1 Devices Page Help

Use the Mobile Devices page to search for and view details about the devices and Workspaces registered to a user, and to perform routine administrative tasks on managed devices (Lock, Wipe, De-register, Sync, Clear/Reset Passcode) and Workspaces (Lock, Unlock, Wipe, Reset Passcode).

The following topics are covered:

Search
Device Management
Workspace Management

1.1 Search

Use this section to:

Search for devices and Workspaces.
View the devices and Workspaces registered to a user.
Select a managed device or Workspace to manage.

This view is arranged in the following sections:

Action Bar and Search
Table of Users, Devices, and Workspaces (Search Results)

Action Bar and Search

Search for users, then use the Status and Sort menus to further refine your search. The buttons on the action bar are described in the following table.

Element	Description
Search	Type a search term and press the search button. Search results are returned as follows: Devices and Workspaces are returned if the search term matches a device/Workspace display name, the model of the device/Workspace, the device/Workspace ID that is assigned by the server, or the user ID of the user who has enrolled the device/Workspace. You cannot use wildcards but partial matches will return results, for example: mith will return results for "Smith."
Status	Choose from the following menu options: Active - Show registered and locked devices and Workspaces. This is the default option. All - Show all Workspaces regardless of status. Registered - Show devices that are enrolled in the system and not in a locked state. Deregistered - Show devices that are no longer enrolled in the system. Locked - Show Workspaces that have been locked and disallowed access to the server. Wiped - Show Workspaces with a status of wiped, which signifies that all data has been erased.
Refresh	Click Refresh to update the screen with any changes made on the (back-end) server.
Sort	Choose from the following menu options: Last Sync Time - Sort Workspace search results chronologically using the date and time that the device was last synchronized. This is the default option. Name - Sort Workspace search results alphabetically by name. User - Sort Workspace search results alphabetically by user name. State - Sort managed device and Workspace search results alphabetically by registration state. Identifier - Sort Workspace search results alphanumerically by GUID.

Table of Users, Devices, and Workspaces (Search Results)

This section of the Devices page lists users, devices, and Workspaces that meet the search criteria. Click a device or Workspace icon to view additional details and management options.

Element	Description
User Name (UID)	The user name (UID) of the user to which the device and/or Workspace is registered. A user with multiple devices will have multiple records, one record per device and/or Workspace.
	Indicates a managed device. Click to manage the device and view additional details. The search results table displays the name given to the device.
	Indicates an unmanaged device (that is, a device that belongs to the user). You cannot perform actions on unmanaged devices.
	Click to manage the Workspace and view additional details. The search results table displays the Workspace's globally unique identifier (GUID).

"Managing Devices and Workspaces" in Administering Oracle Mobile Security Suite

1.2 Device Management

Use this section to:

Manage a specific managed device registered to a user. (You cannot manage an unmanaged device.)
View detailed information about a specific mobile device registered to a user.

This view is arranged in the following sections:

Action Bar
Device Information Tabs

Action Bar

Use the buttons to secure data on the device.

Element	Description
Lock	Locks the device. The user can unlock the device by entering their PIN or password. Mobile Security Manager cannot unlock the device remotely. Note: The device status displays as "Registered"; it does not change to "Locked."
Wipe	Resets the device to its original factory state by erasing all of the stored settings, data, and applications.
De-register	Removes the Workspace app, including certificates, restrictions, and other content that was provisioned by the Mobile Security Manager. Containerized apps no longer work, but the user must delete them manually. All pending operations are cancelled, and certificates issued to the device are revoked. Following this action the device is no longer controlled by the server. In the console the device status displays as "De-registered," unless the Device/Workspace De-registration Policy (located in Server Settings) is set to Delete, in which case the device record is deleted from the server
Sync	Forces the device to synchronize with the Mobile Security Manager, to update the app, certificates, restrictions, and other content that was provisioned.
Clear Passcode / Reset Passcode	This action is intended for use when the device user forgets their password. For iOS devices, the Clear Passcode command removes the Passcode and grants the user access to the device. For Android devices, the Reset Passcode command resets the passcode to a new randomly generated passcode. If using the Self-Service Console, the new passcode is displayed on the screen. Otherwise, a Help Desk Administrator or System Administrator should communicate the new passcode to the user.

