4월 15, 2017

What's new in Knox 2.8?

Samsung Knox News

By Knox Technical Publications Staff

Introducing Samsung Knox 2.8, which includes a number of platform updates and feature updates for individual SDKs. The Knox 2.8 platform is built into the new Samsung Galaxy S8 and S8+ devices and platform features are built into the device software. Other devices will receive firmware updates pending on the release schedule of each mobile service provider. To check the Knox version that’s currently running on your device, go to Settings > About device > Software info

Let’s take a look at the 2.8 updates! 

Platform-based features are built into the device OS. All flagship devices include the following features:

 

Advanced security

  • Control flow protection

The Knox platform now prevents Return Oriented Programming (ROP) exploits. This enhancement restricts an attacker’s ability to hijack the control-flow of an OS kernel by encrypting return addresses before putting them on the stack.

  • VPN support over IPv6 networks

When using the Knox VPN framework, device users can now access network resources over an IPv6 network. Previously, any IPv6 servers proposed during the VPN tunnel negotiation were rejected.

  • Trustzone app rollback preventions

The Knox platform now checks the Trusted Application (TA) version and blocks older TA versions which may provide exploitable vulnerabilities.

 

Convenience for device users

  • Power Saving mode

Enterprises can allow power saving mode to extend battery life, or disallow power saving mode to optimize manageability. In power saving mode, for example, an EMM agent does not work normally and cannot receive policy updates from the IT admin server.

  • Accessibility apps access to Knox Workspace

IT admins can now allowlist the accessibility apps that can access the Knox Workspace container, for example, to read what is displayed on the screen while in the container. Previously, to reduce vulnerabilities, the Knox Workspace container blocked access from all third-party accessibility apps except Google TalkBack.

  • Microsoft Exchange ActiveSync (EAS) as default storage for Contacts/Calendar

If an EAS account is set up on a device, it is now used as the default storage for the contacts, events, and tasks in the Contacts and Calendar apps. Previously, the device was the default storage and device users could lose this data after switching devices or deleting the Knox Workspace container.

 

Data Loss Prevention

  • Data Loss Prevention logs

Enterprises can now view audit logs to browse events associated with DLP-protected content. Both informational events about content accessed as well as critical security events about unauthorized access are logged.

  • Data Loss Prevention from browser

Enterprises can define a list of trusted web sites to which device users can upload classified content from the Internet app inside the Knox Workspace container.

 

Frictionless deployment

  • Support for enrolling both KC and KME on the same device

Customers can now register the same device (IMEI or Serial No) to both Knox Mobile Enrollment (KME) and Knox Configure (KC) portals. This feature enables customers to use Knox Configure and deploy their EMM using KME on the same device.

 

Management controls and compliance

  • Advance certificate enrollment and management

Enhances network security between an Enrollment over Secure Transport (EST) client and EST server per RFC 7030. Enterprises can use the EST protocol to initiate a Certificate Signing Request and manage credential generation and communications.

  • URL disclaimer in SMS/MMS messages

This feature is designed for regulated industries like banking, which need to attach a disclaimer to every SMS or MMS sent by their regulated employees, in order to comply with industry standards. Typically, the disclaimer links to a web page providing the full text of an organization’s legal disclaimer.

  • Emails sent outside a secure domain

This feature addresses financial industry requests to warn employees when they send emails outside their secure domain. Any destination email address lacking an approved address suffix is highlighted automatically in the native Email app.

  • Enterprise billing on dual SIM devices

Previously, the SIM1 card was used for enterprise billing by default. With this enhancement, you can select the SIM2 card for enterprise billing.

 

SDKs and Tools

Knox Customization Configurator

Knox Customization Configurator 1.6.1 and 1.6.2 releases include a number of improvements for System Integrators, IT admins, and end users.

  • Advanced KCC License management

A number of user experience improvement related with License and License check logic enhancements. These enhancements reduce the user experience of license count errors and end users can now assign licenses again to same devices which have already been activated on those devices.

  • Enhanced ProKiosk mode

The Knox Customization Configurator now supports the following customizing features: Automatic Power on, USB connection, Application URL restriction, Disable Flight mode, Disable OMC mode, Advanced Wi-Fi settings, and Custom booting/shutdown animations in ProKiosk mode.

[아이콘] 닫기

삼성 Knox 시작하기

[아이콘] 여행가방
리셀러, 솔루션 공급업체 또는 서비스 공급업체이신가요?

지금 Knox 파트너가 되어 비즈니스 성장을 도모하세요.

[아이콘] 정보

시작할 Knox 제품 선택:

올인원 번들
Knox Suite
리브랜딩 및 맞춤 설정
Knox Configure
사기 및 도난 방지
Knox Guard
디바이스 보호 플랜
Samsung Care+ for Business
기타 제품 및 서비스

시작하기

[이미지] Knox Suite

기업용 모바일을 위한 일체형 솔루션 번들

  • 최대 30대의 디바이스에 제공되는 90일 무료 평가판을 사용해 보세요.
  • 회사 디바이스를 안전하게 보호, 배포, 관리 및 분석할 수 있는 완벽한 툴 모음입니다.
  • Knox Suite와 함께 제공되는 강력한 기능을 사용해 보세요.

Knox Suite에는 다음이 포함됩니다.:

Knox Mobile Enrollment 무료
Knox Manage
Knox E-FOTA
Knox Asset Intelligence
Knox Platform for Enterprise 무료
Knox Remote Support
Knox Capture
Knox Authentication Manager

시작하기

[이미지] Knox Configure 로고

삼성 디바이스를 리브랜딩하고 맞춤 설정하세요.

  • 최대 30대의 디바이스에 제공되는 90일 무료 평가판을 사용해 보세요.
  • 삼성 디바이스를 대량으로 구매하는 즉시 원격으로 구성하고 특정 요구 사항을 충족하도록 맞춤 구성합니다.
  • 디바이스를 일회성 배포를 위해 설정하거나 원하는 만큼 업데이트할 수 있습니다.

시작하기

[아이콘] Knox Guard 로고

삼성 디바이스를 위한 사기 및 도난 방지

  • 최대 30대의 디바이스에 제공되는 90일 무료 평가판을 사용해 보세요.
  • 원격으로 삼성 디바이스를 제어하여 금융 관련 위험성을 줄이고 자산을 보호하세요.
  • SIM 제어 및 디바이스 잠금 기능을 포함한 Knox Guard의 모든 기능을 사용해 보세요.

시작하기

[이미지] Samsung Care Plus For Business 로고

삼성 디바이스를 위한 디바이스 보호 플랜

  • 빠른 디바이스 수리 및 교체로 업무 중단을 최소화합니다. 시작하려면 삼성 영업팀에 문의하세요.
  • 한 곳에서 모든 디바이스 보증 범위 및 청구 정보를 확인하세요.
  • 이미 Samsung Care+ for Business를 구매하셨나요? Samsung Care+ for Business 콘솔에서 계정을 만들고 플랜을 활성화하세요.

기타 제품 및 서비스

[이미지] 기타 로고

고객의 고유한 요구 사항을 해결하는 최신 솔루션입니다.

  • Enterprise Tech Support를 통해 전담 계정 관리자로부터 효율적인 기술 지원을 받아보세요.
  • 삼성 소프트웨어 맞춤 설정 서비스를 사용하여 귀사를 위한 맞춤형 디바이스를 만들어 보십시오.
영업 팀에 문의