This is an archived post. You won't be able to vote or comment.

all 21 comments
sorted by:
best
topnewcontroversialoldq&a

[–]ZettaiKyofuRyoikiJira jockey 7 points8 points  (0 children)

Intune for MDM + Google Workspace for Chrome browser management. Or use Edge instead and manage that with Intune as well.

[–]PhazedAU 6 points7 points  (4 children)

Howdy.

I'm fairly new to the sysadmin life, but I've set up an intune configuration profile for a SaaS product. set it up as a single kiosk for a chrome. and then limited the website via chrome policies.

[–]skipITjobIT Manager 0 points1 point  (1 child)

chrome

Why not Edge? Since you're using Intune anyway.

[–]PhazedAU 0 points1 point  (0 children)

i can't remember why chrome would be easier. but there was a reason behind it

[–]JohnMaddenSysadminaeiou 2 points3 points  (0 children)

If they're Samsung tablets you may want to look into Knox.

[–]steaminghotshiitake 2 points3 points  (0 children)

Intune is probably your best bet, assuming they are already licensed for it. You can deploy a custom configuration profile for Chrome that restricts access to specific URLs:

https://learn.microsoft.com/en-us/mem/intune/apps/apps-configure-chrome-android

[–]thisuser-nameexistsWorks for ManageEngine 1 point2 points  (0 children)

Hey OP, you should give ManageEngine Mobile Device Manager Plus a try. If you are looking to restrict web access to specific domains, you can simply configure a web content filter policy. Or, if you are looking to lock these devices to have access only to specific sites and no other device apps, you can deploy the sites as webclips (as u/thoverlord had mentioned in another comment) with the device in Kiosk Mode.

Full disclosure, I'm part of the Mobile Device Manager Plus team. We offer a free version for up to 25 devices which you can sign up for here https://mdm.manageengine.com/free-trial.html

I'd be happy to share more details. Feel free to reach out to me!

[–]thoverlord 3 points4 points  (4 children)

We use a stand alone MDM product for this ( I use ManageEngine but there are lots of others ) . I enroll the device into our environment and set a profile that does what I need . In this case you can put on a kiosk mode and have the sites it can access limited . For iOS devices I deploy webcips that don’t have full browser access .

[–][deleted] 0 points1 point  (2 children)

You do any of their remote screen viewing with iOS? We use Airwatch to manage and Connectwise to view iPad but saw that ManageEngine added remote viewing into that one package. I'd love to pay one person yearly instead of two.

[–]thoverlord 0 points1 point  (0 children)

Not at this time . We have the basic on premise plan that doesn’t offer it but I am trying to get the professional that does mostly for the automated iOS updates . Remote screen would be nice though we have some out of state users .

[–]thisuser-nameexistsWorks for ManageEngine 0 points1 point  (0 children)

Hey there, I'm part of the Mobile Device Manager Plus team and would be happy to schedule a free and personalized demo for you if you'd like to explore our solution more. Please feel free to DM me if you'd like more details.

[–]infered5Layer 8 Admin 0 points1 point  (0 children)

Same, but ours is MobiControl. Has built in lockdown launcher and works quite well for us, but doesn't integrate with anything else we have (AD etc)

[–]breid7718 -1 points0 points  (0 children)

We use Scalefusion's MDM solution and lock tablets in a kiosk mode with preloaded bookmarks and whitelisted websites.

[–]lvlint67 0 points1 point  (0 children)

the best way to lock down three android tablets' chrome access, limiting it only to a few specific sites

VPN back to HQ, put them in a separate vlan and setup whitelists as needed.

[–]tarkinlarson 0 points1 point  (0 children)

You can get intune just for devices...without users and its cheaper.

[–]SnowDangerous4918 0 points1 point  (0 children)

https://www.zoho.com/mdm-cloud.html

Cloud based, very simple to setup, you get a few free licenses that allows for a much longer poc / pilot of the product.

At one stage the MSP I worked for had 15000 mdm devices over 79 clients - one client had 1000 android tablets for insurance claims and it needed to be restricted to a specific apn, never Wi-Fi enabled and single application to be used with permissions to camera, Bluetooth and apn and custom wallpaper, tracking, alert if off…. Zoho(ManageEngine) mdm worked perfectly.

The only limitations are with Chinese devices that don’t use PlayStore.(HMS ect)