Device Information Tabs

Element	Description
Details	Click to: View device properties
Credentials	Click to: View details about certificates provisioned to the device
Policies	Click to: View policies applicable to the device and the effective policy enforced on the device

Element

Description

Details

Click to:

View device properties

Credentials

Click to:

View details about certificates provisioned to the device

Policies

Click to:

View policies applicable to the device and the effective policy enforced on the device

1.2.1 Device Details Tab

View device properties from this tab.

Basic Properties

Element	Description
Name	Shows the model ID for iOS devices, and the model number for Android devices.
Description	A short description of the type of device.
Identifier	A unique identifier assigned to the device by the Mobile Security Manager.
Version	Version label of the device operating system assigned by the manufacturer.
Platform	Indicates the operating system software installed on the device. Either iOS or Android.
Platform Version	The version number of the operating system software installed on the device.
Compliance Level	Indicates if the device is in compliance with the effective policy. One of the following: Fully Compliant Non-Compliant - Indicates that the device is out of compliance. Click the icon to view the reason(s) why.
State	The Mobile Security Manager registration status of this device. One of the following: Registered De-registered Identified Certificate issued Wiped
User	The user ID of the user who enrolled the device with the Mobile Security Manager system.
Enrollment Time	Timestamp that indicates when the device was enrolled with the Mobile Security Manager system. The recorded time is the time at the Mobile Security Manager server, not the time where the device is located.
Last Sync Time	Timestamp that indicates when the device was last synchronized with the Mobile Security Manager system. The recorded time is the time at the Mobile Security Manager server, not the time where the device is located.

Device Properties

Element	Description
Model	The model name of the device.
Manufacturer	The name of the device manufacturer.
Manufacturer ID	The unique identifier assigned to the device by the manufacturer.
Serial Number	The unique code assigned by the manufacturer to a specific unit of the device.
MAC	The unique MAC (Media Access Control) address of the device.
Product Type	The product classification.
Storage Capacity	The amount of data in Gigabytes (GB) that the device can store.
Available Storage	The amount of remaining storage in Gigabytes (GB) that the device can use to store apps, files, and other data.
Battery Level	The estimated amount of battery life available on the device represented as a decimal percentage where 1 means 100% (full).

Smartphone Device Properties

Lists additional properties captured from the device. Refer to the device manufacturer's documentation for details.

1.2.2 Device Credentials Tab

View details about certificates provisioned to the device. Click a certificate record in the table to view details.

If no certificates are present, this tab is hidden.

Element	Description
View	Choose from the menu to control how the search results are displayed: Columns - Click a column header name to quickly show or hide a single column. Click Manage Columns to open a dialog that lets you show, hide, and reorder multiple columns. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Serial Number	The serial number that uniquely identifies the certificate.
Expires On	Date and time that the certificate will stop being valid. The certificate should be renewed or replaced prior to this date.
Created On	Date and time that the certificate was created.
Issued By	The name of the certificate authority that issued the digital certificate.
Primary	Indicates if this certificate is the primary authentication certificate for this device used for communication with the Mobile Security Manager.

1.2.3 Device Policies Tab

View the applicable and effective device management policies from this tab.

Applicable Policies

The list of mobile security policies that are applicable for this device. Click an applicable policy name. The read-only policy details are shown in a pop-up.

Effective Policy

The mobile security policy that is enforced on the device. Specifically, the Effective Policy is the merge of elements across all applicable mobile security policies that apply to the device.

Restrictions Device restrictions as established by the Effective Policy. A check mark shows functionality that is disabled on the device due to policy restrictions.

