Reference Guide
Security Management Server Virtual - AdminHelp v9.8
75
Update Date - Date/time stamp that the agent was updated.
Provisioned Date - Date/time stamp that the client was provisioned.
Mobile Device Detail
For Mobile devices, once a device is discovered, commands are carried out on this page. Unlike policies and
restrictions that are concerned with enforcement, commands are pushed to the device to enable an action.
Commands:
Command
Sent
Sender Acknowledged Error
Wipe Device – (shared iOS and EAS command) To
permanently delete all media and data on the device and
restore it to factory settings, iOS can remotely wipe iPhone
and iPad. This is primarily to support a quick remote wipe
operation.
Date and
timestamp of
when the
command was
sent.
Name of the
sender that
sent the
command.
Date and timestamp of
when the command was
implemented on the
endpoint.
Used for internal
troubleshooting.
Block Device – (EAS only command) You can send an
administrative override to the device to immediately block
Exchange services. This command is independent of policy
values. Date and timestamp of when the Policy Proxy sent
the command to the endpoint.
Date and timestamp of
when the command was
implemented on the
endpoint.
Allow Device – (EAS only command) This command reverses
the Block Device command. Once a device is blocked by your
administrative override, the only way to restore access to
Exchange services is to invoke this command. This command
is also independent of policy values. For example, if you
have set the Allow Non-iOS Devices policy to False, invoking
this command has no effect.
Date and timestamp of
when the Policy Proxy
sent the command to the
endpoint.
Cloud Device Control
Cloud device commands apply to the selected endpoint and are carried out from the Cloud Device Control
section of the device's endpoint page. Unlike policies, commands are pushed to the device to enable an
action.
Commands:
Suspend - Suspends the endpoint device. It does not suspend the user account.
Unsuspend - Unsuspends the endpoint device.
SED Device Control (Windows only)
Current State of the Endpoint - Unlocked or Locked
Commands:
SED commands for a specific endpoint are carried out in the SED Device Control area. Each command has a
priority ranking. A command with a higher priority rank cancels commands of lower priorities in the
enforcement queue. For a list of command priority rankings, see
Priority of Commands for Self-Encrypting
Drives.
Lock - Locks the PBA screen and prevents any user from logging into the computer.
Unlock - Unlocks the PBA screen after it has been locked on this endpoint, either by sending a Lock
command or by exceeding the maximum number of authentications attempts allowed by policy.
Remove Users - Removes all users from the PBA.
Bypass Login - Bypasses the PBA screen one time to allow a user into the computer without authenticating.
The user will still need to login to Windows after PBA has been bypassed.