Quick Start

This quick start guide gets you up and running with your BigFix MCM and BigFix Mobile solution. It helps you secure, configure, and manage your mobile devices quickly and efficiently.

Plan the strategy of your deployment

Plan your deployment: When planning your mobile device management solution, as a first step understand your organization’s mobile device management needs. Consider everything that will access your organization resources, including users' personal devices. Before setting up deployments, Determine the device types including desktop computers, laptops, tablets, and mobile phones. These devices can be owned by the organization, or owned by your users.
  1. Create the list of devices to determine:
    1. The OS platforms that you need to support (Apple iOS, Google Android, Microsoft Windows), minimum models/versions.
    2. Corporate-owned or personal devices
  2. Determine the device enrollment methods:
    1. Select the Device Enrollment method that best fits your feature requirements and deployment workflow. (e.g., administrators register company-owned devices or let users register their own devices via enrollment portals)
  3. Create the list of users
    1. Number of users using a single device.
    2. Group users based on their departments or any other criteria.
    3. Kind of users

Prerequisites and requirements

  • TLS Certificate signed by a trusted Certificate Authority (CA): Essential for establishing secure connections over the Transport Layer Security (TLS) protocol.
  • Apple Push Notification Service (APNS) Certificate: Required for sending push notifications to iOS and macOS devices. Integration with Apple APNS enables our platform to securely communicate with Apple's servers and deliver notifications to your users' devices.
  • Google credentials: Necessary for integrating with Google services, particularly for Android devices. This token allows our platform to authenticate and interact with Google's servers, facilitating the delivery of notifications and access to other Google services as needed.
  • Windows Notification Service (WNS) Credentials: Essential for sending push notifications to Windows devices. These credentials enable communication with Microsoft's servers, ensuring the delivery of notifications to Windows-based devices.

For a complete information on the prerequisites, read Prerequisites and requirements.

Setup Account

  • Use Android Enterprise features on Android devices, such as Work Profile (Profile Owner), Work-managed device (Device Owner), and dedicated devices (COSU). To set up Android Enterprise, you need a managed Google Play account (if you do not use G Suite for Business), domain name, and the EMM token (if you are using G Suite for Business). To enroll an Android device in the Android Enterprise (AE) program, formerly known as Android for Work, you have to first enroll your organization in AE. Android Enterprise is a device management framework to manage and secure Android (version 10.0 or later) devices in the work environment. It offers two management modes (Device Owner and Profile Owner) to manage corporate and personal devices. Personal devices can be set up as ‘Profile Owner’ that allows work apps and data to be stored in a separate encrypted container within the device. The ‘Device Owner’ mode allows enterprises to exercise complete control over their corporate devices and data.Android
  • To set up Apple enrollment, you need the company Apple ID and the Apple Push Notification Service (APNS) certificate. Apple Push Notification services are required for an Apple device to communicate with BigFix MDM server. APNs have to be configured before enrolling an Apple device in BigFix. To learn how to configure APNs, see Apple.
  • To set up Windows enrollments, read the information at Windows.

Configure certificates

Configure the required certificates as per the instruction at Configure certificates.

Install MDM Server

Install MDM PlugIns

Enroll devices

Depending on the operating system of the devices to be enrolled, BigFix supports multiple methods to conveniently enroll the devices. For further details, read the information provided in the following links.

Configuration and policies

  • Policies: Create profiles containing security settings, Wi-Fi configurations, app restrictions, and much more.
  • Smart Groups: Organize devices into groups for easier policy assignment.
  • Security Policies: Enforce password complexity, screen lock timeouts, data encryption, and other security measures.
  • Application Management: Distribute, install, update, and remove applications on enrolled devices.
For more information to configure and assign a policy, read Policy Group.

Manage devices

Troubleshooting

Troubleshooting
  • Android
  • Apple
  • Windows

Support

Support