Element	Description
General	A check mark disables options in this category. This applies to all platforms (both iOS and Android devices).
Camera	Prevents use of the camera.
iOS	A check mark disables options in this category.
App Installation	Removes the App Store icon and prevents users from installing or updating apps using the Apple App Store.
Assistant	Disables Siri.
Assistance while device locked	Disables Siri when the device is locked. This restriction is ignored if the device does not have a passcode set. (iOS 5.1 and later)
Cloud Backup	Prevents backing up the device to iCloud. (iOS 5.0 and later)
Cloud Document Sync	Prevents document syncing to iCloud. (iOS 5.0 and later)
Cloud Keychain Sync	Prevents iCloud Keychain synchronization. (iOS 7.0 and later)
Diagnostic Submission	Prevent diagnostic data from being reported to Apple. (iOS 6.0 and later)
Explicit Content	Block explicit music or video content purchased from the iTunes Store.
Fingerprint for Unlock	Disables the TouchID feature, which unlocks the device using fingerprints. (iOS 7.0 and later)
Lock Screen Control Center	Prevents the Control Center (accessed by swiping up from the bottom of the screen) from appearing on the lock screen. (iOS 7.0 and later)
Lock Screen Notifications View	Blocks the Notification Center from showing on the lock screen. (iOS 7.0 and later)
Lock Screen Today View	Blocks the Today View from showing on the lock screen. (iOS 7.0 and later)
Ad Tracking	Limits ad tracking.
iTunes	Removes the iTunes icon and prevents access to the iTunes music store.
iTunes Store Password Entry	Requires the user to enter a valid iTunes password before every transaction.
Untrusted TLS Prompt	Automatically rejects untrusted HTTPS certificates without prompting the user. (iOS 5.0 and later)
Shared Stream	Blocks the shared albums or shared Photo Stream feature. (iOS 6.0 and later)
Screenshot	Prevents users from saving a screen capture of the display.
Safari	Removes the Safari icon and prevents the use of the Safari Web browser. This also prevents users from opening Web clips.
Photo Stream	Disables the Photo Stream feature. (iOS 5.0 and later)
Passbook While Locked	Prevents the Passbook notifications from being shown on the lock screen. (iOS 6.0 and later)
Over-the-air PKI Updates	Prevents over-the-air PKI updates. This restriction does not disable CRL and OCSP checks. (iOS 7.0 and later)

Authentication Authentication settings applicable to the device as established by the Effective Policy.

Element	Description
Password Required	A check mark indicates that password authentication is required.
Password Minimum Length	The least number of characters that the system will accept when the user creates a password. A value of 0 means there is no minimum length.
Password History	The number of passwords that the system will retain to prevent a user from reusing the same passwords. A value of 0 means the system will not prevent a user from reusing the same password.
Maximum Idle Timeout for Auto Lock	The number of minutes before an inactive device is locked. A value of 0 means the Auto Lock feature is disabled.
Maximum Failed Attempts Before Device Wipe	Indicates the number of failed authentication attempts allowed before the system deletes the device and the user data that it contains. A value of 0 means that this feature is disabled.
Password Expiry	Indicates if the user credential should expire after a set number of days. Set Days - The user credential expires after the number of days defined in Password Expiry Duration has elapsed. The user must change the password once it expires. If the user does not change the password, the device is marked as non-compliant. Never - The password does not expire.
Password Expiry Duration	The number of days that the user credential will remain valid, after which the user must choose a new password.
Password Complexity	Simple - The system does not impose any password requirements. The user can use any combination of letters, numbers, and/or special characters. Alphanumeric - The password must contain letters and numbers. Complex - The password must contain at least one letter, one number, and one special character.

Apps Apps provisioned to the device by the Effective Policy.

