Airwatch console is a central administrative console that allows the enterprise IT team to secure and manage endpoint devices of its employees with Mobile Device Management and Mobile Application Management capabilities with Unified Endpoint Management(UEM).

Introduction

In recent times, as the Bring Your Own Device(BYOD) policy is becoming increasingly popular, more and more employees are using personal devices to perform corporate tasks. This concept is further fueled with cloud technology allowing users to access corporate servers remotely and greater abilities in personal devices.

These personal devices are unsecured and use local networks to access corporate servers representing a variety of endpoint vulnerabilities that can compromise enterprise security. This led to the development of Enterprise Mobility Management(EMM) solutions providing companies Mobile Device Management(MDM) and Mobile Application Management(MAM) capabilities on a Unified Endpoint Management(UEM) platform enabling admins to secure and manage devices remotely and centrally.

One such EMM solution is Airwatch. The Airwatch Console allows the admin to manage, secure and control all endpoint devices centrally and remotely.

What is Airwatch Console?

Airwatch Console is a central administrative console that allows the enterprise IT team to secure and manage the endpoint devices of its employees. Airwatch Console allows Mobile Device Management(MDM) and Mobile Application Management(MAM) capabilities. All the endpoint devices are enrolled on to a single platform with Unified Endpoint Management(UEM). The admin can view the device statistics in detail, control user access, deploy applications, send messages and notifications to end-users, and get analytical reports on endpoint devices, among other features. The admin can also control content repositories that store all enterprise data and documents and access the company intranet. In case of a security breach or non-compliance of any device, the admin is immediately alerted and can take action on the rogue device remotely.

Browser-based access is allowed for Airwatch Console, and the use of the most recent version of Firefox or Chrome for management is recommended. For the SaaS environment, a URL is received from Airwatch, or its own custom URL is created with a dedicated SaaS,is or on-premise deployment can be done as well. The username, password, and PIN have to be entered to log in to the console.

Content within the AirWatch App

A high-level summary of the entire device fleet at a glance is available, including types of ownership for those devices, enrolled devices, and activity on when those devices last checked on the main dashboard for the organization in with the Workspace ONE UEM environment.

Some of the features of the Workspace ONE UEM Console using the Device Administrator at World Wide Enterprises role are:

Dashboards

Preconfigured dashboards are available on the Workspace ONE UEM console to quickly review the device fleet. Navigating to the Hub and selecting overview, the main dashboard and corresponding section dashboards are located under that section. For instance, under Devices and Content, more dashboards are available.

Easily drill down to sets of devices, apps, and more with these dashboards. For instance, Select “Devices seen in last 8 hours” on the Device dashboard to be taken to a list view showing all the devices that have recently checked in the last 8 hours. Customize device list view with robust filters including platform, os version, compliance status, and using custom layouts and more to allow administrators to narrow down the devices they are looking for easily. Go into the specific menus and available options by clicking on the device to manage the device.

The overall summary of information regarding the device can be seen on the first page in the summary tab. For instance, the Serial number and compliance status of the device can be seen at a glance.

All the policies and configurations pushed down to the device can be seen under the profiles tab. To further load information on a specific profile, click on the profile name.

View a listing of all the applications installed on the device by clicking on the apps tab. Different options are available for the different applications depending on the device ownership.

Multi-Tenancy

To match the organization’s structure, organization groups can customize the environment using the multi-tenant architecture feature under the Workspace ONE UEM console. For instance, A company can be separated into multiple divisions. There are multiple organization groups below the top group by clicking the company name at the top. Override or inherit settings from above, allowing the admin to set settings and policies at each level, making this structure completely customizable.

Roles Based Access

Assign default or custom roles to administrators at different organization groups with Roles-based Access under the Workspace ONE UEM console. For instance, The top admins have full access to all levels, while the admin could have a help desk employee assigned to a locked-down role just for the region they work in. In the top right, select the admin account and change the selected role to switch between them.

