Knox Platform for Enterprise 3.5 release notes

February 2020

Knox 3.5 introduces new settings for granular control over areas like user experience, roaming, and certificate management. Most of these features come with the Samsung Knox Service Plugin (KSP), meaning IT Admins can use them immediately upon release.

For more details on putting these features into action, see the latest release notes for KSP.

VPN over tethering

Enable VPN client sharing over USB from a Samsung mobile device to an allowed corporate laptop or desktop for optimum usage of VPN licenses and seamless employee access to enterprise resources. For security reasons, IT Admins can also disable this connectivity option.

Expanded deep settings

Show, hide, or gray out the user interface for settings related to mobile connection and a device’s 2nd SIM slot with new deep settings controls.

Wi-Fi roaming management

Let employees use work devices in the office or field with fewer interruptions by managing Wi-Fi roaming behavior to stop lockout and connection drops.

• Configure a roam trigger or duration period for superb connectivity to an enterprise network.

• Disable blocking after authentication failure for rapid device re-authentication.

• Enable or disable DHCP checking to improve device connectivity or reduce IP address turnover.

Wireless Intrusion Prevention System (WIPS)

Secure network usage on enterprise devices with WIPS by detecting suspicious access points and preventing connection.

2nd SIM

Control a device’s 2nd SIM user interface with the following options:

• Enable
• Disable
• Show
• Hide
• Gray out

See Advanced Examples of KSP settings for instructions on how to set up these policies.

UCM-eSE applet enhancement

Set up credential storage with improved security on embedded secure elements (eSEs). Samsung’s refined eSE applet for Universal Credential Management (UCM) supports the latest cipher and signature algorithms like ECDSA/ECDH, HMAC, and CMAC for modern smart card storage.