Element	Description
App Name	The name of the app, Web app, or shared folder app.
Description	A short description of the app set by the individual that added the app to the Mobile Security Manager.
Containerized	Yes indicates that the app has been secured using the Oracle Mobile Security Suite App Containerization Tool. Containerization adds enterprise security services to apps including advanced features such as multi-factor authentication and Integrated Windows Authentication (Kerberos or NTLM).
Virtual App Type	Either a Web App that displays in a web browser or a Shared Folder App that connects to a network file share.
Platform	Either Apple iOS, Google Android, or both.
Install on Homepage	If selected, makes virtual apps appear on the user's main screen or homepage.
Upgrade Alert	If selected, the user is alerted when launching an app if an upgrade is available. If the option is not selected, a badge on the catalog app indicates that an update is available, but the system does not alert the user otherwise.

Device Configurations The pre-configured E-mail, VPN, calendar, and/or Wi-Fi settings provisioned to the device by the Effective Policy.

Element	Description
Type	One of the following device setting types: VPN E-mail Wi-Fi Calendar For more information, see Chapter 6, "Device Configurations Help."
Configuration Name	The name of the device configuration applicable for this device setting type on this device.
Configuration Description	A short description of the device configuration applicable for this device setting type on this device.

Element

Description

Type

One of the following device setting types:

VPN
E-mail
Wi-Fi
Calendar

For more information, see Chapter 6, "Device Configurations Help."

Configuration Name

The name of the device configuration applicable for this device setting type on this device.

Configuration Description

A short description of the device configuration applicable for this device setting type on this device.

"Managing Devices and Workspaces" in Administering Oracle Mobile Security Suite

1.3 Workspace Management

Click a Workspace icon to open Workspace management controls and view additional details. This section provides details about Workspace management controls.

Use this view to:

Manage a specific Workspace on a specific device
View detailed information about a specific Workspace

This view is arranged in the following sections:

Action Bar
Workspace Information Tabs

Action Bar

Use the buttons to secure data in the Workspace.

Element	Description
Lock (Unlock)	Locks or unlocks the Workspace. An administrator can unlock the account using the Mobile Security Manager console. (The end-user cannot unlock a locked Workspace account using the Self-Service console.) To lock the Workspace remotely when it is unlocked, click Lock. To unlock the Workspace remotely when it is locked, click Unlock. Once the Workspace is unlocked, the user has to log in.
Wipe	Resets the Workspace to its original system state by erasing all of the stored data. This action does not remove the Workspace app. The user can log in to the Workspace again by providing their credentials, but all previously stored data will be lost.
Reset Passcode	Resets the passcode to a new randomly generated passcode that is displayed on the screen. The user must enter the new passcode the next time they open the Workspace. Note: The Reset Passcode button is only available if the Workspace is enrolled using certificate-based (PKINIT) authentication. This button will be available if a certificate is present, even though a PIN may not be required.

Workspace Information Tabs

Element	Description
Details	Click to: View read-only device and Workspace properties.
Apps	Click to: Search a list of apps installed within the Workspace. View a list of apps installed within the Workspace.
Activity	Click to: Search the container log for events that meet the search criteria. View event details about activities performed on the Secure Workspace app.
Credentials	Click to: View details about certificates provisioned to the Workspace. (The Credentials tab is not available if the container is registered with kinit authentication unless other certificates are present, in which case this tab is present.)
Policies	Click to: View policies applicable to the Workspace and the effective policy enforced on the Workspace. View policies having to do with authentication, security, and Workspace app settings.

1.3.1 Workspace Details Tab

View device and Workspace properties from this tab.

Basic Properties

Element	Description
Name	The package name of the Secure Workspace app.
Description	A short description of the type of device.
Identifier	A unique identifier assigned to the Workspace by the Mobile Security Manager.
Version	The version of the Workspace app.
Platform	Indicates the operating system software installed on the device. Either iOS or Android.
Platform Version	The version number of the operating system software installed on the device.
Compliance Level	One of the following: Fully Compliant Non-Compliant - Indicates that the device is out of compliance. Click the icon to view the reason(s) why.
State	The Mobile Security Manager registration status of this Workspace. One of the following: Registered De-registered Locked
User	The user ID of the user who enrolled the device with the Mobile Security Manager system.
Enrollment Time	Timestamp that indicates when the Workspace was enrolled with the Mobile Security Manager system. The recorded time is the time at the Mobile Security Manager server, not the time where the device is located.
Last Sync Time	Timestamp that indicates when the Workspace was last synchronized with the Mobile Security Manager system. The recorded time is the time at the Mobile Security Manager server, not the time where the device is located.