Profiles

Always have a working testing environment by configuring the admin role. Profiles cannot be edited or deleted for this role but only viewed. Configurations and policies that can be pushed down to the device are called profiles.

Go to Devices, navigate to Profiles & Resources, and click on Profiles. The profile configuration can also be viewed.

Working with Content Repositories

The administrators are offered authorization and complete control over the files stored within this location by the UEM Managed Content repository. The end-users can access the added content but cannot edit the content from the repository labeled UEM Managed using the VMware Workspace ONE Content app.

Features

The following features are provided by Managed Content repository:

• Files can be uploaded manually.
• Provide permissions and configure options for individual files
• Content accessed can be controlled on end-user devices with sync options
• Advanced file management options with the list view

Security

the following security features are available To protect the content synced from the repository to end-user devices and stored content.

• The data can be secured during transit with SSL encryption between the UEM console and end-user devices.
• Controlled access to the content with roles with the security pin.

Deployment

Workspace ONE UEM database stores the UEM Managed repository content, hosts the database on-premises or in the Workspace ONE UEM cloud, depending on the deployment model.

 UEM Managed Content Category Structure Configurations

In the UEM console and the Workspace ONE Content app, the UEM Managed repository content is organized with categories. Before uploading content to the UEM console, the category structure for the UEM Managed Content needs to be configured.

1. Go to Content, navigate to Categories, and select Add Category.
2. Configure the settings that pop up and click Save

• Managed by: To apply the category, select the organization group or groups
• Name: Enter an easily recognizable name with a clear set of content.
• Description: A brief description of the category is provided.

1. To the category structure, add a subcategory as needed.

1. From the Action Menu, select add
2. Configure and Save the settings that pop up.

• Managed by: Within the parent category, the organization group is reviewed that populates by default.
• Name: Enter a name that applies to a clear set of content and is easily recognizable.
• Description: Subcategory brief description is provided.

Upload content to the UEM Managed Repository

Manually upload and configure files in the UEM console to Add files to the UEM Managed Content repository. The Workspace ONE UEM database stores the repository content by default and delivers content to end users’ devices by syncing with the VMware Workspace ONE Content app. End-users cannot edit the synced managed content.

1. Go to Content and select List View.
2. Choose Select Files After clicking Add Content.
3. From the dialog box, select an individual file for the upload
4. Content Info settings need to be configured.

• Name: In this text box, the filename that automatically populates is reviewed.
• Organization Group: The content deployed to an Organization group is reviewed.
• File: The file that populates in this text box is reviewed.
• Storage Type: It should be ensured that the text box displays UEM Managed.
• Version: When the admin is adding this content to the UEM console for the first time. The version number is ensured as 1.0. From the Action menu in the UEM Managed ListView, new versions can be uploaded.
• Description: For the files uploaded, a description is provided.
• Importance: The content importance can be configured as High, Normal, or Low.
• Category: The uploaded content is mapped to a configured Category.

1. In the Details settings, additional metadata about the content is provided.

• Author: The name of the author of the file is provided.
• Notes: Create notes for the file.
• Subject: A subject is provided.
• Keywords: A List of keywords and topics covered by this file is entered.

Note: The metadata for only the first 10k files are synced on the user’s device sorted alphabetically irrespective of the number of files added on the UEM console.

Workspace ONE UEM Managed Content Upload in Batches

External file share integration can be bypassed with batch imports on-premise or a dedicated SaaS deployment with a hardened network.

1. Go to Content and navigate to Batch Status.
2. Click on Batch Import.
3. A Batch Name is provided with a Batch Description.
4. Select the information icon to download a .csv template file
5. For the content the admin wants to upload, fill out the CSV file with the file path and other information
6. Click on Choose File and navigate to the .csv that the admin created
7. To select the .csv., click on open
8. To upload populated Batch File, click on Save.

