Fevereiro 15, 2016

What's new in Knox 2.6?

Samsung Knox News

Knox 2.6, the latest version of our mobile security platform, is now available. The 2.6 release of the Knox platform is optimized for Android M and contains a number of features that enhance security, user productivity, and the Knox developer toolkit.

Some of the major features of this release are listed below and grouped thematically. For a full list of features, please visit the Samsung Enterprise Alliance Program.

NOTE — Depending on your region and mobile service provider, Knox 2.6 may not be available on your device yet. Knox 2.6 is released as a part of your device software update package. Go to Settings > About device > Software update to check if any device updates are available.

Also note, some features may not be supported by your local EMM. Contact your EMM for more information.

 

Deeper Android for Work support and integration

Google Play for Work for Knox Workspace: Knox works with Google Mobile Services to allow a Google Play profile in Knox Workspace. IT admins are able to control the list of apps users can download in the Google Play Store.

Knox security enhancements for AfW Managed Profile: Device integrity is based on TIMA measurements. Client Certificate Management (CCM) is the default KeyStore for certificates. Sensitive Data Protection (SDP) allows for encryption of Managed Profiles.

Handling dangerous run-time app permissions in Android M: This feature allows IT admins to disable the user option to uncheck app permissions.

Prevent category collisions between Knox and SE for Android on Android M: Android M assigns category values to apps to provide isolation. Knox supports this isolation to prevent conflicts.

 

Advanced security

Knox Mobile Enrollment improvements: Protects the process of bulk enrollment of devices from network attacks.

VPN HTTP Proxy Authentication: For Knox Workspace, HTTP Proxy configurations over VPN now support proxy authentication via NT LAN Manager and basic authentication.

Enhanced Real Time Kernel Protection (RKP): RKP now extends security to Namespace Data Structure protection. RKP monitors some critical kernel data structures to verify that they are not exploited by attacks.

Kernel address space layout randomization: The Knox platform ensures that the memory address of kernel data structures and code are randomized from one device to another.

Security Management Unit (SMU) protection: Secures Knox data on devices using the new Universal Flash Storage (UFS) memory in place of the older eMMC memory.

 

Increased end user productivity

Multi-window support for Knox: End users can now use apps in the Knox container alongside apps outside the container. i.e. View a video outside the container while taking notes on an app inside the container.

Enable Speech-to-Text feature in the Knox container: Enables Google Voice for apps inside Knox Workspace.

Clipboard/ copy & paste from outside to inside: IT admins can now allow end users to copy/ paste from outside Knox Workspace into Knox Workspace. Copying from the container to the personal space remains restricted.

 

Granular management for tighter control

Trust Anchor Management: On BYOD devices used for play and work, the end-user and IT admin can choose to trust a different set of Certification Authority (CA) certificates.

Per-app roaming control: Controls which apps are allowed to use mobile data when the user is connected to a roaming network. This ensures personal apps to not use enterprise mobile data during business travel.

IRM Enhancements: Information Rights Managements (IRM) enables IT admins to enforce tighter policies on Knox Workspace to prevent enterprise data loss or leakage.

Control Security Policy Database (SPD) updates: EMMs can enforce enterprise-managed devices to receive security policy updates without the end user manually enabling the feature in settings.

Enhanced Knox container isolation granularity: Adds control of Android app permissions to prevent interactions with the Knox container apps to only the necessary system apps.

 

Further enable partner ecosystem

Cloud SDK UMC + EMM agent: Provides EMMs with APIs that enable EMM agents and consoles to access Knox features.

Knox Customization SDK: Adds the ability to customize apps for Standard and Premium SDKs. This includes enhanced system control to add or remove widgets and shortcuts to the home screen, and the ability to add items in Settings for Professional Kiosk mode.

Knox Enabled Apps enhancements: Enhancements to KEA give app developers increased flexibility. New features include user access to internal memory in personal mode, and the ability for users to save app data and settings when an app is upgraded to KEA.