Skip to main content
Matrix42 Self-Service Help Center

Secure Unified Endpoint Management 21.0.2

About this Release

Matrix42 Secure Unified Endpoint Management 21.0 Update 2 provides new and improved features that have been implemented. During the development of this version, we have been focusing on valued feedback from our customers and partners to provide an ideal feature selection.

System Requirements

Please refer to: Installation Guide II: System Requirements

New Features

Matrix42 PackageCloud Integration

Matrix42 PakageCloud offers a variety of pre-built software distribution packages. A description can be found in the Matrix42 Marketplace. The integration allows you to easily search for packages and directly integrate or download them.

Without authentication set up, all packages are displayed under "Software Distribution -> PackageCloud". Details about packages can be retrieved by selecting a package.

Note that to import or download packages, authentication to the Matrix42 Account Service must be established. This is done in the Administration in the Service Connections section. Depending on whether your company has a PackageCloud subscription, either all or only the "free" packages are downloadable.

The ability to create a service connection to the Matrix42 Account Service will be provided with a DWP 10.1.1 hotfix after the initial release.

Add Mobile Device(s)

Administrators can initiate and execute enrollments for modern managed devices, based on available user information in the Digital Workspace Platform. Please refer to Release Notes Silverback 21.0 Update 2  for reviewing information about the background activities.

Initiate Enrollment

  1. Navigate to Endpoint Devices and click +Add Mobile Device
  2. Select at least one of the available users and select if the device is a personal or a corporate owned device
  3. Finish the Enrollment Invitation with Send Invitation

Please make sure that the selected users are authorized to connect their devices. The selected users must either be part of the stored LDAP filter in the Silverback Web settings or alternatively exist as a local user in the system. The user(s) will receive an e-mail notification with the access data upon successful validation.

  1. Proceed with User Driven or Administrator Driven Enrollment 

User Driven Enrollment 

  1. All invited Users will receive a new Email with Enrollment Information based on the Admin Provisioned a Device Notification for User Email Template
  2. Users can now scan the QR-Code or follow the instructions given in the Email

Administrator Driven Enrollment 

Option 1: You are a Silverback Administrator 

  1. Silverback Administrators will receive by default a new Email with Enrollment Information based on the Admin Provisioned a Device Notification Email Template
  2. Administrator can now scan the QR-Code or follow the instructions given in the Email

Ensure to have the Receive Email Alerts checkbox enabled in the Silverback Management Console

Option 2: You are not a Silverback Administrator

  1. Switch to the Administration Application and navigate to Integration > Enterprise Service Bus > Remote Actions
  2. Search for Name Add Mobile Device and open the action preview
  3. Search for the following entry: Pending Enrollment created for Email with Otp p6tw
  4. To add a device on behalf to a user, open on the device the following adjusted URL:
  5. Enter the username and the OTP to download the profile. Follow the given device instructions. 

Add Applications

Administrators can upload and distribute from now on enterprise applications for modern and co-managed devices.  Please refer to Release Notes Silverback 21.0 Update 2 for reviewing information about the background activities. 

The file upload requires that the File Upload Service is configured in the Administration. See File Upload Extension

General Overview

Upload, configure and distribute your enterprise applications for Android, iOS, iPadOS, macOS and Windows devices. Navigate to Software Distribution > Apps and select the new Add Application option.  Drag and Drop your binary to add your enterprise application to the package library. By adding an application and based on the file type, Secure Unified Endpoint Management will guide you through the additionally needed information and requirements. Each uploaded application will automatically generate under Endpoint Configuration > Tags a new assignable Tag. 

  Android iOS/iPadOS macOS Windows Additional Information
Supported filetypes *.apk *.ipa *.pkg *.msi Drag and Drop your application or select the file with the open function. 
Name Required Required Required Required Enter a name with less then 250 characters
Description Required Required Required Required Enter a description with a maximum of 500 characters
Configuration Not available Optional Optional Optional Add an optional application configuration. Apple applications requires the configuration in an XML format. For Windows applications, add your *.msi installation parameters here.
Icon Optional Optional Optional Optional Upload an icon. Supported file types are *.png, *.jpg, and *.ico
Property List Not available Required Required Not available Upload a valid property list file for the bundled executable with file type *.plist
Operating System Not available Available Not available Not available As *.ipa is the filetype for iOS and iPadOS devices, select at least one target operating system. 

Additional Notes 

  • After first upload of your Enterprise Application, a new Tag will be generated automatically
  • Existing Tags will be updated if the following criteria remains the same
    • App Identifier / Bundle ID
    • Operating System
    • Version
    • Application Type
  • By default, Enterprise Applications will be imported with enabled App Management options Visible in App Portal and Automatically push to managed devices
  • If you need to adjust your configuration, you need to upload the package again 

New Actions for Endpoint Devices

One important part of device management is to handle the day-by-day support for administrators. In this release we extended for modern and co-managed devices several day-by-day actions. Each action can be performed as a single method or in bulk. If unsupported platforms will be selected, the option for the bulk execution will disappear in the User Interface. Each action can be reviewed in the Administration Application under Integration > Enterprise Service Bus > Remote Actions.  

Rename will be applied after the device is connecting the next time to the Server. You can execute refresh afterwards to rename the device instantly if the device is online. 

Device Action Android iOS / iPadOS Windows tvOS
Clear Passcode Yes Yes    
Restart Yes Yes Yes Yes
Rename   Yes Yes Yes
Message   Yes    
Shutdown   Yes    
Location   Yes    
Play Sound   Yes    
Lost Mode   Yes    
Defender Signature Update     Yes  
Defender Offline Scan     Yes  
Clean     Yes  

Improvements and Changes

Package Upload Wizard

  • The Package Upload Wizard can now use Matrix42 Service Accounts (Matrix42 Cloud Customers only).
  • The configuration used by the Package Upload Wizard can be configured. If multiple connections for the file upload service are configured, it is possible to select the desired in UEM -> Settings. If no connection is selected it will use the latest modified entry of the file upload service connections.

File Upload Service Extension

The Extension is automatically installed when installing or updating the UEM Extension. The Extension is hidden in the Extension Gallery.

  • New option to use the Service Connection of the Digital Workspace Platform
    • Used for authenticating to the Matrix42 Marketplace for the Package Cloud integration
    • Matrix42 Cloud customers will be configured to use this new option for configuration of the file upload service
  • The configuration of the Extension is located in Administration - File Upload Service - Storage Connections

 User Interface

  • Added new Pickups for Windows 11 and Windows Server 2022
  • Renamed App Filter Windows 10 to Windows

EgoSecure Data Protection UUX

  • Standalone EgoSecure Service Bus Adapter is no longer available as a separate installation package, it is now a part of all-in-one EgoSecure Server installer as a component
  • Full Disk Encryption policies can now be configured in Depot 
  • Pre-Boot Authentication policies can now be configured in Depot 
  • Assignments to apply Full Disk Encryption and Pre-Boot Authentication policies to the target systems via Enterprise Service Bus were added
  • EgoSecure Service Bus Adapter and EgoSecure Server version information is available now in UUX Console in the General Settings section 
  • Connection status with EgoSecure Server and EgoSecure Service Bus Adapter available in UUX Console for simplified connectivity troubleshooting 
  • Version mismatch detection between solution components (UUX Console, EgoSecure Server and EgoSecure Service Bus Adapter) was added 
  • EgoSecure License management wizards to manage EgoSecure Server licenses using Activation Code and License Key files were added
  • Communication between EgoSecure Service Bus Adapter and EgoSecure server was improved and simplified
  • Was this article helpful?