Set Content Storage Capacity

In an Organization Group and its child groups, the space allocated for managed content is called Storage Capacity. To view and use the storage settings, admin privileges are required.

1. Go to Groups & Settings, navigate to All Settings, click on AdminStorage at a Customer or Global organization group level.
2. From the Storage Type drop-down menu, click on Content.
3. For the appropriate Organization Group, click on the edit icon. In the Storage Management window which appears, configure the following settings:

• Organization Group Name: To apply content storage restrictions, choose the required group.
• Capacity: In the Workspace ONE UEM database, the maximum storage space is set in MB allocated to content stored. VMware Workspace ONE UEM provides to SaaS customers a default storage space of 5 GB for Workspace ONE Content.
• Overage Allowed: The amount of overage allowed is configured if applicable. This value is not configurable for SaaS customers.
• Max File Size: The maximum size for uploads is 200MB by default. 2 GB is the upper limit if operating against this recommendation.
• Encryption: The File Encryption Migration scheduler is triggered when encryption is enabled with AES – 256 file-level encryption to begin migrating any unencrypted data it finds. Click on save.

1. Save the settings.

Restrict File Extensions

Create an allowlist or denylist for Managed content and Corporate File Server to specify file type permissions. The blocked file types are hidden with this extension based on their extension from being visible in the Workspace ONE Content app and within the UEM console, thus preventing them from being downloaded/uploaded to the Content Repositories.

1. Go to Content, navigate to Settings, select Advanced and click on File Extensions.

2. The Allowed File Extensions settings are configured:

• Allow List: The file extensions the admin wants to include are entered. A new line, a comma, or a space are used to separate extensions.
• Deny List: The file extensions the admin does not want to are entered. A new line, a comma, or a space are used to separate extensions.
• All: Any file type for upload or sync is allowed.

3. Configuration can be applied by clicking on the save button.

The admin can anticipate the following responses, once the restrictions are applied:

• Response: Error Message
  Repository: UEM Managed
  Who: Administrator
  Where: Console
  What:  A restricted file is manually added to the content repository.

• Response: Silent Interaction
  Repository: Corporate File Server
  Who: Administrator
  Where: Console
  What:  A corporate file server is synced that contains a restricted file.

• Response: Silent Interaction
  Repository: Corporate File Server
  Who: End-user
  Where: Through Workspace ONE Content app, displayed on the device
  What:  A corporate file server is synced that contains a restricted file.

Workspace ONE UEM Managed Content Local File Storage

A dedicated, on-premises location with a connection to the Workspace ONE UEM instance is used to store the managed content from the Workspace ONE UEM database separated by Local File Storage. by default, the Workspace ONE UEM database stores the Managed Content. Issues can be created with database performance if uploading a large volume of managed content. By moving the managed content to an integrated Local File Storage solution, on-premises customers can free up space in the database, in this case.

For SaaS customers, file storage is automatically configured, On-prem customers can manually configure the file storage.

Custom Reports

On the Workspace ONE UEM console, using the Workspace ONE Intelligence, view details and generate custom reports to gather information of the managed content installed on end users’ devices. The report exported from navigating to the Content and clicking on the ListView console page or the Content Details by Device report is different from this custom report. Access the Workspace ONE Intelligence interface to generate custom reports for the content and select the Device Content template category. A device-identifying element can be used, such as a Device ID as the filter parameter. To either a managed content or a user, generate specific reports,

The content details generated are as follows:

• The repository’s specific date range the unique and total number of downloads for the content in a month.
• The total count of views for the content.

For a specific user, the following details are displayed:

• For a specific date range by repository, the total number of content downloads by the user is shown
• The Content List not viewed by the user is displayed.
• For the content, the last download date is displayed
• A specific version of a document that is not present in a list of users is displayed.

Securing your Account and Restricted Actions

AirWatch provides extra protection against malicious actions that are potentially destructive in a scenario where the AirWatch Console is left unattended by placing those actions out of reach of unauthorized users. Go to Groups &  Settings, navigate to All Settings, select System, click on Security and select Restricted Actions.

Enabling Send Message to All

A system administrator is enabled to send a message, by toggling this setting, to all devices in the deployment from the Device List View.

Selecting Password Protect Actions

Restricted Console Actions provide an added layer of protection against malicious actions that are potentially destructive. Go to Groups & Settings, navigate to All Settings, select System, click on Security, and select Restricted Actions to configure settings for restricted actions. Admins may be required to enter a PIN to perform a certain action. Select the appropriate Password Protect Actions button for each action chosen to protect, for Enabled or Disabled as appropriate. Granular control is provided over actions the admin wants to make more secure. A PIN is always required for some actions and cannot be disabled.

Before automatically logging out of the session, set the maximum number of failed attempts the system accepts. Re-login into the AirWatch Console and set a new security PIN if the set number of attempts is reached. The settings are described below:

• Admin Account Delete: Go to Accounts, navigate to Administrators and select ListView to prevent the deletion of an admin user account.
• Systems Connector Certificate Regeneration within VMware Enterprise: Navigate to all settings under Groups & Settings, click on System, select Enterprise Integration, click on VMware Enterprise Systems Connector to stop the regeneration of the VMware Enterprise Systems Connector certificate.
• APNs Certificate Change: Go to Groups & Settings, navigate to All Settings, click on Devices & Users, click on Apple, select APNs for MDM to prevent the disabling of APNs for MDM.
• Application Retire/Deactivate/Delete: Go to Apps & Books, select Applications, click on ListView to prevent retirement, deletion, or deactivation of an application.
• Content Delete/Deactivate: Go to Content and select ListView to prevent deleting or deactivating a content file.
• Data Encryption Toggle: Navigate to Groups & Settings, go to All Settings, click on System, select Security, and select Data Security to prevent the Encryption of user information setting.
• Device Delete: For bulk actions, even when this setting is disabled, Admin security PIN is still required and prevents the deletion of a device by navigating to Devices and selecting ListView.
• Device Wipe: This setting prevents any attempt to perform a device wipe from the Device List View or Device Details screens.
• Enterprise Reset: From the Devices Details page of a QNX device, Windows Rugged, or Rugged Android to prevent any attempt to perform an enterprise reset on a device.
• Enterprise Wipe: From the Devices Details page of a device, prevent any attempt to perform an enterprise wipe on a device.
• Based on User Group Membership Toggle Enterprise Wipe: When a device is removed from a user group, prevent any attempt to perform an enterprise wipe on a device. Go to Groups & Settings, select All Settings, navigate to Devices & Users, select General, click on enrollment on the Restrictions tab and it is an optional setting that can be configured. The added option of performing an enterprise wipe on a device when it is removed from a group if the admin restricts enrollment to Configured Groups on this tab.
• Organization Group Delete: Navigate to Groups & Settings, go to Groups, select Organization Groups, then click on Organization Group Details to prevent any attempt to delete the current organization group.
• Profile Delete/Deactivate: Navigate to Devices, go to Profiles & Resources, select Profiles to prevent any attempt to delete or deactivate a profile.
• Provisioning Product Delete: Navigate to Devices, go to Staging & Provisioning, click Products List View to prevent any attempt to delete a provisioning product.
• Revoke Certificate: Navigate to Devices, select Certificates, click on ListView to prevent any attempt to revoke a certificate.
• Secure Channel Certificate Clear: Navigate to Groups & Settings, go to All Settings, click on System, select Advanced and click on Secure Channel Certificate to protect from any attempt to clear an existing secure channel certificate.
• User Account Delete: Navigate to Accounts, click on Users and select ListView to prevent any attempt to delete a user account.
• Delete Telecom Plan: Navigate to Telecom and click on Plan List to prevent the deletion of a telecom plan.
• Override Job Log Level: Navigate to Groups & Settings, go to admin, select Diagnostics and click on Logging to prevent attempts to override the currently-selected job log level. When a device or group of devices has an issue, overriding the Job Log Level is useful. In this case, by forcing an elevated log level to Verbose, the admin can override those device settings which log the maximum level of console activity, making it ideal for troubleshooting.
• App Scan Vendor Reset/Toggle: Under Groups & Settings, navigate to All Settings, select Apps, click on AppScan to prevent the resetting (and subsequent wiping) of app scan integration settings.
• Maximum invalid PIN attempts: Before the console locks down, the maximum number of invalid attempts at entering a PIN is defined, and this setting must be between 1 and 5.

Configure Required Notes for Action

The admin can explain their reasoning when performing these actions by entering notes using the Require Notes checkbox. Go to Groups & Settings, navigate to All Settings, select System, select Security, click on Restricted Actions.

• Lock Device: A note can be requested from the Device List View or Device Details pages if anyone attempts to lock a device.
• Lock SSO: For anyone trying to lock an SSO session, a note can be requested from the Device List View or Device Details screens.
• Device Wipe: Request a note from the Device List View or Device Details screens for any attempt to perform a device wipe.
• Device Reset: A note can be requested from the Devices Details page of a Windows Rugged or Rugged Android device if anyone is trying to enterprise reset a device.
• Enterprise Wipe: For any attempt to perform an enterprise wipe, request a note from the Devices Details page.
• Override Job Log Level: Navigate to Groups & Settings, go to Admin, select Diagnostics, and click on Logging and requires a note before attempts to override the default job log level.

Menus and Functions within the Interface

View and manage every aspect of the Mobile Device Management (MDM) deployment with Airwatch Console allowing admin to manage profiles, configure system settings, and add new devices and users to the fleet.

Security Pin

Security for the AirWatch Console is established by creating a security PIN. Safeguard against deleting important aspects of the environment, such as users and organization groups, and accidentally wiping a device with the security PIN. The security PIN blocks actions made by unapproved users presenting an added point of authentication and the second layer of security.

Establishing a Security PIN

When the admin first logs into the AirWatch Console, a prompt establishes a security PIN. The four-digit Security PIN is entered and confirmed on the Security Settings page, and the PIN is saved for future use. Before creating this PIN, the admin cannot proceed to any area within the AirWatch Console and may not bypass this page. The admin is presented with a “Captcha” authentication prompt. The entered password is wrong more than the maximum allowed login attempts. The admin can customize or disable the Captcha login prompt.

Reset the Security PIN

To minimize security risks, reset the security PIN now and then.

1. In the top-right corner of the AirWatch Console, Select the Account icon.
2. Navigate to and select Manage Account Settings. The page for Account Settings opens.
3. Click on the Security tab. Reset the PIN by clicking on the Reset button.
4. Sign out of the console. Upon logging back in, complete the PIN creation prompt.

Header Menu

At the top of nearly every page, The Header Menu appears, enabling the admin access to the following functions and features:

• Organization Group: The Organization Group (the tab labeled Global) is selected and the changes made are applied to the selected group.
• Add: Create a profile, internal application, user, policy, content, admin, device, or public application.
• Global Search: Within the AirWatch Console, search all deployment aspects, including admins, pages, applications, configuration settings, devices, users, content, and more.
• Notifications: With Notifications, stay informed about important console events. The number of alerts that require admin attention is indicated by the number badge on the Notifications bell icon.
• Saved: Within the AirWatch Console, access most-utilized and favorite pages.
• Help: The available guides and console documentation can be searched or browsed for.
• Account: The Account Information can be viewed. Within the current environment, change the account role that the admin is assigned to. Customize settings for viewing history of Logins, language, Notifications, contact information, and Security settings, including PIN reset. The admin can also return to the Login screen after logging out of Airwatch.
• Refresh: Without leaving the current view, see updated stats and info by refreshing the screen.
• Available Sections: Select only the sections the admin wants to see, thus customizing the view of the Hub Overview.
• Export: A comma-separated values(CSV) file that the admin can view and analyze with Excel producing a full listing of books, channels, profiles, apps, or policies.
• Home: To assign any screen as a home page, in the AirWatch Console, use this icon. The selected screen displays as the home page the next time the AirWatch Console is opened.
• Save: Add the current page to the Saved page list to accesscalled notifications the favorite console pages quickly.

