System Manager SM Sentry is offered out of the box with Meraki Access Points via the Meraki Cloud. For more information on all of the different splash page options see the Splash Page Overview.
Systems Manager (SM) is Meraki's Enterprise Mobility Management (EMM) tool for iOS, Android, Windows, macOS, and Chrome. Systems Manager allows for devices to be remotely managed. A full description of the available feature sets is available in the Systems Manager datasheet.
Enabling SM Sentry Enrollment
When enabled on a given SSID for a Cisco Meraki wireless AP, Sentry facilitates the secure and rapid onboarding and deployment of SM to mobile devices. Sentry enrollment is supported on Android, iOS, macOS, and Windows devices and enables employee self-service for securing BYOD devices.
If the device is not enrolled in an existing SM network, the user is prompted with a click to accept message that will enroll the device into the SM network as well as provide any configuration profiles and required apps previously configured.
SM Sentry enrollment can be enabled on any MR network via the splash section of the Configure > Access control page.
Onboarding via SM Sentry
When an iOS, Android, macOS, or Windows device connects to a wireless SSID with SM Sentry enrollment enabled, if it does not have an SM profile installed, it will be prompted to undergo the installation process when the user opens up a web browser. The user will be guided through a series of steps that will facilitate the profile installation, after which they will be given Internet access.
Devices which use a randomized mac address during association to SSIDs will be continuously prompted for enrollment unless the feature is disabled for Sentry Splash Enrollment SSIDs
Alerting on Removal of Systems Manager
Sentry will automatically detect the removal of the Systems Manager app or management profile and deny access of a mobile device to the network. In addition to this, IT can set up alerts so they are notified via e-mail if a device goes from being managed to unmanaged because the management profile has been removed.
Finally, unmanaged devices are highlighted in the client list and client details page so IT can quickly spot these.