Configure the keepalive settings
Last updated July 26th, 2023
You can configure the keepalive settings to check the connection between the Knox Manage server and the device. The Knox Manage server checks the connection between the server and the device at the set interval.
The keepalive option helps IT admins to figure out what devices are not connected to the Knox Manage console (for any reason) by trying to establish a connection to the device. If the device is not answering for longer than a set period of time, its status changes to Disconnected. Once the device connects to the Internet again, the Knox Manage agent checks its status, and the Device Status changes to Enrolled.
The Keepalive feature is not supported for the following:
- Staging devices assigned only to groups.
- Shared iPads.
Keepalive notification emails
When using a keepalive configuration, you can choose to send a one-time email digest when some of your fleet’s devices will expire soon.
Here’s an example of the email digest:
Add a keepalive configuration
You can define multiple keepalive configurations at once. Click to add a configuration.
You can add or edit up to 20 configurations when you save the settings.
If a device does not communicate with Knox Manage services for longer then set period of time, its status changes to Disconnected. After the communication is established again, the status changes back to Enrolled. This option is needed to highlight the devices that are not communicating with Knox Manage, so that they are not automatically unenrolled from Knox Manage.
To configure the keepalive settings, complete the following steps:
Navigate to Setting > Configuration > keepalive.
Turn on Keepalive to enable the configurations.
Select a target type between Global Setting and Set by Group/Organization.
- Global Setting — Applies the keepalive settings to all policies.
- Set by Group or Organization — Applies the keepalive settings to selected groups or organizations.
Configure the keepalive settings:
Keepalive Expiration (days) — Select a period between 3 and 365 days. If there is no communication between the Knox Manage server and a device for the set period, it attempts to re-establish a connection directly. If the device still fails to establish communication, then its status changes to Disconnected.
Lock Device or Work Profile Upon Expiration — If this option is set to Yes, then when the device’s keepalive expiration interval — set using a combination of days and hours — elapses without a connection from the device, the device is automatically locked. The device user has to manually unlock the device using the unlock passcode. The IT admin can find this unlock passcode on the Knox Manage console, on the Device Details page > Security tab > Lock device field > unlock passcode.
Devices enrolled as Android legacy with Knox Workspace do not support this lock device feature.
Keepalive Interval (hours) — Select a cycle to check the connection status by checking the last time the device and the server communicated.
Group or Organization — Click Select and select user groups or organizations to apply the keepalive settings.
(Optional) Configure automatic keepalive notification emails:
- Turn on Email for Disconnected Devices.
- For When to Send Emails (Days before Disconnection), specify when to send the digest. You can schedule the email to be sent on any day leading up to the keepalive duration, minus one. For example, if the keepalive duration is set to 7 days, then the earliest the email could be sent is 6 days before expiration.
- Click Select to add one or more admins in your tenant as email recipients.
- If you need to send emails to recipients who aren’t attached to accounts in your tenant, click Add and enter their addresses.
Is this page helpful?
Thank you for your feedback!