Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
This article provides additional information about the configuration policies for the Sophos container available for Android and iOS devices.
Applies to the following Sophos product(s) and version(s) Mobile Control 6.0
Operating systems Android iOS
What is a Sophos container?
A Sophos container is created on an Android or iOS device as soon as a Sophos Container policy is applied to the device. It is used to manage the Sophos Secure Workspace and Sophos Secure Email apps and general settings, e.g. password protection or fencing settings for these two applications.
Available Sophos container policy settings
Please note: Container settings are only available if you have purchased and activated a Sophos Mobile Control Advanced license.
Within a Sophos Container policy, the following things can be configured
Simple Certificate Enrollment Protocol
How to apply a Sophos container policy
Once a Sophos Container Policy has been created, it can be assigned using the blue triangle button next to the policy within the "Profiles" overview. By using the "Assign" option, the devices to which the policy is applied can be selected.
Alternatively, you can assign a policy via the device details using the "Assign policy" button in the "Policies" tab.
What is required on the device to apply a policy?
To successfully apply a policy, a mobile device should have at least versions 6.0 of the Sophos mobile apps (Sophos Mobile Control, Sophos Secure Workspace and Sophos Secure Email). Former version of the apps do not support policies.
Is it necessary for iOS devices, that the apps are installed in a "Managed" mode?
No, this is not necessary. You can also assign a policy even if the app is not installed as "Managed".
What happens after I assign a policy?
After you have assigned a policy to a device, a synchronization is triggered by the server. Once the user opens the apps, the policies are applied. The policies will not be applied as long as user does not open the apps Sophos Secure Workspace or Sophos Secure Email. Within the "Policies tab in the devices details, "App not managed" will be shown.
App not managed
Once the user opens the apps, the latest policies are pulled from the Sophos Mobile Control server.
How can I remove a container policy?
To remove a container policy, use the "Decommission Sophos container" action from the "Actions" pane in the device details.
Decommission Sophos container
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.