ManageEngine Desktop Central, in addition to managing desktops and servers, also supports managing your Mobile Devices from a central point. It allows you to perform Policy Management, Profile Management, Asset Management, App Management and Security Management of mobile devices.
Figure 1: MDM Architecture of Desktop Central
The advantages of using the MDM architecture of Desktop Central include the following:
- Agentless, Over-the-Air (OTA) Management
- Uses Apple's Push Notification Service/ Android GcM for communication
- Profiles and Policies gets deployed immediately
- All communications to and from the mobile device is secured.
- Any communication from Desktop Central to the device is routed through Apple Push Notification service (APNs) via TCP port 2195 for iOS devices and through GCM via TCP port 80 for Android Devices
- As per Apple IOS MDM protocol, all iOS devices maintain a dedicated TCP connection with APNs at TCP Port 5223. Destkop Central leverages this to wake up a device using APNs.
- Device communicates with Desktop Central Server for available instructions at port 8383 using a secured connection.
- Executes the instructions and reports back to Desktop Central Server with the status/data at port 8383 securely.
For the above setup to work, the following should be done
- Assuming users' mobility, Desktop Central Server should be reachable via public IP address. You should NAT your internal IP of Desktop Central Server to a public IP to enable this. If all the devices managed are within the LAN, this requirement is not needed.