Workspace Properties

Element	Description
Manufacturer Device ID	The unique identifier assigned to a device by the manufacturer.
Gateway URL	The configuration URL for the Workspace app hosted by the Mobile Security Access Server.
Model	The model name of the device that the Workspace is installed on, for example: iPhone 3S, SM-N900, or Nexus 5.
Workspace Name	The package name of the Secure Workspace app.
Workspace Version	The version of the Workspace app.

1.3.2 Workspace Apps Tab

View apps deployed in the Workspace from this tab.

Click the app name to view the app details in a pop-up.

Element	Description
Search	Search for an app by name or leave the search box empty to display all apps installed in the Workspace.
App Icon Grid (Search Results section)	Displays applications installed in the Workspace that meet the search criteria.

1.3.3 Workspace Activity Tab

Search a log of Workspace activity from this tab.

Search Section and Page Controls

Element	Description
Search	Search for an event by typing an event key word. Search looks across fields for matching strings.
View	Choose from the menu to control how the search results are displayed: Columns - Click a column header name to quickly show or hide a single column. Click Manage Columns to open a dialog that lets you show, hide, and reorder multiple columns. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Sort	Choose from the following: Event - Sort search results alphabetically by the name of the logged event. Event Source - Sort search results alphabetically by the source of the event, for example Device or Mobile Security Manager. Initiated By - Sort search results alphabetically by the user or system that initiated the operation, for example the SecureWorskpace, or a specific user, such as the end user or an Admin user. Date/Time - Sort search results by the timestamp recorded on the device. This is the default option.

Events (Search Results) Section

Element	Description
Event	The name of the logged event.
Event Source	Indicates if the event was initiated by the Device, or if it was initiated by a command sent from the Mobile Security Manager.
Initiated By	Indicates the user or system that initiated the operation, for example the SecureWorskpace, or a specific user, such as the end user or an Admin user.
Location	The latitude and longitude coordinates where the event took place. If latitude and longitude are not available then this field will be empty. The coordinates will not be available if the user chooses to not allow location services for the Secure Workspace app.
Date/Time	The timestamp when the even occurred.

1.3.4 Workspace Credentials Tab

View details about certificates provisioned to the Workspace.

If no certificates are present, this tab is hidden.

This tab is only shown when a Workspace is configured to authenticate using a certificate (PKINIT-based authentication).

Element	Description
View	Choose from the menu to control how the search results are displayed: Columns - Click a column header name to quickly show or hide a single column. Click Manage Columns to open a dialog that lets you show, hide, and reorder multiple columns. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Serial Number	The serial number that uniquely identifies the certificate.
Expires On	Date and time that the certificate will stop being valid. The certificate should be renewed or replaced prior to this date.
Created On	Date and time that the certificate was created.
Issued By	The name of the certificate authority that issued the digital certificate.
Primary	Indicates if this certificate is the primary authentication certificate for this Workspace used for communication with the Mobile Security Manager.

1.3.5 Workspace Policies Tab

View the Effective Policy for the Workspace from this tab.

Applicable Policies

The list of mobile security policies that are applicable for this Workspace. Click an applicable policy name. The read-only policy details are shown in a pop-up.

Effective Policy

The mobile security policy that is enforced on the Workspace. Specifically, the Effective Policy is the merge of elements across all applicable mobile security policies. Device policy attributes (that is, MDM policy attributes) do not apply to Workspace policies.

Authentication The authentication settings applicable to the Workspace as established by the Effective Policy.

