This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central Mobile - Apple Secure E-mail


we want our users to use the Sophos Secure E-mail cliënt. All devices are corporate Apple IOS devices and we only want to replace the Apple e-mail cliënt with the Sophos Secure E-mail client to be able to only allow Sophos clients to connect to EAS Proxy.

is there a simple walk tru website available with the steps and pictures? The standard Sophos documentation is not that helpful.

Regards,

Fred



This thread was automatically locked due to age.
  • Hi ,

    You need to deploy the Secure Email app and assign a policy to the devices. The app then asks the users to enter their password and that's it.

    Within the EAS Proxy he then can configure which email client is allowed (step 13 here)
    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • We would like it to be that easy, sending out an email to our users that they need to download the Sophos Secure Email Client and tell them howto enroll it. 

    Problem is allthough these Apple IPhones are company owned, the Apple account is their own private Apple account. So we do not have full MDM setup on these devices for employees. So how do you enroll a device and push the device policy in a situation like that?

    We do not want to control the IPhone completely or its use. We only want that they connect with the Sophos Secure Email Client to EAS Proxy for corporate email and we haven't figured out how to do that with Apple IPhones. 

  • IPhone 11 IOS 14.6 We have the situation that after downloading the Sophos Mobile Control app from the Apple AppStore, scanning the enroll QR code in the Sophos Mobile Control App, we at first see that the app shows compliant. We accept the user conditions and then the download will start of the  configuration profile from https://smc-device-ff-cloudtstatic-eu-central-1.prod.hydra.sophos.com/client-api/enroll/mobileconfig/xxxxxxxx.

    It however does this in a seperate safari browser session. You get the message Profile downloaded, see the profile in the configuration-app if you want to install it. 

    When we go to IPhone settings we see the dowloaded profile. When I install it I get the message "Installation of profile failed. The SCEP-server has returned an invalid response."

    Mobile Control will resync and check the APN OK but the status remains not managed in the Mobile Control app due to the profile not installing correctly.

    The Sophos Secure Email app still shows "The app has not received a Sophos container policy."

    Iphone 5 IOS 12.5.3 this one shows the profile and the email associated but the situation in Mobile Control and Secure Email is the same as the Mobile Control app states not managed. 

    With MDM on android in the past I was only able to get Enteprise Control installed during the install as a new device. Is this a similar issue? Will it not work on devices that are already in use and have user profiles?

     

  • This article describes the steps to configure a Container Policy for Sophos Secure Email, so the app receives real push notifications instead of silent push notifications.

    ACES ETM

  • "Installation of profile failed. The SCEP-server has returned an invalid response." 

    This was solved by rebooring the IPone 11 and a retry. Container device policy, required app Sophos Secure Email and Email Configuration tasks applied to the IPhone succesfully. 

    This IPhone is now connected and receiving email.

    The test IPone 5 is ditched. Last IOS version is 12 and Secure Email requires a minimum of IOS version 13.

    Basicly there is no short cut to quickly install only Sophos Secure Email. You have to follow all steps for MDM.

     

     

  • Hi Wendell,

    you forgot to past the URL I assume?

    Regards,

    Fred