Main Menu

Navigate to all the features available as specified for the role, and Mobile Device Management (MDM) deployment with the Main Menu:

• Getting Started: Within an AirWatch Console deployment, reflect only modules of interest and ensure that all aspects of a basic successful deployment are fulfilled. An onboarding experience is produced by Getting Started that is more tailored to the actual configuration.
• Hub: Access a quick overview of the device fleet and view and manage MDM information that drives the admin’s decisions. The most black-listed apps that violate compliance are displayed. Monitor all devices that are currently out of compliance and track module licenses with the Admin Panel Dashboard. Streamline the onboarding process by selecting and running Industry Templates with industry-specific apps and policies for iOS devices.
• Devices: Ownership type breakdown, last seen, compliance status, platform type, and enrollment type are some of the aspects that can be accessed for devices in the fleet. Full dashboard, list view, and detail view are available options that can be swapped as per preference. Compliance policies, certificates, product provisioning, Notification, Wipe Protection settings, current profiles, enrollment status, and printer management are some additional tabs available that can be accessed.
• Accounts: In the MDM deployment, survey and manage users and administrators. Roles, batch status, user groups, and settings associated with the users can be accessed and managed along with admin roles, groups, system activity, and settings associated with the administrators.
• Apps & Books: Book catalog, App catalog, and Volume Purchase Program (VPP) orders can be accessed and managed. App groups featured apps, Geofencing, app categories, smart groups, and profiles associated with the app can be viewed along with logs with application settings and application analytics.
• Content: Content can be viewed in a detailed manner, including user and content status, engagement, storage history trends, and user breakdown can be accessed. Content available to users and devices can be managed and uploaded. User storage, VMware Content Locker home screen configuration, content categories, content repositories, batch import status, and other content-specific settings can be accessed.
• Email: Email information related to the deployment can be accessed in a detailed overview. Email policy violations, deployment type, email management status, managed devices, and last seen are some available information.
• Telecom: Telecom-enabled devices’ detailed overview is available, including roaming data, plan use, and use history. Track roaming, view, and manage telecom use, including Short Message Service(SMS), call, and content settings.
• Groups & Settings: Related to organization groups, app groups, user groups, smart groups, and Admin Groups, manage structures, types, and statuses. Access settings related to all Main Menu options or configure entire system settings.

Collapse and Expand the Submenu

By selecting the arrow at the bottom of the console, collapse the submenu. More space is created for device information with this action. Select the modified arrow to expand or reopen the submenu.

Global Search

Global Search runs searches across the entire deployment by using a modular design with a tabbed interface. Search parameter is applied to a single tab by Global Search, thus producing faster results. By selecting another tab, apply the same parameters to another area of the AirWatch Console. Select the following tabs after running a global search to view the results.

• Devices: Device Profile name searches and matches to Device friendly names are returned.
• Accounts: Administrator name searches and matches to user names are returned.
• Applications: Public, purchased, internal, and Web application searches are returned.
• Content: Matches to any content that appears on devices are returned.
• Settings: Matches to console main page searches and matches to individual field-level settings are returned.

By selecting the organization group drop-down menu, perform a search for an organized group. The list is displayed in the search bar above.

