Configure the keepalive settings

You can configure the keepalive settings to check the connection between the Knox Manage server and the device. The Knox Manage server checks the connection between the server and the device at the set interval.

The keepalive option helps IT admins to identify any devices that are no longer connected to Knox Manage by trying to establish a connection to the device. If the device doesn’t answer for longer than the period of time you specify in the keepalive configuration, its status changes to Disconnected. Once the device connects to the Internet again, the Knox Manage agent checks its status, and the device status changes to Enrolled.

The keepalive feature is supported for the following devices:

• Android devices (both Samsung and non-Samsung).
  • Includes shared Android devices (per user check-in, or sign-in, to a shared device).
• iOS devices.
  • Includes shared iPads (per user check-in, or sign-in, to a shared device).
• Windows devices.
• ChromeOS devices.
• Wear OS devices.

Add a keepalive configuration

You can define multiple keepalive configurations at once. Click to add a configuration.

You can add or edit up to 20 configurations when you save the settings.

To configure the keepalive settings, complete the following steps:

1. Navigate to Setting > Configuration > keepalive.

2. Turn on Keepalive to enable the configurations.

3. Select a target type between Global Setting and Set by Group/Organization.

   • Global Setting applies the keepalive settings to all policies.

   • Set by Group or Organization applies the keepalive settings to selected groups or organizations.

4. Configure the keepalive settings:

   • For Keepalive Expiration (days), select a period between 3 and 365 days. If there is no communication between the Knox Manage server and a device for the set period, it attempts to re-establish a connection directly. If the device still fails to establish communication, then its status changes to Disconnected.

   • Turn on Lock Device or Work Profile Upon Expiration if you want the device to lock when keepalive expires. This feature isn’t available on Android Legacy with Knox Workspace.

     When keepalive locks the device, the user can only unlock the device with the keepalive passcode. You can find the passcode on the Knox Manage console, on the Device Details page > Security tab > Lock device field > unlock passcode.

     

     

   • For Lock Device Message, enter a message to display on the lock screen when keepalive expires and the device is disconnected. Only supported on fully managed devices.

     The default message is:

     The device has been locked by Knox Manage because communication between the device and the server was disconnected for a certain period of time.

     Select a cycle to check the connection status by checking the last time the device and the server communicated.

   • For Keepalive Interval (hours), select a cycle to check the connection status by checking the last time the device and the server communicated.

   • For Group or Organization, select one or more user groups or organizations to apply the keepalive settings to.

5. (Optional) Configure automatic keepalive notification emails:

   • Turn on Email for Disconnected Devices.

   • For When to Send Emails (Days before Disconnection), specify when to send the digest. You can schedule the email to be sent on any day leading up to the keepalive duration, minus one. For example, if the keepalive duration is set to 7 days, then the earliest the email could be sent is 6 days before expiration.

   • Click Select to add one or more admins in your tenant as email recipients.

   • If you need to send emails to recipients who aren’t attached to accounts in your tenant, click Add and enter their addresses.

6. Click Save.

Keepalive notification emails

When using a keepalive configuration, you can choose to send a one-time email digest when some of your fleet’s devices will expire soon.

Here’s an example of the e-mail digest: