Re: [Fed-Talk] MDMs
Re: [Fed-Talk] MDMs
- Subject: Re: [Fed-Talk] MDMs
- From: William Cerniuk <email@hidden>
- Date: Fri, 27 Mar 2015 19:27:08 -0400
I have been testing the DEP and VPP using Apple's server. I tend to expect fewer glitches with Apple products hence more "test" than "debug" in an initial experience in DEP.
Regardless, DEP is definitely the way to go for smooth deployment and delivery. The rates of delivery/hr per staff that have been achieved in the refinement of my process have been very good (112/hr, 4 of my staff). But with DEP I suspect we can do even better.
--
R/Wm.
703.594.7616
> On Mar 26, 2015, at 09:50, Fox, Brian M CIV SPAWARSYSCEN-PACIFIC, 82300 <email@hidden> wrote:
>
> DEP might be the best part of Casper/Apple Push Notification DEP... if a device is bought from Apple directly, or if the device is registered in the DEP system, it gets stolen and wiped, but as soon as the device phones home to Apple for the first time (since the wipe), it will query the serial number and say oh, hey, you belong to this group, and it redirects the device to the Casper server, which automatically puts the MDM profile back on. it doesn't matter what the thief (or shady employee) tries, it will always reload the MDM profile and always be managed until the DEP admin unenrolls it.
> Cool stuff!!
>
>
> V/R,
>
>
> Brian Fox
>
> 82300 IT Operations
>
> Certified Casper Administrator
>
> Certified Apple OS X Administrator
>
> Space and Naval Warfare Systems Command | SPAWAR Systems Center, Pacific
>
> Phone: (619)553-6354
>
> DSN: 553-6354
>
> Mobile: (619)316-7380
>
> email@hidden | email@hidden
>
> ________________________________________
> From: William Cerniuk [email@hidden]
> Sent: Thursday, March 26, 2015 03:14
> To: Fox, Brian M CIV SPAWARSYSCEN-PACIFIC, 82300
> Cc: Fed Talk
> Subject: Re: [Fed-Talk] MDMs
>
> Invaluable, thank you.
>
> We currently have one server trying to be all things to all clients.
>
> MDM performance is suffering due to what appears to be load related issues as my staff has to wait until well into the late evening or early morning to run some very simple reports across all devices (like a basic all inventory report). Asked for the all devices report yesterday at 5pm and I watched them issue the request to the system. We filled time for 30 minutes and they told me that they commonly have to wait until around midnight to run reports like this. Unreal.
>
> So in the investigation of this and perhaps best practices approaches, and using DPP/DEP/VPP I'm intimately interested in the experiences of the group.
>
> It would appear that with large organizations and a variety of client disciplines (like the stratification of DoD organizations or even at the Army MOS or MACOM level) it makes sense to have more than one MDM, if nothing more than for organizational purposes. Accordingly it also seems to make sense to have more than one DPP, if nothing more than to separate credit card and app procurement properly.
>
> What would be best practice and I wonder if such best practice guidance exists yet.
>
> A lot to digest, appreciate all the offline responses!
>
> --
> R/Wm.
>
> 703.594.7616
>
>
>
>
>> On Mar 25, 2015, at 09:28, Fox, Brian M CIV SPAWARSYSCEN-PACIFIC, 82300 <email@hidden> wrote:
>>
>> Each individual command has their own MDM solution at the moment. We are working on a Central system, but that gets to be a LOT for the MDM admin to handle, you can't make blanket devices configurations for every device on every base. We at SPAWAR would need more flexibility as some of the STIGs and configs would break our research projects.
>>
>> We use Casper by JAMF Software, its the most robust and admin friendly.
>>
>>
>> V/R,
>>
>>
>> Brian Fox
>>
>> 82300 IT Operations
>>
>> Certified Casper Administrator
>>
>> Certified Apple OS X Administrator
>>
>> Space and Naval Warfare Systems Command | SPAWAR Systems Center, Pacific
>>
>> Phone: (619)553-6354
>>
>> DSN: 553-6354
>>
>> Mobile: (619)316-7380
>>
>> email@hidden | email@hidden
>>
>> ________________________________________
>> From: fed-talk-bounces+brian.m.fox=email@hidden [fed-talk-bounces+brian.m.fox=email@hidden] on behalf of William Cerniuk [email@hidden]
>> Sent: Tuesday, March 24, 2015 14:42
>> To: Fed Talk
>> Subject: [Fed-Talk] MDMs
>>
>> ALCON,
>>
>> Does anyone know if DISA runs the Mobile Device Management servers for all of DoD or does each organization run their single MDM server system?
>>
>> And another question, for those of you who run MDMs, how many accounts do you have on a single MDM server instance and how has this impacted performance and accuracy of your MDM’s output if at all?
>>
>> --
>> Best Regards,
>> Wm. Cerniuk
>>
>> Ph: 703.594.7616
>> AppleID: email@hidden
>>
>> Time is Short, and the Water Rises
>>
>>
>>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden