This guide gives an overview of how IGEL Mobile Device Management Essentials (MDM) lets you manage iOS mobile devices.

Configuring MDM in the UMS is detailed in the  MDM Setup Guide.

Apple Push Notification Service (APNs)


The UMS and iOS mobile devices communicate with each other via the Apple Push Notification service (APNs).

Also, the IGEL Cloud Gateway (version 1.04.100 or higher) is required to provide a secure communication channel between the UMS and the iOS mobile devices connecting from outside the company network (see the Communication Chart).

The setup procedure can be outlined as follows:

  1. Set up an ICG instance and connect it to the UMS, find detailed instructions in the ICG Manual.
  2. In the UMS, create a certificate-signing request for the Apple Push Certificates portal.
  3. Log in with your Apple account to the Apple Push Certificates portal to generate a certificate for the UMS using the certificate-signing request.
  4. Using the generated certificate, connect the UMS to the Apple Push Notification Service (APNs).
  5. You are now ready start connecting iOS mobile devices to the UMS, this is also referred to as device enrollment.

For a detailed walk-through of these setup steps, see the MDM Setup Guide.

Connecting Devices


The iOS app IGEL MDM Enrollment is used to connect mobile devices to the UMS. The app is available free of charge from the app store.

For a detailed description of the device enrollment procedure, see Connecting Mobile Devices to the UMS.

Managing Devices


New folder "Mobile Devices" in the UMS structure tree

Mobile devices that have been added to the UMS are listed in the new Mobile Devices folder.

Right-clicking on a mobile device listed there will open a context menu with object-specific commands.

New profile type "Mobile Device" â€” mobile devices are managable via profiles only

The new profile type "Mobile Device" has been introduced, since mobile devices are managable via profiles only. The fact that you must use a profile to manage a mobile device means that, unlike with thin clients, double-clicking a mobile device object in the Mobile Devices folder will not open a configuration dialog; instead, you will have to create a profile and send the profile to the device or several devices.

In the Profiles folder of the UMS, mobile-device profiles can be distinguished from other types by the symbol.