Issue

• Remotely Deploy ESET Endpoint Security for Android to client devices using ESET PROTECT

Solution

Prerequisites

• ESET PROTECT and ESET Mobile Device Connector must be installed and activated. For more help, visit the ESET PROTECT Installation guide.
• You must have a valid ESET license. ESET Mobile Device Connector is activated with your ESET Endpoint Security license. How do I purchase a license?
• Managed devices must be running on Android version 5 and later.

To enroll Android devices in ESET Mobile Device Connector (MDC), follow the steps in each section:

1. Create an MDM Certificate
2. Create an MDM Policy
3. Register your Android device in ESET PROTECT
4. Enroll your Android device
5. Create an Activation task for Android MDM

I. Create an MDM certificate

If you already have an MDM certificate, proceed to Section II: Create an MDM Policy.

1. Open the ESET PROTECT Web Console in your web browser and log in.

2. Expand More, click Peer Certificate → New → Certificate.
   

3. In the Basic section, type the Description of the certificate and select Mobile Device Connector from the Product drop-down menu. Type the IP address or Hostname of the server where Mobile Device Connector is installed in the Host field and type the Passphrase into respective fields. In the Attributes (Subject) section, type the organization name used in ESET PROTECT in the Organization name field. Click Continue.
   
4. In the Sign section, click Select certification authority.
   
5. Select the check box next to the certification authority that you want to use and click OK.
   
6. Click Finish and proceed to Create an MDM Policy.

II. Create an MDM Policy

1. Open the ESET PROTECT Web Console in your web browser and log in.

2. Click Policies → New Policy.
   

5. 
   

7. 
8. 
   

III. Register your Android device in ESET PROTECT and send an enrollment link

1. Open the ESET PROTECT Web Console in your web browser and log in.

2. Click Computers, select the group to which you want to add your mobile device and then click Add New → Mobile devices.
   
   

   
3. In the Basic section, ensure that Android or iOS/PadOS is selected. Select the check box next to I accept the End User License Agreement and acknowledge the Privacy Policy and click Continue.
4. In the Distribution section, select Enrollment via email and click Configure server settings. Enroll a single device at a time.
   

5. 
   

   

6. In the List section, click Add.

7. Type in the Device name and Email Address (this email address will be used to deliver the enrollment email message). The Description field is optional. To assign a specific user, click Pair with existing user to match it to an existing Computer User. Click the Save icon to save the device. Click Customize email if you want to make changes to the enrollment email. To add another device, click Add. Click Continue when you are finished adding devices.

   
8. In the Enrollment section, click Send. The enrollment link will be sent to chosen devices.

Enroll a single device

1. Follow steps 2-3 of Register your Android device in ESET PROTECT and send an enrollment link section above.

2. In the Distribution section, select Enrollment via QR code and click Continue.

3. In the List section, click Add.

   

4. Type the Device name and Email address in the appropriate fields. The Description field is optional. To assign a specific user, click Pair with existing user to match it to a designated policy. Click the Save (floppy disk) icon to save the device. To add another device, click Add. Click Continue when you are finished adding devices.
   

5. In the Enrollment section, the preview window will display a summary of the enrollment, including the download link and the QR code. Send the enrollment link to the mobile device using email or an instant messaging application if the device is not physically present. If the device is physically present, scan the QR code with the mobile device and proceed to Section IV: Enroll your Android device and deploy ESET Endpoint Security for Android. To enroll another device, click Finish and repeat the process described in this sub-section.

IV. Enroll your Android device and deploy ESET Endpoint Security for Android

1. On the mobile device, open the enrollment email that was sent in Section III above and tap the enrollment link.
2. Tap Connect.
   
   
3. You will be redirected to Google Play Store. Tap Install and wait for the installation to finish. Tap Open.
   
4. Tap Continue and tap Allow → Allow.
   
5. Tap Allow → Allow.
6. Tap Allow if you want to allow the ESET LiveGrid feedback system.
   
7. Type your name into the Name field and tap Save. This will help the administrator recognize your device.
   
   
8. Tap Continue and tap the slider bar next to Allow permission to enable it.
   
   
11. 

12. Tap Finish to activate ESET Endpoint Security for Android as Device Administrator.
    
    
    

13. The Android device is now protected.
    
    
    

14. Proceed to Section V: Create activation task for Android MDM.

V. Create activation Task for Android MDM

After completing sections I-IV above, the device will appear in the Computers section of ESET PROTECT under Lost & Found and will automatically be added to the dynamic group Mobile devices → Android devices.

Follow the instructions to activate ESET business products using ESET PROTECT.