Thanks, @noud for that.
From my analysis, you can achieve what you are looking for using a combination of Geofence, Compliance Notifications, and Scheduled Reports.
- First, you have to create a Geofence around your base.
- After creating a fence, apply the Geofence via a new policy to all of your targeted devices.
Now, browse to Admin Tab > General Settings. Find Scheduled Device Scan.
- Choose “Daily” under Time settings.
- Set the Initiate Scan at to a suitable time after which you expect all of your devices to be back at the base. In your case, it would be around 9.00 PM.
- Find Compliance Settings in the General Settings and ensure that “Device moves out of geofence” is the only option checked.
- Go to Admin Tab > Notifications. In Notify the administrators on check “Device out of compliance”.
- Browse to Admin Tab > General Settings. Find Inactivity Settings. Check “Mark Inactivity” and set the “Duration” for one day.
- Finally, navigate to Admin > Scheduled Reports. Create a new Scheduled Report with the following configurations-
- Time Settings – Daily
- Initiate Scan at – Choose a suitable time, here around 9 PM would be ideal.
- Select Report category – Devices
- Select Report – Inactive devices.
Provide the other details as per your necessity and “Save”.
That’s it. The console should send you an alert via email for each device that has not reached the base at the set time. You will also receive a report of any devices that have been turned off or have been inactive.
Let me explain what happens once you finish setting these configurations.
At the specified time under “Scheduled Device Scan”, the server will request a complete scan of the device. Now, if your device is returned to the base, the device will be inside the Geofence. If not returned, it will render the device non-compliant, as the device is out of the Geofence and you have set “Device moves out of geofence” as a parameter for compliance.
As soon as the device is non-compliant, you will receive an e-mail stating that the device has gone out of the Geofence, which would help you to know which devices have not been returned.
You can head over to the Hexnode console and browse to the Reports Tab > Device Reports > Non-Compliant Devices to view all the devices that have not returned to the base at the set time.
You can also head over to the Hexnode console and browse to the Reports Tab > User Reports > Non-Compliant Users to view all the users who have not returned their devices to the base at the set time.
If by any chance, the device loses internet connectivity or becomes inactive, you can find such devices in the Scheduled Report that will be arriving at your e-mail every day
Though this method is very effective and provides you with automated alerts, you will be missing out on a few security features. As the only compliance criterion set is Geofence, the console will be disregarding other compliance checks like passcode checks.
Also, be aware that there is no way to know if the device has been returned to base after the set scan time, without manually accessing the console and running a manual scan.
Try it out and keep me posted of any updates.
Shawn Payne.
Hexnode UEM.