Use Jamf Pro's basic features for enterprise management

What is Jamf Pro?

The Jamf software suite features a variety of tools for managing Apple devices in different organizations, including its MDM platform specifically for Apple devices, covering iOS, iPadOS, macOS and tvOS. Jamf has two different tiers to its MDM platform: Jamf Now and Jamf Pro. Jamf Now is Jamf's entry-level Apple management platform, ideal for small businesses with minimal IT staff and MDM knowledge. However, Jamf Pro is an enterprise-level platform with more advanced tools and integrations.

Is Jamf a unified endpoint management platform?

The latest evolution of MDM and enterprise mobility management (EMM) is UEM. Because these types of tools are so related, one might wonder whether Jamf is a UEM. The technical answer to that is no. A UEM tool combines the management of multiple endpoint types -- desktop computers, laptops, tablets, smartphones and IoT devices -- and multiple operating systems, including iOS, Android, Windows 10, macOS and Chrome OS -- into a single management platform.

Jamf is an Apple-only management platform, so it does not necessarily count as UEM. It would be more accurate to define Jamf as a unified ecosystem management platform. Many other management platforms offer management against multiple OSes, both mobile and desktop. While many of them do it well, it's a tall order to keep up with and innovate on. What sets Jamf apart is its ability to focus on Apple-only devices, which allows it to be a leader in the Apple device management market.

Managing Apple endpoints with Jamf

Over the years, Jamf has continually evolved and added to its software suite, with acquisitions including Wandera, ZuluDesk and Digita Security. In addition to its MDM platform, Jamf offers the following features and tools:

• Jamf Connect. Enables cloud identity on user devices for secure authentication
• Jamf Private Access. Integrates with Jamf Connect to provide zero-trust network access
• Jamf Protect and Threat Defense. Adds key security tools for macOS and iOS
• Jamf School. Provides tools to empower learning, development and collaboration between students, teachers and parents
• Jamf Marketplace. Catalogs tools and third-party partner integrations for customers to learn about, use and implement.

Additionally, Jamf fully integrates with key Apple systems such as Apple Business Manager and supports multiple provisioning methods, including Apple User Enrollment and Automated Device Enrollment. Jamf also offers additional apps for iPad and iPhone, including the following:

• Jamf Setup. Provides shared device check-in and workflows
• Jamf Reset. Allows simple end-user wipe and reset
• Jamf Pro Parent. Gives parents the option to limit apps and device functionality of their children's devices
• Jamf Pro Teacher. Enables management controls for teachers over student devices

Taking a deeper dive into Jamf Pro

One of the most challenging processes that an IT administrator will run into with device management is learning the software. However, Jamf breaks down these components so that it's simple to use. The first thing an administrator will see after logging in is a dashboard with a breakdown of Computers, which encompasses macOS devices, Devices, which encompasses iOS, iPadOS and tvOS devices, and Users (Figure 1). This separation gives administrators an organized view of device types, profiles and configurations.

Managing iOS devices

Under Devices, Jamf Pro provides a range of tools that help with device configuration, provisioning, user grouping and staging. Administrators can configure policy and device restrictions related to Wi-Fi, passcode and encryption under Configuration Profiles (Figure 2).

Apple Business Manager's Automated Device Enrollment is one of the most popular Apple provisioning workflows for IT administrators to utilize to automatically lock corporate-only devices into management. Some key features that come with using Apple's Automated Device Enrollment alongside an MDM are the ability to supervise devices, activation lock prevention so a user can't lock a corporate device to a personal iCloud and the option to streamline the setup experience by removing setup assistant items such as location services and Siri setup.

Jamf makes this easy with the PreStage Enrollments configuration (Figure 3). This selection allows IT to configure all these different settings to ensure user and device provisioning are simple and effective.

Managing users and grouping

Another useful feature of Jamf Pro is the option to create Smart Device Groups, which include many attributes and criteria such as building, department, display name, device, model and additional custom attributes if IT admins set them up. Smart Device Groups give IT administrators better insight into what policies they should provision to different devices.

Managing macOS devices

Jamf Pro's tools for macOS management are similar to their tools for iOS management. Under macOS Configuration Profiles, IT administrators can control specific restrictions on devices and provision payloads such as VPN and certificates (Figure 4).

Administrators can go to macOS Policies to provision additional payloads on devices, including macOS updates, scripts, dock items, local accounts, printers, Intune integration and many others.

Global management

Jamf Pro separates system and global management into their own areas under All Settings (Figure 5). This functions as a central place for administrators to configure more advanced features, including single sign-on, cloud identity, Apple Business Manager, network organization and others.