-
Endpoint Management integration with Microsoft Endpoint Manager
-
Certificates and authentication
-
Client certificate or certificate plus domain authentication
-
Authentication with Azure Active Directory through Citrix Cloud
-
Authentication with Azure Active Directory through Citrix Gateway for MAM enrollment
-
Authentication with Okta through Citrix Gateway for MAM enrollment
-
Authentication with an on-premises Citrix Gateway through Citrix Cloud
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Android SafetyNet
You can use the Android SafetyNet feature to assess the compatibility and security of Android devices that have Citrix Secure Hub installed. Android SafetyNet isn’t available for MAM deployments.
When this feature is enabled, the SafetyNet Attestation API examines software and hardware information on a device to create a profile of that device. The API then looks for the same profile within a list of device models that have passed Android compatibility testing. The API also uses this information to determine whether an unknown source has modified Citrix Secure Hub.
When the Android SafetyNet feature is enabled, Citrix Secure Hub sends the SafetyNet Attestation API request to Google Play services and the result is reported back to Citrix Endpoint Management. Citrix Endpoint Management then updates device information with the attestation results. You can set automated actions that use the attestation results to trigger actions on the device.
For more information about how the SafetyNet Attestation API works, see the Android developers documentation.
Estimate how many SafetyNet Attestation API requests you need
SafetyNet Attestation API requests are sent:
-
When a device is enrolled in Citrix Endpoint Management
-
When a Citrix Secure Hub online authentication occurs
Online authentication occurs when a server session expires or when a user signs off the server and then signs back on. Citrix Secure Hub prompts the user to provide credential to authenticate with the server.
-
When a device is rebooted
-
At a recurring time interval you configure, between 24 and 1,000 hours.
If your Citrix Endpoint Management deployment makes more than 10,000 requests per day, fill out this quota request form.
Get the SafetyNet API key
To enable Android SafetyNet in Citrix Endpoint Management, you need the SafetyNet API key.
-
Log in to the Google API console with your Google administrator account credentials.
-
Go to the Library page.
-
Search for “Android Device Verification API”.
-
Click Android Device Verification API.
-
If the API isn’t already enabled, click Enable.
-
Click Manage.
-
Click Create Credentials to generate an API key.
-
Select Android Device Verification click What credentials to I need. Then click Done.
-
In the Credentials page, click the copy icon next to the key to copy the key.
-
Save the key so you can paste it into the Citrix Endpoint Management console when you enable the Android SafetyNet.
Enable Android SafetyNet
-
In the Citrix Endpoint Management console, click the gear icon in the upper-right corner. The Settings page appears.
-
On the Settings page, click Android SafetyNet.
-
Configure these settings:
-
API Key. Paste in the SafetyNet API key that you got from the Google API console.
-
Attestation schedule in hours. Type interval at which the SafetyNet Attestation API assesses your Android devices, in hours. The minimum value is 24 hours. The maximum value is 1000 hours. The default value is 24 hours.
-
-
Click Save.
View Android SafetyNet results
To view the results of the SafetyNet Attestation API assessment for a device:
-
In the Citrix Endpoint Management console, click Manage > Devices.
-
Select Android devices to see the SafetyNet Attestation API results. Then click Show more.
-
In the Device details page, select Properties.
-
The results appear in the Security section.
The SafetyNet Attestation API returns these statuses for each device:
-
SafetyNet CTS profile match: If this value is True, the device has a profile that matches one that has passed the Android Compatibility Test Suite (CTS). If this value is set as False, the device does not have a profile that matches one that has passed Android CTS.
-
SafetyNet basic integrity: If this value is True, the SafetyNet Attestation API found no evidence that an unknown source has modified the Citrix Secure Hub on the device. If this value is set as False, an unknown source has modified the Citrix Secure Hub on the device.
-
SafetyNet last known status: This value shows the last know SafetyNet status of the device:
-
Success: The SafetyNet Attestation API found no evidence that an unknown source has modified the Citrix Secure Hub on the device.
-
LOCK_BOOTLOADER: The user must lock the bootloader of the device. An unknown source has modified the Citrix Secure Hub on the device.
-
RESTORE_TO_FACTORY_ROM: The user must restore the device to a clean factory ROM. An unknown source has modified the Citrix Secure Hub on the device.
-
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.