Video Screencast Help

Mobile Management Suite Update: App Center Advancements in v4.1

Created: 01 Mar 2013 • Updated: 17 Jul 2013
Minh_Phan_at_Symantec's picture

We are thrilled to announce that we have updated App Center to address a diverse set of Enterprise mobility needs, including single sign on, network communication controls, secure email integration, and a host of new MDM capabilities.

As usual, these new features are configurable wrap policies and do not require source code changes or an SDK. App Center takes the app apart, injects the wrap code, repacks, and re-signs the app.  It takes less than a minute for an administrator to upload an app to the admin console and apply a policy. This makes it possible for app developers to focus on their apps’ core productivity use cases while empowering administrators to add policy based security functionality.

By providing wrap capabilities that separates and controls data on a per app basis, corporate and personal apps can run side by side without the performance impact and usability issues that come with a monolithic container approach. An overly restrictive monolithic container approach or locked down device can impact usability, causing end-users to work around security policies in order to be productive (e.g. emailing a file to their personal email so that they can use their preferred productivity tool).

With App Center, each corporate app runs with its own set of policies and all of the data written locally is under the control of the policy libraries. Specific apps may be revoked by the IT Administrator on an app-by-app basis.  The data associated with the app is also deleted without requiring the entire device to be wiped. 

The following functionality are available to apps that are wrapped:

  • Authentication. Policy can require online authentication before the user is allowed to access the app. The inactivity timeout is configurable and offline authentication can be permitted on an app-by-app basis. Online in-app authentication leverages the configured IDP: local or LDAP/AD.
  • Data-at-rest. On-device storage can be allowed or denied. If allowed, policy can dictate that all app-created data is encrypted using FIPS 140-2 certified crypto modules. In the case where an app should only be caching data, policy can dictate that all stored data is deleted upon closing of the app. Usage of SD card may also be restricted.
  • Usage restrictions. Policy can dictate that various data sharing capabilities be disabled (e.g. “Open in,” clipboard copy, iTunes/iCloud sharing).
  • Jailbroken and Rooted devices. Policy can dictate that a wrapped app delete all data and disable itself if Jailbroken or Rooted status is detected. The app wrap code checks for Jailbroken and Rooted status at all app lifecycle events, and at timer expiry (if configured).
  • MDM compliance. A wrapped Android app can be configured to delete all data and disable itself if it detects that the client is no longer present or is no longer a device administrator.
  • Server polling. Policy can dictate that the wrapped app contact the server on a periodic basis. On contact with the server, the wrapped app can learn of pending policy changes, revocations, etc.
  • Failsafe revocation. If desired, an app can be configured with a “time bomb,” where it will delete all data and disable itself if it is unable to contact the server for a configured duration of time (this is typically configured in conjunction with the server polling option).
  • Forced app upgrades. When a new version of a wrapped app is published, end-users can be forced to upgrade by having the wrapped app immediately take the end-user to the app store client upon launch. This control comes with a configurable grace period.

App Center was updated today (version 4.1) to provide new features that allow you to:

  • Simplify end-user experience with single sign-on and new integrations with Symantec o3 and CA Siteminder
  • Control network communication by enforcing SSL connections and blocking apps from going to unauthorized sites
  • Secure corporate email with NitroDesk secure email client integration
  • Simplify deployment and administration with new MDM controls, including: wifi/vpn settings, screen capture and camera restrictions, app push/uninstall, end user portal, and more

The complete list of features and issues addressed are included in our documentation and knowledge base articles.

Technical support

Symantec offers the following support resources:

To be informed of updates, you may also subscribe to our support notification. Click on the ‘Subscribe via Email’ link.

For additional help, including licensing questions

Please work with your channel partner or Symantec Account Manager. If you need help finding a channel partner, please use our Partner Locator tool. You may also call us at 1-877-294-5255 (US toll free number) and we will identify if a Symantec Account Manager has been assigned or refer you to one of our partners. International contact information can be found on the App Center product page.

We are thrilled to deliver these enhancements and look forward to continuing to innovate on our Enterprise Mobility solution!

Minh Phan

Symantec Enterprise Mobility Product Management

Operating Systems: