Now it’s easy to keep your device protected. With Samsung KNOX, you’re free to use it for both work and play.
It gives you all the security you need for enterprise mobility.
Features of KNOX
KNOX is conveniently integrated with your existing MDM, VPN and Microsoft Exchange ActiveSync, enabling you to tailor a security solution that best fits the needs of your enterprise. Or you can choose to manage Samsung devices using KNOX EMM that is completely cloud-based so it doesn’t require the capital costs of on premise hardware and software. Experience complete management capabilities without adding complexity, with over 500 supported IT policies available with KNOX and over 1,000 MDM APIs with more being added every day employees will love the freedom to customise their device with personal apps and data, worry-free.
Only secure, tested apps make it onto the KNOX workspace. A full collection of ready to use apps are pre-loaded including Contacts, Calendar, Phone, Browser, Camera and Email. Boost productivity with full access to download the latest mobile tools and apps through Samsung KNOX Apps.
Today, business is changing. Employees are 'always on' and always vulnerable. With malware and security breaches happening daily, you need a secure mobile platform that works 24/7. Your data at rest is secured using on-device encryption and SmartCard authentication. Protect data in transit with per-app VPN, and encryption keys. In the case of theft, remotely wipe devices and take advantage of our Absolute Theft Recovery service
KNOX is secured from the boot up. Only the KNOX-hardened Android platform protects your infrastructure with multi-level, hardware-to-application security via Trusted Boot and TrustZone-based Integrity Measurement Architecture (TIMA) to keep your business intelligence and network safe from hacking, viruses and unauthorised access.
Technical details of KNOX
Secure Boot is a security mechanism that prevents unauthorised boot loaders and kernels from being loaded during the startup process. Firmware images, such as operating systems and system components, cryptographically signed by known, trusted authorities, are considered authorised firmware. Secure Boot is a component that forms the first line of defence against malicious attacks on devices with KNOX.
Trusted Boot on KNOX extends Secure Boot to further ensure kernel integrity. Trusted Boot uses the TrustZone, a tamper-resistant sector of an ARM processor. During the boot process, the TrustZone saves cryptographic fingerprints (called measurements) from all boot loader and OS kernels. At system run time, TrustZone apps on KNOX constantly compares all measurements. Critical security decisions are made based on the compared results.
TrustZone-based Integrity Measurement Architecture (TIMA)
Samsung KNOX introduces the TrustZone-based Integrity Measurement Architecture (TIMA). TIMA uses the TrustZone a tamper-resistant sector of an ARM processor. TIMA uses two techniques to ensure that the Linux kernel has not been compromised:
Periodically verifies that the kernel has not changed, through measurements retrieved from the kernel and comparisons against the original factory kernel
Authenticates kernel modules as they are dynamically loaded.
Mobile Device Management (MDM)
The Samsung KNOX platform can be managed with a Mobile Device Management (MDM) system. Samsung has partnered with MDM vendors to integrate KNOX capabilities into current MDM consoles used by enterprises.
Prior to KNOX, Samsung for Enterprise (SAFE) enabled enterprise IT admins to manage Samsung mobile devices through MDM consoles with a comprehensive suite of IT policies. Samsung KNOX adds even more security and management policies.
A MDM agent on a device implements an IT admin's policies by calling SAFE and KNOX Application Programming Interfaces (APIs) on the device. For example, your IT admin could invoke a policy to wipe a device if the kernel is compromised; the agent will call the APIs to carry out this order on the device.
KNOX in Enterprise
Samsung KNOX can be easily integrated with your existing MDM solution or your existing Microsoft Active Directory. When you buy and activate KNOX licences, a virtual container is installed on your employees' devices, designed to secure all enterprise apps and data. Apply security policies through your MDM console and push them to employee devices.
Samsung KNOX creates a multi-faceted security solution rooted in the tamper-resistant device hardware, through the Linux kernel and Android operating system. The first line of defence against malicious attacks, Samsung KNOX is strong enough to run on government grade networks.
To integrate KNOX into your enterprise you will need Samsung Galaxy devices, KNOX licences and a MDM solution. You may purchase KNOX licences through a Reseller or in the KNOX Marketplace. If you need assistance to get KNOX up and running there are a variety of resources available including on our Resources page.
Need more Info?
Request information about Samsung business products, solutions and services. We will contact you shortly.Email UsBusinessUK@samsung.com
10 secrets of highly productive companies
Some companies just seem to get it done, but it’s not voodoo. We’ll have a look at what makes the difference between productive winners and less-efficient also-rans.Read More
Going mobile: 25 surprising new workplaces
Work is something you do, not a place you go to every day. Laptops, tablets and smartphones mean that people can work almost anywhere and be productive. This article showcases some of the more exciting, interesting and extraordinary new workplaces.Read More
GALAXY Tab3 Series
Introducing Samsung GALAXY Tab3 series – because one size does not fit all Samsung GALAXY Tab3 devices make it easy for business users to connect and collaborate by supporting various solutions partnered with a wide range of leading solution providers.Download pdf
Samsung Enterprise Mobility for BYOD
Samsung Enterprise Mobility is designed to provide businesses with the comprehensive set of tools needed to successfully embrace the BYOD trend.Download pdf