Overview
To have a fully functional Mobile Device Management system, it is necessary to have a properly deployed set of CapaInstaller services within the company's network infrastructure.
Services
Service | Port Number | Data Type | Direction | Destination DNS URL - Outgoing | Description |
|---|---|---|---|---|---|
cimdm | 443 (SSL) | TCP | PUBLIC -> → DMZ | Mobile devices retrieve configurations and applications | |
cimdm | 443 (SSL) | TCP | DMZ → PUBLIC | Gateway for: Apple Push Network Service (APNS): http://support.apple.com/kb/TS4264 Google Cloud Messaging: http://en.wikipedia.org/wiki/Google_Cloud_Messaging Microsoft Open Mobile Alliance (OMA): | |
| Self Selfvice Service Portal | 9443(SSLDefault) | TCP | PUBLIC -> → DMZ | Used to access the Self-Service portal from the devices | |
cibackend | 5023 (Default) | TCP | DMZ → SERVER | cimdm get profiles and configurations | |
cifrontend | 5022 (Default) | TCP | DMZ → SERVER | cimdm authenticates users when enrolling devices | |
| cifrontend80 | 443 (SSL) | TCP | SERVER → PUBLIC | download.capainstaller.com | Retrieve updated information about device models and versions |
Devices
For end-user devices to support mobile device management, the devices must communicate with different network services
Devices | Port Number | Data Type | Direction | Destination DNS URL - Outgoing | Description |
|---|---|---|---|---|---|
| All devices | 443 (SSL) | TCP | LAN -> PUBLIC→ PUBLIC | DMZ Server | Used for secure communication between iOS devices and the MDM server. |
Android devices | 5228 (Google server) | TCP | LAN -> PUBLIC→ PUBLIC | This port is used for communication between Android devices and Google Cloud Messaging (GCM), which sends push notifications and other data to Android devices. | |
Android devices | 5229 (Google server) | TCP | LAN -> PUBLIC→ PUBLIC | This port is used for communication between Android devices and GCM over a secure connection. | |
Android devices | 5230 (Google server) | TCP | LAN -> PUBLIC→ PUBLIC | This port is used for communication between Android devices and GCM for sending and receiving multicast messages. | |
| Android devices | 443 (Google server) | TCP | LAN -> PUBLIC→ PUBLIC | This port is used for secure communication between Android devices and the MDM server. | |
| Apple devices | 2195 (Apple server) | TCP | LAN -> PUBLIC→ PUBLIC | gateway.push.apple.com | Used for sending push notifications to iOS devices. |
| Apple devices | 2196 (Apple server) | TCP | LAN -> PUBLIC→ PUBLIC | feedback.push.apple.com | Used by the APNs Feedback Service to send feedback to the MDM server about failed push notifications. |
| Apple devices | 5223 (Apple server) | TCP | LAN -> PUBLIC→ PUBLIC | Used for communication between iOS devices and APNs. It is also used for device activation. | |
| Windows Phone device | 443 (Microsoft server) | TCP | LAN -> PUBLIC→ PUBLIC |