Forum Discussion

hatimg's avatar
hatimg
Level 1.5: Cupcake
16 days ago

Google services

We have a cloud customer on SoTI mobicontrol who wants to block all outbound traffic in their firewall and only allow what is strictly required. I’ve provided the customer with the official system requirements for SOTI MobiControl and Android Enterprise.

However, the customer is only familiar with managing Apple devices and is looking to open the absolute minimum necessary for Android Enterprise to function — particularly avoiding wildcard domains (*) where possible.

Can anyone help clarify which Android Enterprise network requirements are actually essential, especially when it comes to Google services, and which ones we can safely leave out? No file sharings, and remote control will be allowed by the customer.

1 Reply

  • Moombas's avatar
    Moombas
    Level 4.1: Jelly Bean
    16 days ago

    This really depends on what kind of services are you using from Google.
    In general, don't be surprised if you run into (unexpected) issues if you block too much (even it may work for some time).

    But on this site: https://support.google.com/work/android/answer/10513641?hl=en it's already somehow described what kind of URL's and ports are used for what.

    Also keep in mind that you may need openings even you think you don't use/need it because a used app uses a Google service (we had this with the firebase thing for example or like the push service) in order to work.

    Also need to mention the remote control is something from Soti side not from Google, so in that regard, even you would allow it via network, you could block it by user permission inside the MDM.

    I really understand this whole thing but our experience says: better allow it, otherwise you will by sure at some point into issues when the system grows.