Configure the keepalive settings

You can configure the keepalive settings to check the connection between the Knox Manage server and the device. The Knox Manage server checks the connection between the server and the device at the set interval.

The keepalive option helps IT admins to figure out what devices are not connected to the Knox Manage console (for any reason) by trying to establish a connection to the device. If the device is not answering for longer than a set period of time, its status changes to Disconnected. Once the device connects to the Internet again, the Knox Manage agent checks its status, and the Device Status changes to Enrolled.

Keepalive notification emails

When using a keepalive configuration, you can choose to send a one-time email digest when some of your fleet’s devices will expire soon.

Here’s an example of the email digest:

Add a keepalive configuration

You can define multiple keepalive configurations at once. Click to add a configuration.

You can add or edit up to 20 configurations when you save the settings.

To configure the keepalive settings, complete the following steps:

1. Navigate to Setting > Configuration > keepalive.

2. Turn on Keepalive to enable the configurations.

3. Select a target type between Global Setting and Set by Group/Organization.

   • Global Setting applies the keepalive settings to all policies.

   • Set by Group or Organization applies the keepalive settings to selected groups or organizations.

4. Configure the keepalive settings:

   • For Keepalive Expiration (days), select a period between 3 and 365 days. If there is no communication between the Knox Manage server and a device for the set period, it attempts to re-establish a connection directly. If the device still fails to establish communication, then its status changes to Disconnected.

   • Turn on Lock Device or Work Profile Upon Expiration if you want the device to lock when keepalive expires. This feature isn’t available on Android Legacy with Knox Workspace.

     When keepalive locks the device, the user can only unlock the device with the keepalive passcode. You can find the passcode on the Knox Manage console, on the Device Details page > Security tab > Lock device field > unlock passcode.

     

     

   • For Lock Device Message, enter a message to display on the lock screen when keepalive expires and the device is disconnected. Only supported on fully managed devices.

     The default message is:

     The device has been locked by Knox Manage because communication between the device and the server was disconnected for a certain period of time.

     Select a cycle to check the connection status by checking the last time the device and the server communicated.

   • For Keepalive Interval (hours), select a cycle to check the connection status by checking the last time the device and the server communicated.

   • For Group or Organization, select one or more user groups or organizations to apply the keepalive settings to.

5. (Optional) Configure automatic keepalive notification emails:

   • Turn on Email for Disconnected Devices.

   • For When to Send Emails (Days before Disconnection), specify when to send the digest. You can schedule the email to be sent on any day leading up to the keepalive duration, minus one. For example, if the keepalive duration is set to 7 days, then the earliest the email could be sent is 6 days before expiration.

   • Click Select to add one or more admins in your tenant as email recipients.

   • If you need to send emails to recipients who aren’t attached to accounts in your tenant, click Add and enter their addresses.

6. Click Save.