Samsung KNOX™ is the comprehensive enterprise mobile solution for work and play. With the increasing use of smartphones in businesses, Samsung KNOX addresses the mobile security needs of enterprise IT without invading the privacy of its employees.
Customisable Secure Boot* Customisable Secure Boot ensures that only verified and authorised software can run on the device. Customisable Secure Boot is a primary component that forms the first line of defense against malicious attacks on devices with Samsung KNOX. In addition, Samsung Knox's Secure Boot technology allows the switch of the secure boot root certificate in a secure manner after the devices are shipped. As a result, customers that have high security requirements can purchase regular consumer devices and switch the root-of-trust used for secure boot to better protected ones. * Customisable Secure Boot availability varies depending on hardware specification.
TrustZone-based Integrity Measurement Architecture (TIMA) TIMA runs in the secure-world and provides continuous integrity monitoring of the Linux kernel. When TIMA detects that the integrity of the kernel or the boot loader is violated, it takes a policy-driven action in response. One of these policy actions disables the kernel and powers down the device. ARM™ and TrustZone™ are registered trade marks of ARM Limited in the EU and elsewhere.
Security Enhancements for Android Security Enhancements for Android provide an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements. Security Enhancements for Android isolates applications and data into different domains so that threats of tampering and bypassing of application security mechanisms are reduced while the amount of damage that can be caused by malicious or flawed applications is minimised.
Samsung KNOX Container Samsung KNOX Container is an isolated and secure environment within the mobile device, completed with its own home screen, launcher, applications, and widgets. Applications and data inside the container are separated from applications outside the container. This provides a powerful solution for the “data leakage problem” associated with the BYOD model.
Encrypted File System Samsung KNOX container uses a separate encrypted file system completely isolated from applications outside the container. The data is encrypted using an Advanced Encryption Standard (AES) cipher algorithm with a 256-bit key (AES-256).
Virtual Private Network Samsung KNOX container offers an on-demand FIPS-certified VPN client called per-app VPN. Per-app VPN provides enterprise IT administrators with the ability to configure, provision, and manage the use of VPN on a per-application basis. Samsung KNOX container VPN offers support for strong IPSec VPN encryption for most sensitive government agencies, including support for Suite B cryptography.
Samsung KNOX for Enterprise
Samsung KNOX for Employees Using personal mobiles for work Samsung KNOX offers a seamless and intuitive dual-persona platform for situations when a single Samsung device is used for both work and play. Samsung KNOX Container provides the user reassurance that their personal applications and data are safe and separate from their work environment.
Samsung KNOX for Partners An easier way to create enterprise grade mobile applications Samsung KNOX enables existing Android eco-system applications to automatically gain enterprise-grade security for data storage and transmission without any new application development. Samsung KNOX also relieves application developers from the burden of developing individual enterprise features such as FIPS-compliant VPN, on-device encryption (ODE), and enterprise Single Sign On (SSO).