Configuring Application Firewall on Android Enterprise Work Managed Devices
Before you begin
You must have:
SOTI MobiControl Manage Profiles permissions to modify firewall
settings. See General Permissions.
Android Enterprise devices running Android OS 11 or later and SOTI MobiControl plugin version 1.28.0 or later.
About this task
Use the Android Enterprise firewall payload to create
application-based firewall rules on Android Enterprise Work Managed devices. Configure
rules to allow or block traffic based on applications and network type.
Tip: To enable Samsung IP Firewall for traffic filtering
and rerouting, toggle on the Samsung IP Firewall option in the Work Managed firewall
profile payload. See Configuring Samsung IP-Based Firewall on Android Devices for details.
Procedure
From the main menu on the SOTI MobiControl web console, navigate
to the Profiles section.
Select an existing profile to edit it or create a new one for Android Classic
or Android Enterprise COPE. See Creating a Profile and Editing a Profile.
Under the Restrictions category, select
Firewall.
Choose a Rule Type.
Allow: Blocks all network traffic except for specified
applications.
Block: Restricts network traffic for specified applications.
Select (Add) under the
Allowed/Blocked Applications section.
Select (Add) in the Add an
Application Name or Bundle Identifier section and enter the
following details:
Tip: Select to bulk import a list of
applications from a CSV/ text file.
Application Name: Search for and select the application.
Bundle Identifier: Enter the app’s bundle ID.
Select Save to apply the network restrictions.
Choose a network type in the Networks section.
Wi-Fi: Allows/blocks app traffic over Wi-Fi.
Cellular: Allows/blocks app traffic over cellular.
Wi-Fi & Cellular: Applies restrictions to both networks.
Select (Add) in the Wi-Fi
SSIDs section to specify the network SSID(s).
Select Okay, then select Save to
save the firewall configuration.
Assign the profile to your Android Enterprise Work Managed devices to apply the
configured application settings. See Assigning a Profile.
What to do next
Verify the firewall rules by testing network access on a
device.