네트워킹
ITIn 관리자는this 관리되는section 장치에you 기업can Wi-configure networking-related policies.
Wi‑Fi 구성을configurations 조용히can 프로비저닝할be 수provisioned 있습니다.and Wi-managed by the system via WiFi configurations. Depending on the value set on Configure Wi‑Fi, 구성은users 사용자가may 구성을have 생성하거나limited 기업or 구성을no 수정하는control 것을over 방지하기adding/modifying 위해 잠금 처리할 수도 있습니다.
1. 블루투스가 비활성화되었습니다
블루투스가 비활성화되어 있는지 확인합니다.networks.
Device radio state
1. Wi‑Fi state
Controls current state of Wi‑Fi and if the user can change its state.
User choice (default): User is allowed to enable/disable Wi‑Fi.
Enabled: Wi‑Fi is on and the user is not allowed to turn it off (Android 13+).
Disabled: Wi‑Fi is off and the user is not allowed to turn it on (Android 13+).
2. 블루투스Minimum 연락처Wi‑Fi 공유가security 비활성화되었습니다
The minimum required security level of Wi‑Fi networks that the device can connect to. Supported on Android 13 and above, for fully managed devices and work profiles on company-owned devices.
Open network (default): The device can connect to all types of Wi‑Fi networks.
Personal network: Disallows open Wi‑Fi networks; requires at least personal security (for example WPA2‑PSK).
Enterprise network: Requires enterprise EAP networks; disallows Wi‑Fi networks below this security level.
192‑bit enterprise network: Requires 192‑bit enterprise networks; strictest option.
3. Ultra wideband (UWB) state
Controls the state of the ultra wideband setting and whether the user can toggle it on or off.
User choice (default): The user is allowed to toggle UWB on or off.
Disabled: UWB is disabled and the user is not allowed to toggle it via settings (Android 14+).
Device connectivity management
4. Bluetooth sharing
Controls whether Bluetooth sharing is allowed.
Allowed: Bluetooth sharing is allowed (default on fully managed devices, Android 8+).
Disallowed: Bluetooth sharing is disallowed (default on work profiles, Android 8+).
5. Configure Wi‑Fi
Controls Wi‑Fi configuring privileges. Depending on the selected option, the user has full, limited, or no control in configuring Wi‑Fi networks.
Allow configuring Wi‑Fi (default): The user is allowed to configure Wi‑Fi.
Disallow add Wi‑Fi config: Adding new Wi‑Fi configurations is disallowed. The user can switch between already configured networks (Android 13+; fully managed and company-owned work profiles).
Disallow configuring Wi‑Fi: Disallows configuring Wi‑Fi networks. For fully managed devices this removes user-configured networks and retains only networks configured via WiFi configurations. For company-owned work profiles, existing networks are not affected but users cannot add/remove/modify Wi‑Fi networks.
When configuring Wi‑Fi is disabled and the device cannot connect at boot time, the system can show the network escape hatch to let the user temporarily connect and refresh policy.
6. Wi‑Fi direct settings
Controls configuring and using Wi‑Fi direct settings. Supported on company-owned devices running Android 13 and above.
Allow (default): The user is allowed to use Wi‑Fi direct.
Disallow: The user is not allowed to use Wi‑Fi direct.
7. Tethering settings
Controls tethering settings. Based on the value set, the user is partially or fully disallowed from using different forms of tethering.
Allow all tethering (default): Allows configuration and use of all forms of tethering.
Disallow Wi‑Fi tethering: Disallows the user from using Wi‑Fi tethering (company-owned Android 13+).
Disallow all tethering: Disallows all forms of tethering (fully managed + company-owned work profiles).
8. Wi‑Fi SSID policy
Restrictions on which Wi‑Fi SSIDs the device can connect to (this does not affect which networks can be configured on the device). Supported on company-owned devices running Android 13 and above.
SSID denylist (default): The device cannot connect to any Wi‑Fi network whose SSID is listed, but can connect to other networks.
SSID allowlist: The device can connect only to the SSIDs listed. The SSID list must not be empty.
Use Add SSID to add entries. Depending on the selected policy type, the list is interpreted as allowed or denied SSIDs.
In the Policy Editor UI, the SSID list is labeled Allowed Wi‑Fi SSIDs for allowlists and Denied Wi‑Fi SSIDs for denylists.
9. Wi‑Fi roaming settings
Configure Wi‑Fi roaming mode per SSID. Use Add Wi‑Fi roaming setting to create entries.
Each entry includes:
SSID: The SSID to which the roaming setting applies (required).
WiFi roaming mode: Default / Disabled / Aggressive. Disabled and Aggressive require Android 15+ and are supported only on fully managed devices and work profiles on company-owned devices.
