default value is to intercept traffic based on content filter response. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Content-Filter-Whitelist | Add entries | Click box: Web pages that are to be added to a whitelist. Possible entries: Contentfilter | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Content-Filter-Blacklist | Add entries | Click box: Websites that are to be added to a blacklist. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Disable for SSIDs | Add SSIDs | Enter WLAN SSIDs for which the security features shall be disabled. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Disable for IP addresses | Add IPs | IP addresses or networks can be entered for which the security functions are to be deactivated, i.e. the individual host 192.0.2.192/32 or the entire subnet 192.0.2.0/24. For address blocks with less than three digits, a dot must be entered or navigated within the mask using the cursor keys. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Allow Suspend Always-On-VPN | Allows the user to temporary disable the VPN-Connection. If not activated manually, the VPN will resume at a time chosen by the user. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Appconfiguration | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Allow other VPN profiles | Allows adding other VPN profiles in addition to the security profile |
Save
Android Profile
General android
General
In addition to the name and the platform, the assignment to groups, users or devices can also be configured in the general settings.
| Caption | Values | Description |
|---|---|---|
| Platform | ANDROID | Device OS. When creating a new profile, iOS can also be selected here. tab and Functions differ depending on the selected operating system. |
| Name | Name | Profilname |
| Priority | 5 | The higher the number, the higher the priority. Is only used if a device is affected by multiple profiles. |
| Roles | Add roles | Klick-Box: The profile will be assigned to all devices of all users with these roles |
| Users | Add users | The profile will be assigned to all devices from these users |
| Devices | Add devices | The profile will be assigned to these devices |
| Tags | Add tags | The profile will be assigned to all devices with these Tags |
| Comment | Comment | Kommentar |
Save
Networks Android
Network
In this section, access profiles for WiFi networks can be configured and pushed to the device.
Add a network configuration with Konfiguration hinzufügen
| Caption | Values | Description |
|---|---|---|
| Name | Name | Name of the configuration |
| Type | WiFi | Configuration type (WiFi predefined) |
| SSID | SSID | The SSID of the network |
| Security | None WEP-PSK WPA-PSK |
Security Level |
| Passphrase | Passphrase | The networks passphrases |
| Hidden SSID | Specifies whether the SSID of the network is visible (button off) or hidden (button on). | |
| Autoconnect | Enable to automatically connect the device to the network. |
Finish the configuration with Save
Restrictions Android
Restrictions
Configuration by clicking on Activate restrictions
| Restriction | Default | Explication |
|---|---|---|
| Enable Camera Restrictions | After setting this, no applications will be able to access any cameras on the device. | |
| Enable Storage Encryption | This profile controls encryption of the secure (application data) storage area. Data written to other storage areas may or may not be encrypted, and this profile does not require or control the encryption of any other storage areas. Important Note: On some devices, it is possible to encrypt storage without requiring the user to create a device PIN or Password. In this case, the storage is encrypted, but the encryption key may not be fully secured. For maximum security, the administrator should also require a password. | |
| Enable WIFI Restrictions | After setting this, WIFI will be disabled permanently. | |
| Enable Bluetooth Restrictions | After setting this, Bluetooth will be disabled permanently. |
Save
Passcode Android
Passcode
Configuration by clicking on Activate Passcode
| Operation | Default | Description |
|---|---|---|
| Minimum password length | No password required |
Attention Attention The current password remains until the user sets a new one. The change therefore does not take effect immediately. (Values from 4 to 30 are possible) |
| Password Quality | Unspecified | After setting this, the user will not be able to enter a new password that is not at least as restrictive as what has been set. Attention Note that the current password will remain until the user has set a new one, so the change does not take place immediately. Quality constants are ordered so that higher values are more restrictive; thus the highest requested quality constant (between the profile set here, the user's preference, and any other considerations) is the one that is in effect. Something Numeric Numeric Complex Alphabetic Alphanumeric Complex
|
| Maximum Failed Passwords For Wipe | Setting this to a value greater than zero enables a built-in profile that will perform a device wipe after too many incorrect device-unlock passwords have been entered. |
Save
Security Android
Security
Numerous settings are configured, that control the security of web applications.
Configuration by clicking on Activate security
| Aktion | Default | Beschreibung | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Region | Germany / EU | Geographical assignment of the VPN endpoint | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Protocol | TCP | Protocol used for VPN tunnel. TCP or UDP | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Portfilter Type | Filter network traffic based on network ports. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Open | all ports are open | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Closed | Only port 80 (http) and 443 (https) are enabled. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Selection | Port filter rule selection: Specify which port collections are open for network traffic:
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| SSL interception | Default | Defines whether or not to intercept SSL traffic. The default value is to intercept traffic based on content filter response. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Content-Filter-Whitelist | Add entries | Click box: Web pages that are to be added to a whitelist. Possible entries: Contentfilter | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Content-Filter-Blacklist | Add entries | Click box: Websites that are to be added to a blacklist. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Disable for SSIDs | Add SSIDs | Enter WLAN SSIDs for which the security features shall be disabled. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Disable for IP addresses | Add IPs | IP addresses or networks can be entered for which the security functions are to be deactivated, i.e. the individual host 192.0.2.192/32 or the entire subnet 192.0.2.0/24. For address blocks with less than three digits, a dot must be entered or navigated within the mask using the cursor keys. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Allow Suspend Always-On-VPN | Allows the user to temporary disable the VPN-Connection. If not activated manually, the VPN will resume at a time chosen by the user. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Appconfiguration | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Allow other VPN profiles | Allows adding other VPN profiles in addition to the security profile |
Save