Category filter
Strategic Quickstart: Deploying Hexnode UEM for Unified Endpoint Management
Summary
Hexnode UEM is a cloud-native platform designed to manage and secure a multi-OS environment (iOS, Android, Windows, macOS, tvOS, ChromeOS, Linux, visionOS and FireOS). This quickstart MDM guide outlines the accelerated path from portal creation to full device enrollment and policy enforcement.
Phase 1: Portal Provisioning and Access
The first step in the device lifecycle is establishing your administrative command center.
- Sign-up: Register at Hexnode.com.
- Unique Portal URL: Your console is hosted on a dedicated subdomain (e.g., companyname.hexnodemdm.com).
- Technician Roles: Define Role-Based Access Control (RBAC) under Admin > Technicians and Roles to delegate management tasks securely.
Phase 2: Mandatory Platform Configurations
Before endpoints can be managed, the portal must be linked to OS-specific push services.
A. Apple Management (APNs)
To manage iOS and macOS, an Apple Push Notification service (APNs) certificate is mandatory.
- Path: Admin > APNs.
- Process: Download the CSR, upload it to the Apple Push Certificates Portal, and re-upload the signed PEM certificate to Hexnode.
B. Android Enterprise (AE)
For modern Android management (Work Profile/Device Owner), link your portal to a Google account.
- Path: Admin > Android Enterprise.
- Advantage: Unlocks silent app installation and managed Google Play.
C. Windows & macOS
Ensure the Hexnode UEM Agent is utilized for advanced management beyond standard MDM protocols.
Phase 3: Strategic Enrollment Methodology
Enrollment establishes the management link. Choose a method based on ownership (BYOD vs. Corporate).
| Method | Best Use Case | Platform |
|---|---|---|
| Zero-Touch | Corporate-owned / Out-of-the-box | Apple (ADE), Android (ZTE), Windows (Autopilot) |
| QR Code / URL | Rapid deployment / IT-led | Android, iOS |
| Self-Enrollment | BYOD / Employee-led | All Platforms (via SSO) |
| Agent-Based | Laptops / PCs | Windows, macOS |
Phase 4: Policy Creation and Deployment
Policies are the “rules” governing your devices.
- Navigate to Policies: Create a New Policy.
- Define Restrictions: Toggle settings for Camera, Wi-Fi, Passcode, and Roaming.
- App Management: Add mandatory apps under Required Apps > Add App.
- Targeting: Associate the policy with specific Devices, Users, Device Groups, or OUs.
Phase 5: Remote Management Actions
Once devices are active, use the Manage tab to trigger real-time security commands:
- Scan Device: Fetch current status and compliance data.
- Remote Lock/Wipe: Protect data on lost or stolen hardware.
- Kiosk Mode: Restrict devices to a single or multi-app environment.
- Remote View/Control: Provide live support for troubleshooting.
The Hexnode Advantage: Strategic Differentiators
Hexnode provides a competitive edge over legacy MDMs through:
- Zero-Friction Enrollment: Support for every native zero-touch framework.
- Unified Policy Engine: Apply rules across different OS types from a single UI.
- Instant-Sync: Leveraging APNs/WNS for near-real-time command execution.
Frequently Asked Questions
How long does it take for a quickstart MDM setup with Hexnode?
The basic portal setup and APNs configuration can be completed in under 15 minutes. Full fleet deployment depends on the enrollment method chosen.
Can I manage personal devices (BYOD)?
Yes. Hexnode uses Containerization (Android Work Profile / iOS User Enrollment) to separate work data from personal content, ensuring user privacy.
Is Hexnode UEM compatible with Active Directory?
Yes. Hexnode integrates with Microsoft Entra ID (Azure AD), Google Workspace, and Okta for seamless user synchronization and SSO.
