Free Edition
What is MDM?
Enterprise Mobility Management
Mobile Device Management
Mobile Application Management
Mobile Security Management
Mobile Email Management
Mobile Content Management
BYOD
Compliance
- CJIS
- HIPAA
- ISO
- PCI
- GDPR
Awards & Reviews
Supported Platforms
- iOS
- Android
- Windows
- macOS
- Chrome OS
- Android Enterprise
- Samsung Knox
Related Products

How to manage devices in isolated network using ME MDM?

Ensure robust data protection and compliance of managed devices using ManageEngine MDM in isolated network environments such as Closed Networks, Air-Gapped Networks, Offline Device Management and Private Network Deployments. These isolated environments differ in terms of internet accessibility and levels of isolation. Accordingly the enrollment methods, app management capabilities and, restrictions for the managed devices vary across each setup. the following section provides a comparison of all these isolated network types.

Comparison of Isolated Network Environments

	Air-Gapped Network	Offline Device Management	Closed Network	Private Network Deployment
Internet Access	None (physical separation)	None (Devices temporarily disconnected during management tasks)	Limited or None (controlled outbound access)	Has Internet, but access restricted to within the organization’s private infrastructure.
Isolation Level	High – total physical and logical isolation	Low – temporary isolation only	Moderate – connected internally, but restricted from public access	Medium – isolated from public internet, but internal cloud or VPN-based access possible
MDM Server (On-Premise/Cloud)	On-Premise		On-Premise Preffered, can be cloud if Internet allowed	On-Premise or Private Cloud
Supported Platform	Android		Android, If the Internet is available, then iOS
Use Case	Defense, nuclear research, or classified environments requiring total isolation	Remote field operations, ships, or testing labs where the Internet is not available always	Government, healthcare, banking environments needing security with limited cloud dependence	Corporates maintaining private data centres or internal clouds with secure, restricted connectivity

Steps to Manage Devices in an Isolated Network

Manage devices in a Network Without Internet Connection

Only Android devices can be managed in a Network without Internet Connection.
Begin the device management by Installing the Mobile Device Manager Plus on an on-premises server. Ensure that all communication between devices and the MDM server happens over the intranet (LAN).
ME MDM App Settings on ME MDM Console: Navigate to Enrollment->Android->ME MDM App. Configure the Mode of Communication and ME MDM App distributing as described below:
- For Configure Mode of Communication Choose "Periodic" as Communication Type. Periodic mode is an alternative to Immediate Mode and is the preferred mode of communication between the MDM server and mobile devices, when there is limited public internet access within your organization, or if there is no access to Google apps and/or services. For detailed information on Communication Types, visit our Configure Mode of configuration guide.
- For ME MDM App Distribution Settings choose "Corporate Network" to proceed with the ME MDM app distribution to the managed devices. This steps is essential because the devices will be managed in the closed network and the ME MDM app can not be installed from the Playstore.
Enrollment Methods : For enrolling devices, follow the below enrollment methods:
- Generate enrollment configurations such as Invite Enrolments (QR codes/URL) , Self Enrolment tokens from the MDM console to enroll and manage the devices.
- Load the Enrollment Profiles using Device Owner Provisioning using USB / Wireless Debugging.
App Management: For managing and distributing apps in the closed network host the required enterprise apps on MDM app repository. For Hosting Enterprise Apps, refer our Android Enterprise Apps guide. For updating the enterprise apps for Android refer our Enterprise Android App update guide. Sync devices with the internal server for app and patch updates.
Profiles: Configure the Android Profiles such as passcode enforcement, Wi-Fi/VPN configurations, restrictions, etc. and distribute to the managed devices or groups from the ME MDM Console.
Monitor Managed Devices: On the MD MDM Console, Navigate to Inventory and view/monitor the managed devices. Refer our Device Information guide for detailed information.
Reports: On the ME MDM console, Navigate to Reports to generate device usage, compliance reports within the internal environment.

Manage devices in a Network has Internet Connection

When the network has an Internet connection, you can manage the devices either using ManageEngine Mobile Device manager On-Premise or using the Cloud.
On-Premises : Ensure you have allowed the given Ports and Domains which are required for the MDM to manage the mobile devices.
Enrollment: For enrollment, use device provisioning tools such as Apple Configurator, Samsung Knox tools, or Android Zero-touch with restricted connectivity, etc.
App Repository: On the ME MDM console, navigate to App Mgmt->App Repository and add the required Apps from the Play Store or the App Store. Configure the iOS Enterprise Apps and Android Enterprise Apps as required. Once Apps are added to the App repository, distribute them to the managed devices. Visit our ME MDM App repository guide for the detailed information.
Profiles: To enhance the security and Compliance policies, configure the Android and iOS profiles and distribute to the managed devices.
Monitor Managed Devices: On the MD MDM Console, Navigate to Inventory and view/monitor the managed devices, refer our Device Information guide for detailed information.
Reports: On the ME MDM console, Navigate to Reports to generate device usage, compliance reports within the internal environment.