Knox Platform for Enterprise

Comprehensive mobile security and management

Knox Platform for Enterprise is our most robust mobile security solution, and has been designed to meet the stringent needs of leading governments and regulated industries.

Featuring advanced configuration and management options, robust VPN connectivity, and comprehensive data usage analytics, Knox Platform for Enterprise should be the cornerstone of your mobile security strategy.

*Knox Platform for Enterprise is the updated Knox Workspace solution. It allows IT admins to access the full range of Knox platform features without creating an on-device container. Admins may still deploy the Knox Workspace managed container if they choose.

Containerization with Workspace

IT admins have the option of deploying an on-device container for advanced security and management features.

Unlike other containerization solutions, the keys for encrypting and decrypting the Knox Workspace container are derived in the device chipset. Any apps, email or files stored in the Knox Workspace container are encrypted and can only be accessed when the user enters their PIN, password, pattern, or through biometric authentication.

If the device is ever compromised, the Knox Warranty Bit will fuse and the Knox Workspace container will permanently lock down to prevent data leakage.

Knox Workspace features include:

Remote container lock by IT admin.

If a device is compromised, the container gets locked permanently.

Flexible container unlock methods, including 2-step authentication or Active Directory-based unlock.

Government-grade security for your enterprise

Protect corporate data on a device with government-certified data encryption technology. Our solution leverages Samsung’s hardware and software integrated security architecture, the Knox Platform, and adds advanced features to meet the stringent needs of most regulated industries.

Advanced security features include:

Government-certified data encryption and password control.

Hardware-based certificate storage and management.

Individual app isolation from other applications (SE for Android Management Service).

Logging and analytics

Knox Platform for Enterprise provides powerful tools to monitor end-user activities as well as data traffic usage. Its government-certified auditing features ensure all device usage is under IT’s control.

Auditing features include:

Audit log to collect comprehensive log events from the device, including container creation/deletion, and app installation/removal.

Network Platform Analytics to monitor network activity patterns without inspecting the content of data packets.

Attestation to remotely check if the device is rooted or running unauthorized firmware.

Robust VPN connectivity

VPN is a common way of transferring sensitive data in and out of a corporate network. Knox Platform for Enterprise adds advanced features for granular VPN control and enforced configuration.

VPN features include:

Per-app/container/device VPN to configure the scope of VPN connection.

On-demand VPN for optimal connection based on target application usage.

HTTP Proxy over VPN to allow web proxy settings to function while traffic is flowing over a VPN tunnel.

Granular control & management

Remotely manage a fleet of BYOD or corporate-liable devices and push corporate apps and security policies to them. Knox Platform for Enterprise features hundreds of IT policies with regular feature updates.

Our solution seamlessly integrates with Enterprise Mobility Management (EMM) providers, including VMware AirWatch, Blackberry, MobileIron, IBM, Citrix, and SOTI. Or if you don’t have an EMM, consider Knox Manage.

In addition to the basic device, app, email, and network configurations, Knox Platform for Enterprise allows IT admins to configure the following:

Certificate installation and deletion with zero user interaction.

Dual APN settings to assign different APN for particular apps.

Workspace configurations.


Comprehensive device management

Container lock, wipe

Lock or wipe the container in case the device is lost or stolen.

Active Directory password on device

Allows changing Active Directory passwords on the device instead of a PC.

Enterprise roaming

Controls which apps are allowed to use mobile data when the user is connected to a roaming network.

New TIMA Keystore per-app API

Support added to limit access to the digital credentials in the TIMA Keystore to a single app.

Advanced Container configurations

Configurations for browser, Email, password, WiFi, VPN, firewall, etc.

Power on and off control

Customize the power ON/OFF for the devices with the Custom APIs.

App permission monitor management

Permissions monitoring is now available for apps inside the container.

Enhanced app permission monitor

New APIs for IT to block the data leakage.

DeX management

Check whether the device is in DeX mode. Block DeX mode. Enforce Ethernet data connection. Prevent certain apps from running in DeX.


DeX management

Add or remove app shortcuts. Change the loading screen. Control screen timeout settings.

DeX management

Configure align type of DeX launcher screen. Add a browser shortcut with a specific URL on DeX home screen.

RCS message capturing

IT admins can capture Rich Communication Services (RCS) messages.

Control BLE and Wi-Fi scanning

Control Wi-Fi and Bluetooth background services.

Power saving mode management

Enterprises can allow power saving mode to extend battery life, or disallow power saving mode to optimize manageability.

Select Home screen mode

Set a Home screen mode to Home screen only or Home screen and applications.

Hardware key remapping at device level

Previously supported only in ProKiosk mode, but is now also available at the device level.

Set favorite apps

Control the application shortcuts that are displayed in the bottom row of the Home screen.

Delete selected Home screen page

Remove a page from the launcher including all shortcuts and contents.

Robust data protection

Enable Iris authentication to access Knox

Iris authentication for accessing Knox container

Harmonized Container

Samsung and Google have partnered to deploy a common architecture for secure containers starting with S8 devices running Oreo.

UX updates for Knox Workspace

Support compliance with GDPR (General Data Protection Regulation). The contents of Knox PP (Privacy Policies) has changed for handling user data.

Versatile credential / certificate management

Support for ECC

Support added for Elliptic Curve Cryptography (ECC), including storage for such keys in the protected TIMA CCM keystore.

Enhanced EST protocol

Enhances network security between an Enrollment over Secure Transport (EST) client and EST server per RFC 7030.

Samsung-supplied UCM plugin eSE

Samsung's Universal Credential Management (UCM) embedded Secure Element (eSE) plugin allows apps to access eSE of Samsung mobile devices.


Server options

Server options

Cloud or on-premise
License types

License types

Monthly or yearly
Supported devices

Supported devices

Devices running Knox 2.4+
Supported MDMs/EMMs

Supported MDMs/EMMs

View all vendors

Get started

Knox Platform for Enterprise

30-day free trial

Start a free full-feature trial of Knox Platform for Enterprise.


Knox Platform for Enterprise

Commercial license

Purchase a monthly or yearly license from your local Knox reseller.

Have any more questions?
View Knox Platform for Enterprise FAQs
Or contact a business sales expert

Our Knox sales team is ready to collaborate with you to address your biggest business challenges. Please provide your contact details to get started with a free trial or discuss a project with our sales team.


Anton Paar's salespeople are on the road four days a week, and it is crucial that their mobile devices are managed and protected

Technical Support

Technical support

Already a Knox user? Log in to your Samsung Knox account to submit a support technical ticket.


Knox IT solutions are designed to work together to help you from deployment to daily use.

Knox Configure
Configure device settings in bulk
Learn more
Knox Mobile Enrollment
Enroll devices to an EMM in bulk
Learn more
Knox Manage
Manage devices in the cloud
Learn more
Knox Platform for Enterprise
Apply advanced security and management features
Learn more
Samsung E-FOTA
Maintain device OS versions
Learn more