According to McAdmin, at least in WWDC 2022 there may be more opportunities for engineers and developers to implement declarative device management solutions.
During the pre-event podcast, speakers argued that Apple should eventually introduce support for all mobile device management (MDM) providers for declarative management. Could this include bringing declarative device management to Mac?
What is Declaration Device Management?
Apple introduced the first announcement device management last year, mainly for two reasons: to make devices more active and to reduce the impact on MDM servers that handle large fleets of devices. It should increase performance and scalability.
“By sending announcements to the device and using the status channel, the device becomes more autonomous and active. And your MDM solution will handle many aspects of the device experience using the MDM protocol, ”explains Apple’s developer note.
The difference between standard MDM and declarative can be seen as follows:
Standard MDM:
When MDM sends a command to the device, multiple interactions between the server and the device are required to implement the change. Alternatively, the MDM system should be asked to update the device for any changes made at the end of the device. The device does not monitor itself for significant changes, and will not actively communicate with the MDM system to report such changes.
Announcement:
Devices monitor themselves and can notify an MDM system if a change is applied. They can set up faster changes with less interaction between servers and devices. In part, this autonomy gives the device better protection when it is offline, or when the MDM server is unavailable. In fact, the policies can be implemented more quickly and administrators benefit from more accurate information about fleet devices.
How did Apple build its declarative device management system?
At WWDC 2021, Apple launched the first version of its Declared Device Management Protocol. It depends on the announcement, the status channel and the extensibility.
What is an announcement?
An announcement is basically a policy decision given on the device. This can be for access to account settings or enterprise services, but can also be applied at the user or device level. You can grant the same privileges to all your users, but assign administrator rights to specific individuals from their devices (s), for example.
[Also read: WWDC: Is Apple preparing to give iPad a mammoth upgrade?]
Announcements may include device configuration, resources (such as username and certificate) and activation – the principles that apply to the device. Once a device pulls out all available announcements from the MDM server, it will begin to apply the policy changes needed to work between them.
What is a status channel?
In its simplest case, MDM engines use it to poll the device for important changes, such as requesting a notification when a device upgrades to its iOS version. This can then trigger the deployment of additional policies on the device compatible with the newly installed operating system.
What is extensibility?
A good example of what is meant by extensibility in terms of operating device management might be related to upgrading a device’s operating system. The device can notify the MDM server that an update has been made and MDM can then set a new policy that enables a new feature that may not have been previously supported. An MDM may be able to detect which devices have been upgraded to set up a new feature.
Developers can watch a WWDC 2021 session on Declaration Device Management here.
How will Apple improve advertising device management?
We know that Apple has already called Declaration Device Management the “future of device management”, which means that the company will continue to invest in improving its existing systems.
It also sends a strong message to developers that the solutions they provide should prioritize their support for Apple’s systems, or in the case of clients, the MDM systems they choose to use.
Apple’s first iteration supported the iOS device, which in itself meant that the company wanted to expand it to other platforms, including the Mac. Mac integration makes perfect sense due to the continued rise of the Mac in Apple Business Essentials and Enterprise – but it seems possible that the feature will only be available on Macs powered by an M-Series Apple Silicon Chip.
We’ll look at WWDC22 later today to find out if this has happened. For all the key highlights for Enterprise IT, check back here later
Follow me TwitterOr join me on AppleHolic’s bar & grill and Apple discussion group on MeWe.
Copyright © 2022 IDG Communications, Inc.