AirWatch Console Notifications

A special communication tool is designed called notifications and is located next to the Global Search button to keep the admin informed about console events that impact the operation. The different kinds of notifications are:

• APNs Expiration and APNs Expired: A Critical Priority alert is generated for APNs for MDM certificates that are set to expire, and the admin is notified 30 days in advance. The Critical Priority alert is reduced to a High Priority alert after the APNs certificate expires. This notification keeps the devices in contact with AirWatch and helps the admin avoid the hassles involved with expired certificates.
• App Removal Protection: When the Application Removal threshold is crossed, this High Priority alert is displayed. On the Notifications pop-up, act by selecting the Review App Removal link.
• List View Export: An info priority level alert notification appears when the user or device list view export the admin requested has been finished and is ready for examination.
• User Group Merge Pending: This notification is displayed if the user group merge process is pending and needs admin approval. The two scenarios for this notification are:

On the Directory-based User Group, if the Auto Merge Changes setting is disabled, meaning all changes require admin approval.

If the number of changes exceeds the Maximum Allowable Changes threshold and the Auto Merge Change is enabled, admin approval is needed for some changes above the threshold.

• VPP App Auto Update: When an app is installed with Apple Volume Purchase Program, High priority alerts that notify

Managing Console Notifications

A numeral badge appears on the alert icon when active notifications require attention, indicating the number of active alerts. Select the bell-shaped Notifications icon to display the Notifications pop-up. Manage the received notifications, including viewing the list of active alerts, viewing the list of dismissed alerts. Dismissing expired alerts, renewing the APNs, and Configuring Notification Settings. The APNs for an MDM certificate are located in the organization groups displaying each alert. Each alert shows a link to Renew APNs and the expiration date of the certificate.

• View Active Alerts: The list of active alerts is displayed by the default view.
• Renew APN’s: The Change Organization Group (OG) is displayed on the screen. This screen is displayed when the OG admin is indifferent to the OG that manages the device with the impending license expiration. Select Yes to change the OG automatically to renew this APN’s license. The license can be renewed by maintaining the device connection with AirWatch and following the instructions on the APNs for the MDM settings page.
• Dismiss Alert: The expired alert is closed and sent to the Dismissed alert listing by clicking on the X button. The critical priority notifications cannot be closed.
• View Dismissed Alerts: At the top of the Notifications pop-up, navigate to Dismissed tab to see the listing of dismissed alerts.

Configure Notifications Setting

Enable or disable APNs, choose how to receive alerts, Expiration alerts, and change the email to which it sends alerts using the Notifications settings page.

The following steps are taken to configure notification settings:

1. The Account button, which can be accessed from every page on the console, is selected. Navigate to Manage Account Settings and click on the Notifications tab. Alternatively, by selecting the gear icon located in the lower-right corner of the Notifications pop-up screen, access the notification settings page.
2. The following notification settings are completed:

• • APN’s expiration: Alerts can be triggered when the APNs licenses are in jeopardy of expiring.
  • Notification: From the console, email, or both, select the notification delivery method.
  • Send email to: When email or both is selected in the notification, enter the email address. Commas are used to separate different email IDs.
  • List View Export: An alert can be triggered whenexpiringAlerts can be triggered when the exportation of a device list view or user list view is completed.
  • Notification: From the console, email, or both, select the notification delivery method. The email used is the address on record in the user tab of Account Settings, for list view exports, for the currently logged-in administrator.
  • User Group Merge: When the active directory database changes sync with AirWatch and Auto Merge Changes are disabled, an alert can be triggered.
  • Notification: From the console, email, or both, select the notification delivery method.
  • Send email to: When email or both is selected in the notification, enter the email address. Commas are used to separate different email IDs.
  • VPP App Auto Update: When an app installed with Apple Volume Purchase Program has an updated version that can be installed, an alert is triggered.
  • Notification: From the console, email, or both, select the notification delivery method.
  • Send email to: When email or both is selected in the notification, enter the email address. Commas are used to separate different email IDs.

3. Save the settings