Using ManageEngine MDM MSP, devices running on iOS, macOS and tvOS can be managed from a single console. This reduces the time and complexity involved in managing an array of devices which are running on different operating systems thereby eliminating the need for multiple device management softwares.
ManageEngine MDM MSP supports the following features to manage machines running on macOS:
macOS machines which are in use even before setting up ME MDM can be enrolled using MDM MSP. Enrollment can be performed through Invites in case of managing machines present in your inventory. For employee owned personal machines, using Self Enrollment is ideal. The Enrollment URL is accessed to bring machines under management.
By integrating MDM with Apple Business Manager, out of the box deployment is feasible. New machines which are to be handed over to your employees can be enrolled and brought under management right out of the box.
Secure your managed machines and data by defining parameters for a password policy.
Incase your organization's security policy prevents users from installing unapproved apps, it is possible to restrict the same using ME MDM. Restrictions related to device functionality, security, location settings, etc can be applied as well.
Wi-Fi and proxy settings for the managed machines can be configured. You can also prevent machines from connecting to unapproved Wi-Fi networks by configuring Restrictions.
VPN and proxy settings can be configured. To know more about the supported types of VPN by MDM MSP, click here.
Data stored in all the managed mac machines can be secured by encrypting them through a single console using FileVault Encryption.
Distribute CA certificates to the managed machines in order to secure and validate any network communication.
In case of large organizations where it is a hectic task to distribute certificates manually, SCEP can be configured for scalable and simplified distribution of client certificates.
Granular details about the managed machines can be viewed using the Scan Now feature. Information about the Installed apps, blacklisted apps and restrictions imposed on the machines can be obtained as well.
The IT administrator can remotely lock the managed machines to enhance data security and to also secure any machines that might be lost.
Suppose you require a machine to be handed over to another employee, all the data and settings on the managed machine can be completely wiped. The device will become as good as new.
Only the corporate data and settings pushed using MDM can be removed from the managed machines without deleting any personal data.
Apps purchased via ABM can be silently installed in the managed machines from the MDM MSP server with zero user intervention.
NOTE: It is mandatory to configure an APNs certificate before managing Apple devices using MDM MSP. To know more about the steps involved, click here.