14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Managing 'Android Enterprise' Devices
  3. Restrictions

Category filter

Configure and deploy Knox Service Plugin app for Samsung devices

Jump To

The Knox Service Plugin (KSP) is Samsung’s OEMConfig application that allows enterprises to access and use all the Knox management features on their UEM consoles as soon as they are released in the market. KPE provides defense-grade security to a wide range of Samsung devices and equips them with best-in-class hardware security, policy management, and compliance capabilities, in addition to the extensive security features offered by UEM solutions. As a result, IT admins need not wait for their UEM solutions to integrate the latest Knox features to be able to deploy them to their corporate devices, hence providing IT admins better control over the distribution and configuration of KPE features. The KSP application must be added and approved in the Hexnode UEM portal before you can deploy the app to your target devices.

Notes:

  • Your organization should be enrolled in the Android Enterprise program.
  • The Knox Service Plugin application is supported on Knox-supported Samsung devices running on Android 9.0 (Knox 3.2.1) and above. However, in the case of Knox-supported Samsung devices enrolled as Device Owner, the KSP application is supported from Android 8.0 (Knox 3.0).

Adding and approving the Knox Service Plugin application from Policies

The Knox Service Plugin application must be approved and added to the app inventory before you can configure it and associate it with your target devices. To add and approve the KSP application,

  1. Login to your Hexnode UEM portal.
  2. Navigate to Policies > New Policy > New Blank Policy.
  3. Enter suitable details for Policy Name and Description. Click on Android and select Knox Service Plugin under Restrictions.
  4. Click on Add and Approve. Select the Knox Service Plugin application from the list of applications and click on Approve.
  5. Another pop-up arises showing the permissions required for the application. Go through it and click on Approve to finalize.
  6. On the Approval Settings page, you can choose the method you would like to handle new app permission requests. You can choose between
    • Keep approved when app requests new permissions – Select this to enable automatic reapproval. This ensures that the application is reapproved regardless of the new permissions being requested.
    • Revoke app approval when this app requests new permissions – when the application requests new permissions, remove the app from the Managed Play Store app on the device until it is reapproved.
  7. Notifications tab. Here you can add email addresses to subscribe for email notifications when the apps you have approved request new permissions. Enter the email address and click on Add. You can add as many subscribers as you need. Click on Save.

Configuring the Knox Service Plugin application

Once the Knox Service Plugin application has been added and approved in the Hexnode UEM portal, you can configure the app settings and preferences via policies by following the steps given below:

  1. Login to your Hexnode UEM portal.
  2. Navigate to Policies > New Policy > New Blank Policy.
  3. Enter suitable details for Policy Name and Description. Click on Android and select Knox Service Plugin under Restrictions.
  4. Click on Configure. If the Knox Service Plugin application has already been added and approved, click on the Configure button.
  5. Configure the available settings and click on Done.
  6. In the Configure Applications window, you can edit the permissions, preferences and configurations of the KSP application. Once completed, click on Done.

Check out Knox’s example schema to get a detailed description of all the available configurations. You can configure device restrictions, policies, network settings, certificates, privacy preferences and much more using the Knox Service Plugin application.



Associating Policy Targets

If you haven’t saved the policy yet,

  1. Go to the Policy Targets tab within the Policy.
  2. Click on + Add Devices.
  3. Search and select the devices with which the Policy needs to be associated with and click on OK. You can also associate policies to Device Groups, Users, User Groups or Domains from the left pane underneath the Policy Targets tab.
  4. Save the policy to associate the policy to the device.

If you have saved the policy,

  1. From your Policies tab, check the policy.
  2. Select Associate Targets from Manage.
  3. Select the devices and click on Associate to get the policy associated with these devices.

Change approval settings for the KSP application

When you add an app to your inventory, you’re prompted to set up approval preferences as part of that process. However, you can change these settings later if you need to.

  1. Log into your UEM portal.
  2. Go to Apps and Click on the +Add apps button.
  3. Select Managed Google Apps from the drop-down list.
  4. Browse the required work apps and click on Approval preferences.
  5. Go through the Approval Settings and Notifications tab.
  6. Make necessary changes and click on Save when you are done.

To remove an app from the approved list,

  1. Log into your Hexnode UEM portal.
  2. Go to Apps and Click on the +Add apps button.
  3. Select Managed Google Apps from the drop-down list.
  4. Browse the required work apps and click on Unapprove.
Need more help?
Raise a Ticket Raise a Ticket
Ask Community Ask Community
Chat With us Chat With us
  • Managing 'Android Enterprise' Devices