Samsung KNOX is the comprehensive enterprise mobile solution for work and play. With the growing use of smartphones in business, it addresses mobile security needs of enterprise IT without invading privacy of employees.
Samsung KNOX addresses platform security with a comprehensive strategy: Hardward baked in Secure Boot, ARM TrustZone based Integrity Measurement Archi-tecture and Kernel with built in Security Enhanced Android Mandatory Access Controls to secure the system.
Secure boot cryptographically ensures that only tested, verified, authorized software can run on the device. If a software image is not signed with the autho-rized key, it will not allow system to boot with the image. Secure Boot is one of the main components that forms the first line of defense against malicious attacks on devices with KNOX solution.
Security Enhanced Android
By default, Android implements a Discretionary Access Control (DAC) as security model, where users at their discretion can give root privileges to applica-tions. Also, it does not prevent a user or application with root permissions from modifying the operating system, kernel, and any other application.SE Android is designed to close this security gap in open Android. SE Android enables SELinux in Android, a technology developed by US Government Security Agency (NSA). SE Android implements mandatory access control (MAC) as security model which even limits "root" from total access to the system. This greatly limits the damage from the flawed, malicious apps or rooting exploits.
TrustZone-based Integrity Measurement Architecture
Samsung’s TrustZone-based Integrity Measurement Architecture (TIMA) was developed to close this vulnerability. Introduced in KNOX, TIMA uses ARM Trust-Zone hardware and provides continuous integrity monitoring of the Linux kernel in the runtime memory.
In addition to securing the platform, Samsung KNOX solution addresses enterprise application and data security require-ments. KNOX container provides security for enterprise data by isolating enterprise applications and encrypting enterprise data both at rest and in motion.
KNOX container is an isolated and secure environment on top of Android and it runs Android applications. Applications and data inside the container are isolated from applications outside the container. However some apps inside the container are allowed to access to information outside the container such as contacts and calendar.
Encrypted File System
KNOX container uses a separate encrypted file system completely isolated from applications outside the container. The data is encrypted using an Advanced Encryption Standard (AES) cipher algorithm with a 256-bit key(AES-256).
Virtual Private Network
KNOX container offers on demand FIPS certified VPN client. KNOX VPN client profiles are pushed by enterprise. In addition, enterprise can also select which apps inside the container are required to use the VPN. The VPN automatically starts when a user launches any of enterprise designated apps. KNOX con-tainer VPN offers support for strong IPSec VPN encryption for most sensitive government agencies, including support for Suite B cryptography.
Samsung KNOX for Enterprise
Samsung KNOX for IT Managers
Data leakage, malware & malicious attacks: comprehensive protection
Samsung KNOX is a more secure, flexible system for your mobile. Samsung KNOX enhances the security and management of mobiles systems in the work-place.
Samsung KNOX for Employees
Using personal mobiles for work
Samsung KNOX offers a seamless, intuitive platform for at work and at home. Our containers understand the importance of enterprise security outside the office, creating a fully secure zone within every employee’s mobile for work-related content. They can also restrict access to specific applications within the container.
Samsung KNOX for Partners
Samsung KNOX – an easier way to manage mobiles
Samsung KNOX provides an in-built solution, offering faster, comprehensive mobile security. Samsung KNOX has a standard API fully compatible with part-ners and ISVs – and vice versa. With Samsung KNOX, you can write your Enterprise App once (using Samsung KNOX API) and you can access more than
100 million devices annually.