Device group
How device groups work
Device groups allow you to manage multiple devices that share common characteristics. This collective approach simplifies the deployment of policies, updates, and configurations. When a device is enrolled, it must be assigned to a device group, at which point the device immediately inherits the policies associated with its device group.
Static groups
A static device group is a set of devices manually managed by administrators. Devices are individually added or removed from the device group, and each device can only belong to one static group at a time.
Characteristic | Description |
|---|---|
Manual assignment | Devices are assigned to static groups during enrollment or through administrative actions. |
Exclusive membership | A device can only belong to one static group at a time. |
Mandatory assignment | All devices must be part of a static group. |
Device group states
A device group can exist in one of two states, depending on its current usage.
State | Description |
|---|---|
Enabled | The default state when a device group is created. Devices can be added to the group and assigned policies are active. |
Disabled | No new devices can be added to the group. Existing devices will continue to operate under the assigned policies. |
Dica
Disabling a device group is useful for phasing out a group without impacting the devices already assigned to it.
Policies and device groups
Device groups use policies to define the rules and configurations that govern device behavior, security, and updates. Policies are assigned to device groups to ensure uniform management across all devices within the group.
Policy type | Description |
|---|---|
Certificate policy | Manage authentication by issuing and renewing certificates, ensuring secure communication between devices. |
Deployment policy | Control the distribution and installation of firmware updates, applications, and configuration changes. |
Security policy | Enforce security measures such as access controls, encryption standards, and compliance with organizational policies. |
Disruptive policies
Disruptive policies are those that alter the operational state of a device, such as firmware updates or configuration changes that require a reboot. These policies can only be applied to static device groups to ensure that changes do not conflict with other policies or actions. Examples of disruptive policies include:
Firmware updates that may restart a device.
Security patches that modify core configurations.