Element	Description
Authentication Only	If selected, hides the Workspace home from the user if the Workspace container is being used purely as an authentication client and not for any app UI.
Authentication Frequency	Specifies how often the user sees the login screen: Always - The user must authenticate every time they try to access the Secure Workspace on their device. Idle Timeout - Enforces authentication each time the Idle Timeout Period has been reached. The Timeout Period is the number of minutes a container is allowed to remain inactive before prompting with the login screen with a maximum of two hours. This period continues to apply while the user is outside the container. Session - Allows users to exit the Mobile Security Container to use other apps and does not require them to log in upon return until the session ends. A session expires when the Oracle S-token expires (configurable with a default of 10 hours) or the device closes the app due to low memory.
Idle Timeout Period	If Authentication Frequency is set to Idle Timeout, the length of time without user activity before the system requires the user to authenticate.
Account Lockout Threshold	The number of failed authentication attempts allowed before the Account Lockout Action is triggered.
Account Lockout Action	The action to take when the Account Lockout Threshold has been exceeded: Do Nothing - Do not take any action. Lock - Disables the Secure Workspace from operating and stops user access to virtual applications or information. Only an administrator can unlock the account using the Mobile Security Manager console. Once the Workspace is unlocked, the user still has to log in. Wipe - Delete the Workspace and the user data that it contains. This is a severe action that cannot be undone. Wipe assures nothing remains on the device for anyone to access.
PIN History	The number of previously used user credentials (PINs) that the system will retain so as to prevent a user from reusing the same PIN. For example, if PIN History is set to 3 and a user changes an initial PIN of demo1 to demo2 and wants to change it back, they cannot do so until they have changed the PIN to a different value a total of 3 times. PIN options only apply if your environment uses certificate-based authentication.
PIN Minimum Length	The minimum number of characters that the user must enter when creating a user credential (PIN). Set this value anywhere between 4 to 14 characters.
Shared Workspace Mode	Configures how the Secure Workspace functions on a device that is shared by multiple users. Choose from the following: Single User - The Workspace will only be used by a single user on a given device. Multi-User - The Workspace can be shared by multiple users on a given device. The Workspace data will be wiped every time a user logs out of the Workspace.
PIN Expiry	Choose Set Days to force the user to choose a new user credential on a regular basis.
PIN Expiry Duration	The number of days that the user credential will remain valid, after which the user must choose a new PIN. If the user does not change the PIN, the device is marked as non-compliant.
PIN Complexity	Indicates if minimum requirements are enforced when users create user credential (PIN) values.
PIN Complexity Min Checks	A number between 1 and 4 that indicates how many of the following Pin must contain... requirements must be satisfied. If the number of options selected below is greater than the PIN Complexity Min Checks value, users may set their PIN with any combination of options that meets the requirements. For example, if PIN Complexity Min Checks is 2 and all four complexity types are selected, a PIN with any combination of two or more of the requirements is acceptable.
PIN must contain lowercase	A check mark indicates that the PIN must include at least one lowercase letter.
PIN must contain uppercase	A check mark indicates that the PIN must include at least one uppercase letter.
PIN must contain special character	A check mark indicates that the PIN must include at least one non-alphanumeric character.
PIN must contain numeric	A check mark indicates that the PIN must include at least one numeric character.

Workspace/ Apps The allowed Workspace settings as established by the Effective Policy. Except for File Sharing and Copy/Paste, allowed items have a check mark.

