Welcome to SOTI MobiControl 2026.0 Help
SOTI MobiControl is an enterprise mobility management solution designed to help you efficiently manage your organization's devices. Use the SOTI MobiControl Help Center to explore its full range of features.
What's New in SOTI MobiControl
Setting Up SOTI MobiControl
This section provides instructions for installing, activating, and upgrading SOTI MobiControl instances.
Using the Console
This section provides information about using the SOTI MobiControl console to perform the various management tasks.
- About the SOTI MobiControl Console
- Using Stella
- Managing Users
- Managing Devices
- Managing Configurations
  - Using Profiles
    - Creating a Profile
      Use profiles to configure and deploy device settings, software packages, and assets to your managed devices. This task walks you through creating a profile, adding configurations and packages, and preparing it for assignment to target devices.
    - Assigning a Profile
      Assign profiles to devices or device groups to apply configurations and settings consistently across your device fleet.
    - Editing Profile Access Permissions
      Use this feature to edit access permissions for one or more profiles. You can assign read, write, or approval-based access to users, groups, or roles.
    - Editing a Profile
    - Deleting a Profile
    - Cloning a Profile
    - Viewing Profile Assignments
    - Viewing Profile History
    - Viewing Profile Logs
    - Revoking a Profile
    - Reinstalling a Revoked Profile
    - Disabling a Profile
    - Exporting Profiles
    - Importing Profiles
    - Managing Profiles Queue
    - Downloading a Profiles List
    - Emailing a Profiles List
    - Profile Configurations
      - Profile Configurations By Category
        Security Profile Configurations
        Restrictions Profile Configurations
        Email, Contact, and Calendar Profile Configurations
        Calendars
        Contacts
        Email: Exchange for Gmail
        Google Account (iOS)
        LDAP
        Subscribed Calendars
        Local Users
        Windows Defender
        Windows Defender - Configuration Details
        Reboot
        SOTI Identity Login (Windows Modern)
        The SOTI Identity Login Windows Modern profile configuration enables enterprises to set up device authentication through SOTI Identity users or local directory users.
        Connectivity Profile Configurations
        Other Profile Configurations
        SOTI Apps Profile Configurations
      - Profile Configurations By Platform
    - Declarative versus Reactive Profiles
  - Using Advanced Configurations
  - Using Settings Manager
  - Approval Workflow for Profile Changes
    This overview outlines the fail-safe configuration for mission-critical profiles, designed to enhance the reliability and security of profile management in SOTI MobiControl.
- Managing Applications
- Managing Data
- Managing Certificates
  Manage and deploy digital certificates in SOTI MobiControl, including manual uploads and dynamic certificates issued via integrated certificate authorities.
- Monitoring Devices
- Troubleshooting Device Issues
- Generating Reports
- Managing System Settings
- Other Features
- SOTI MobiControl Console Reference
System Health
View vital system stats in a variety of interactive, up-to-date charts and tables.
SOTI MobiControl Administration
This section provides information about how to perform various administrative tasks related to SOTI MobiControl. These tasks include monitoring your SOTI MobiControl system, changing deployment settings, integrating SOTI MobiControl with third-party applications, and performing various modifications that extend SOTI MobiControl beyond its standard configuration.
Using Package Studio
This section provides information about how to use SOTI MobiControl Package Studio to create data packages for devices.
Using Script Commands
Send scripts and execute commands on your devices with SOTI MobiControl. Script commands are supported on the following platforms:
Using SOTI MobiControl Stage
This section provides information about how to use SOTI MobiControl Stage to quickly and easily enroll devices.
Cloud Link Agent
Glossary
Notices

Windows Defender - Configuration Details

About this task

Windows Defender configuration enables administrators to configure antivirus settings for Windows Modern device(s).

General

Feature	Description
Real-time Monitoring	Enables Windows Modern Defender's real-time monitoring functionality.
Real-time Scan Direction	Select a set of files to scan from the following directions: Scan incoming and outgoing files Scan incoming files only Scan outgoing files only
Cloud Protection	Enable this option to join Microsoft Advanced Protection Service (MAPS).
Cloud Block Level	Choose from following levels to block and scan suspicious files: Default High High Plus Zero
Submit Samples Consent	Enable this policy setting to configure the behavior of sample submissions when opting for MAPS telemetry. Choose from the following: Always Prompt Send Safe Samples Automatically Never Send Send All Samples Automatically
Cloud Block Timeout	Set a value after which Windows Defender blocks Cloud services, Note: Microsoft Defender antivirus blocks a suspicious file up to 50 seconds.
Signature Update Interval	Specify the internal (in hours) to check for security intelligence updates.
Signature Update File Share Sources	Configure Universal Naming Convention (UNC) file share sources for downloading security intelligence updates.
Check For Signature Before Running Scan	Enable this option to check for new security intelligence before running a scan.
Signature Update Fallback Order	Enable this setting to specify the order in which to contact different security intelligence update sources.

Exclusions

Feature	Description
Excluded Extensions	Specify a list of file type extensions to ignore during a scan.
Excluded Paths	Specify a list of directory paths to ignore during a scan.
Excluded Processes	Specify a list of files opened by processes to ignore during a scan.

Additional Settings

Feature	Description
Scan Email	Enable scanning policy settings to scan emails.
Scan Network Files	Enable scanning policy settings to configure real-time scanning for files accessed over the network.
Scan Scripts	Enable scanning policy settings to scan scripts.
Scan Archives	Enable scanning policy settings to configure scans for malicious software in archive files. Note: This setting does not apply with Temper protection enabled.
UI Access	Disable scanning policy settings to block a user's access to the Windows Defender Antivirus UI.
Low CPU Priority	Enable scanning policy settings to configure low CPU priority for the scheduled scans.
Scan CPU Load Factor(%)	Configure the maximum percentage of CPU usage allowed during a scan.
Behavior Monitoring	Enable the scanning policy to configure Behavior Monitoring. Note: This setting does not apply with Temper protection enabled.
Intrusion Prevention System	Enable scanning policy settings to configure Windows Defender Intrusion Prevention.
PUA Protection	Enable scanning policy settings to configure detection of Potentially Unwanted Applications (PUA).
IOAV Protection	Enable scanning policy settings to configure the scanning of all downloaded files and attachments. Note: This setting does not apply with Temper protection enabled.
On Access Protection	Enable scanning policy settings to configure file monitoring and program activity. Note: This setting does not apply with Temper protection enabled.

Full Scan Settings

Feature	Description
Full Scan Required	Enable this scanning policy setting to configure a full scan.
Scan Day	Select the day to perform the scheduled scan.
Scan Time	Select the time of the day to run the full scan. Note: Full scan runs between 12:00 AM to 11:00 PM.
Catchup Full Scan	Enable this scanning policy setting to run a catchup scan if defender misses a full scan. Note: This scan runs after two missed scheduled scans.
Scan Mapped Network Drives	Enable this scanning policy setting to scan mapped network drives.
Scan Removable Drives	Enable this scanning policy setting to scan removable drives such as USB flash drives.

Quick Scan Settings

Feature	Description
Quick Scan	Select the time of day for quick scan to run daily. Note: Quick scan runs between 12:00 AM to 11:00 PM.
Catchup Quick Scan	Enable this scanning policy setting to run a catchup scan if defender misses the quick scan. Note: This scan runs after two missed scheduled scans.