Knox SDK 3.3
Samsung Knox SDK version 3.3 adds even more APIs and framework features for developers, MDMs, and users. APIs have been added to provide functionality to container encryption, Samsung DeX, and Network Analytics. Knox is built and secured at a hardware level, and with the Knox 3.3 SDK, Samsung Verified Boot now monitors and protects the boot loading.
With single layer of encryption, potential flaws in the implementation may result in a single point of failure. Dual Encryption (DualDAR) secures confidential work data with two layers of encryption, while providing security even when the device is powered off or is in an unauthenticated state. DualDAR enables highly regulated enterprises to ensure their confidential work data is protected by meeting the Commercial Solutions for Classified Program (CSFC) regulation.
For more information on the new Knox 3.3 Dual DAR feature, learn how to configure a DualDAR Workspace.
Container Only Mode (COM) deprecation
Container Only Mode is obsolete as of the Galaxy S10 or later devices.
Samsung Note 9/S9 devices or earlier with COM/ CL containers will be supported throughout the life of the device. For more information, see this bulletin notice.
Knox on DeX
Samsung DeX has new features and APIs to give and restrict access using the Knox platform. For API implementation, see Samsung DeX with Knox and the Knox 3.3 API reference guide.
VPN namespace changes
With the Knox SDK v3.0 release, all apps must use the new Android namespace conventions, as described in IMPORTANT NOTICE: Reminder to transition from old namespaces. The Knox VPN SDK still uses the old namespace conventions. Following the Android Q and Knox SDK 3.4 releases in the later part of 2019 or the early part of 2020, this merge requires VPN clients to update their clients to using the new namespaces. For more information on updating your VPN clients to use the new namespace, see VPN namespace changes. For more information about this change and how it impacts your VPN clients, see (link to blog post TBD).
VPN improvements and enhancements
Knox SDK v3.3 includes several enhancements that improve user experience and performance of VPN clients on the Knox framework. The enhancements include, but are not limited to the following:
Support multi-app tunnelling — These enhancements improve user experience when using VPN tunnels that impact more than one app at a time. As a result of these enhancements, users can connect with and start using business apps immediately after the VPN tunnel is established.
Synchronize Knox events with Android networking events — These enhancements improve the performance of VPN clients by synchronizing Knox events with Android networking events. This change means that the Knox container recognizes that the VPN client is connected without any delay.
Provide ongoing network flow information for NPA purposes — This new feature improves the performance of EMM-based Network Performance Assessment tools by providing information about network data flow while the connection is ongoing. This feature means admins now have the ability to configure their EMM-based NPA tools to receive network statistics while a network connection is ongoing. This functionality is especially useful in cases where network sessions last for a long time. For more information, see Configure NPA reporting.
Without this feature enabled, Firewall policies can affect allow list rules applied by Domain Filter. After enabling this API, admins can do the following use cases:
Use FirewallRule to block all IPs in a specified device.
Use the DomainFilterRule to allow specific domains even if the IPs are blocked using Firewall policies.
To learn more about this new feature, visit the Firewall section of the Knox SDK user guide.
Contact Storage restrictions
Take control over where device contacts are stored. Remove the risk of local contacts which can be lost and become out of sync to your cooperate enterprise. For API implementation, see contacts storage and the Knox 3.3 API reference guide.
For more information
To learn more about the Knox SDK, check out these resources:
Is this page helpful?
Thank you for your feedback!