Element	Description
Location Settings	Allows device location coordinates to be collected from the device if the user has allowed location services during installation. If disabled, the user is not asked to accept location services during installation and user location is not tracked.
Offline Access	Allows the user to access the information already in the container when the user is offline. If disabled, users cannot access the Secure Workspace unless they are online and logged in.
E-mail	Allows the user to send e-mail messages from the native OS e-mail client.
Instant Messaging	Allows the user to send instant messages from the Secure Workspace.
Video Chat	Allows the user to access video chat functionality such as FaceTime.
Social Share	Allows the user to access social sharing through integrated services such as Facebook or Twitter.
Print	Allows Workspace apps to print to a printer.
Redirects to Workspace	Allows apps outside the Secure Workspace to redirect a URL into the Workspace.
Save to Media Gallery	Allows photos, images, and videos to be saved to the local media store on the device.
Save to Local Contacts	Allows user contacts to be saved to the contacts manager on the device.
Redirects From Workspace	Allows the Secure Workspace to redirect to an app outside the Workspace with a custom URL scheme.
(Restrict) File Sharing	If checked, restricts the ability of the user to share files outside the Secure Workspace.
(Restrict) Copy/Paste	If checked, copy and paste is only allowed inside the Secure Container, containerized apps, or between containerized apps, but not to apps outside the Secure Workspace.

Application Settings The Workspace Apps settings as established by the Effective Policy.

Element	Description
Browser	Indicates browser settings as follows: Address Bar Enabled - A check mark indicates that the address bar in the Secure Browser (part of the Secure Workspace) is visible. If the box is not checked, the address bar is disabled and the Secure Browser is hidden. Download Bar Enabled - A check mark indicates that downloading is allowed in the Secure Browser. If the box is not checked, downloading is disabled.
Doc Editing	Indicates doc editing settings as follows: Allow - A check mark indicates that the user can access the Workspace doc editor app (if installed).
File Manager	Indicates file manager settings as follows: Allow - A check mark indicates that the user has full access to the Workspace file manager utility. Download Allowed -A check mark indicates that the user can download files and save them locally.
File Manager Server Based URL	If the File Manager function is enabled, this is the URL of the File Manager service that provides access to network file shares.
PIM	Oracle Secure Mobile Mail Manager (the personal information manager app) covers e-mail, calendar, contacts, and notes. Indicates settings as follows: Allow - A check mark indicates that the user can access the Workspace personal information manager app.
E-mail Server URL	The URL of the e-mail server that the personal information manager app will connect to.
Basic ActiveSync Authentication	Indicates if Basic authentication is enabled.
Configuration Type	One of the following: AUTO - The user only needs to enter their e-mail ID. Server details and the password value are populated automatically. BASIC - The user needs to enter their e-mail ID and password. Server details are populated automatically. MANUAL - The user needs to enter all details: their e-mail ID, server details, and the password value.

Time Access / Geo Access These Effective Policy settings restrict access to the Workspace by time and/or location. When these policies are violated the Workspace automatically locks, and when they are back in compliance the Workspace automatically unlocks.

Element	Description
Time-fence	Shows up to five access windows between 12:00 midnight and 11:59 pm that can be set to restrict user access to the Workspace. The time in the From column specifies the time that restricted access should start, and the time in the To column specifies the time that restricted access should end.
Geo-fence	Shows the cities, states, or countries where access to the Worksapce is allowed. If no Geo-Fence is defined the policy defaults to no geo-location restrictions.

Apps Apps provisioned to the Workspace by the Effective Policy. Only the apps listed can be installed in the Workspace. These apps show up in the user's App Catalog inside their Workspace, if enabled.

Element	Description
App Name	The name of any apps, Web apps, or shared folder apps that are assigned to this Workspace policy.
Description	A brief note regarding the app created by a Mobile Security Manager administrator.
Containerized	Indicates if the iOS or Android app is containerized. Containerization adds enterprise security services to apps including advanced features such as multi-factor authentication and Integrated Windows Authentication (Kerberos or NTLM).
Virtual App Type	Indicates if the app is a Web App that runs on a remote server and displays in a Web browser, or a Shared Folder App that users can mount on the Workspace.
Platform	Either iOS or Android or both. This field applies to Apps, but not Virtual Apps.
Install on Homepage	If selected, makes virtual apps appear on the Secure Workspace's home screen.
Upgrade Alert	If selected, the user is alerted when launching an app if an upgrade is available. If the option is not selected, a badge on the catalog app indicates that an update is available, but the system does not alert the user otherwise.

"Managing Devices and Workspaces" in Administering Oracle Mobile Security Suite