et'al Software Solutions
Et'al MDM
Features

Policy Engine

Configure and enforce security policies, restrictions, and device configurations across your fleet.

The policy engine is how you define and enforce the rules your devices must follow. Policies are created once and deployed to individual devices or entire device groups.

Policy Types

Et'al MDM supports a wide range of policy configurations:

Passcode Requirements

Control how devices are secured:

  • Minimum passcode length (4-16 characters)
  • Require alphanumeric or complex passcodes
  • Maximum failed attempts before device wipe
  • Passcode expiration period
  • Passcode history (prevent reuse)

Encryption

Require full-device encryption:

  • Enforce storage encryption on Android
  • Verify FileVault/encryption status on iOS
  • Block non-compliant devices until encryption is enabled

Wi-Fi Configuration

Push Wi-Fi profiles to devices automatically:

  • SSID, security type, and credentials
  • Hidden network support
  • Certificate-based authentication (EAP-TLS)
  • Multiple Wi-Fi profiles per device

VPN Configuration

Configure VPN connections for secure remote access:

  • IKEv2, IPSec, and OpenVPN support
  • Per-app VPN (iOS)
  • Always-on VPN (Android)
  • Certificate-based authentication

App Restrictions

Control which apps devices can use:

  • Allowlist — Only approved apps can be installed
  • Blocklist — Specific apps are blocked
  • Required apps — Apps that must be installed; non-compliance flagged if removed
  • Auto-install — Push apps from the app catalog to devices automatically

Camera and Hardware Controls

Restrict device hardware features:

  • Disable camera (useful for secure facilities)
  • Disable Bluetooth
  • Disable USB file transfer
  • Disable screen capture
  • Disable NFC

Kiosk Mode (Pro+)

Lock devices to a specific app or set of apps for dedicated-purpose deployments.

Single-App Kiosk

Lock the device to a single application:

  1. Create a policy with kiosk mode enabled
  2. Select the target app from the app catalog
  3. Deploy to the device or group
  4. The device locks to the selected app — no home screen, no notifications, no app switching

Multi-App Kiosk

Allow a curated set of apps while blocking everything else:

  1. Enable multi-app kiosk mode in the policy
  2. Select the allowed apps from the app catalog
  3. Configure the launcher layout (grid arrangement, background)
  4. Deploy to the device or group

Kiosk mode is ideal for point-of-sale terminals, digital signage, warehouse scanners, and customer-facing check-in stations.

Profile Builder UI for iOS (Pro+)

Build iOS configuration profiles visually without editing XML or property lists:

  • Drag-and-drop payload configuration
  • Real-time preview of the profile structure
  • Supports all standard iOS payloads (Wi-Fi, VPN, email, restrictions, certificates)
  • Export as .mobileconfig for manual distribution if needed

Content Filtering and Web Restrictions (Pro+)

Control web access on managed devices:

  • URL allowlist — Only allow access to approved websites
  • URL blocklist — Block specific domains or URL patterns
  • Category filtering — Block categories like gambling, adult content, social media
  • Safe search enforcement — Force safe search on Google, Bing, and YouTube

Policy Templates

Save time with reusable templates:

  1. Configure a policy with your desired settings
  2. Save it as a template
  3. Apply the template to new device groups with one click
  4. Customize individual deployments as needed

Templates are useful for standardizing configurations across multiple tenants or teams.

Custom Compliance Rules (Enterprise)

Define custom compliance conditions beyond the built-in checks:

  • Combine multiple policy conditions with AND/OR logic
  • Set grace periods for non-compliance (e.g., "must comply within 24 hours")
  • Trigger automated actions on non-compliance (notify, restrict, wipe)
  • Create compliance rules per device group or tenant

Policy Deployment

When a policy is assigned:

  1. The policy is queued for delivery to all target devices
  2. Devices receive the policy on their next check-in (default: every 15 minutes)
  3. The device applies the configuration and reports compliance status
  4. Non-compliant devices are flagged in the dashboard with specific violation details

Device Management

Enroll, monitor, and manage your entire device fleet from a single dashboard.

Command Queue

Send remote commands to managed devices with real-time delivery tracking.

On this page

Policy TypesPasscode RequirementsEncryptionWi-Fi ConfigurationVPN ConfigurationApp RestrictionsCamera and Hardware ControlsKiosk Mode (Pro+)Single-App KioskMulti-App KioskProfile Builder UI for iOS (Pro+)Content Filtering and Web Restrictions (Pro+)Policy TemplatesCustom Compliance Rules (Enterprise)Policy DeploymentRelated