Network restrictions
10. Bluetooth disabled
Whether bluetooth is disabled. Prefer this setting over Bluetooth config disabled because Bluetooth config disabled can be bypassed by the user.
11. Bluetooth contact sharing disabled
블루투스 연락처 공유가 비활성화되었는지 여부
3.12. 블루투스Bluetooth 설정이config 비활성화되었습니다disabled
블루투스 구성이 비활성화되었는지 여부
4.13. 테더링Network 설정이reset 비활성화되었습니다
테더링 및 휴대용 핫스팟 구성이 비활성화되었는지 여부
5. Wi-Fi 구성 비활성화
Wi-Fi 액세스 포인트 구성이 비활성화되었을 수 있습니다.
6. 네트워크 재설정 기능이 비활성화되었습니다disabled
네트워크 설정 재설정 기능이 비활성화되었는지 여부.
7.14. 아웃고잉Outgoing 빔beam 비활성화disabled
앱에서 NFC를 사용하여 데이터를 전송하는 기능이 비활성화되었습니다.
VPN
8.15. Always On VPN 앱app
특정Specify 앱에서 발생하는 데이터를 구성된 VPN을 통해 전송하도록 항상 켜짐 VPN을 지정하세요.
참고: 이 기능은an Always On 및VPN 앱별package name to ensure that data from specified managed apps will always go through a configured VPN.
Note: This feature requires deploying a VPN 기능을client 모두that 지원하는supports both Always On and per-app VPN 클라이언트 배포가 필요합니다.features.
9.16. VPN 차단lockdown
VPN 연결되지 않은 상태에서는 네트워크 연결을 허용하지 않습니다.
10.17. VPN 구성이config 비활성화되었습니다disabled
VPN 구성이 비활성화되었는지 여부.
Proxy and network services
11.18. 우선순위Preferential 네트워크network 서비스service
작업Controls 프로필에서whether 우선순위preferential 네트워크network 서비스service 사용is 여부를enabled 제어합니다.on 예를the 들어,work 조직은profile. 직원For 장치에서example, 모든an 작업organization 데이터를may 기업용으로have 전용an 네트워크agreement 서비스를with 통해a 전송하도록carrier 통신that 사업자와work 계약을data 맺을is 수sent 있습니다.via 지원되는a 우선순위carrier 네트워크network 서비스의service 예는dedicated for enterprise use (for example, an enterprise slice on 5G 네트워크의networks). 기업This 전용has 슬라이스입니다.no 완전effect 관리on 장치에는fully 영향을managed 미치지 않습니다.devices.
사용 중지됨: 작업 프로필에서는 선호 네트워크 서비스가 사용 중지되었습니다.
활성화됨: 작업 프로필에서는 선호 네트워크 서비스가 활성화되었습니다.
If you use enterprise network slicing, also configure 5G Network Slicing Configuration under the Cellular policy panel and assign apps to a slice using their Preferential Network setting.
12.19. 권장Recommended 글로벌global 프록시proxy
네트워크에The 구애받지network-independent 않는 글로벌global HTTP 프록시입니다.proxy. 일반적으로Typically 열린NetworkConfiguration에서proxies 네트워크별로should 프록시를be 구성해야configured 하지만,per-network 일반in 내부WiFi 필터와configurations. 같은A 특이한global 구성의proxy 경우may 글로벌be HTTPuseful 프록시가for 유용할unusual 수configurations 있습니다.like 프록시가general 접근internal 불가능하면filtering. 네트워크The 접근이global 끊길proxy 수is 있습니다.only 글로벌a 프록시는recommendation 권장and 사항일some 뿐이며apps 일부may 앱은ignore 이를 무시할 수 있습니다.it.
비활성화
직접 프록시
PAC 자동 구성
12.119.1. 호스트Host
직접 프록시의 호스트
12.219.2. 포트Port
직접 프록시의 포트
12.19.3. PAC URI
프록시 구성을 위해 사용되는 PAC 스크립트의 URI
12.19.4. 제외된Excluded 호스트hosts
직접For 프록시의a 경우,direct 프록시를proxy, 우회하는the 호스트입니다.hosts 호스트for 이름은which the proxy is bypassed. Host names may contain wildcards such as *.example.com과com.
Use 같은Add 와일드카드를excluded 포함할host 수to 있습니다.add entries (available for direct proxy only).
13. 와이파이 구성
Define Wi‑Fi network configurations that the system will apply on devices. Use Add WiFi configuration to create an entry and remove it with the delete action.
20. WiFi configuration fields
장치Each 네트워크configuration 구성includes:
13.1.
Configuration 구성name: 이름
13.2.Required.
SSID: SSID
13.3.Required.
Auto 자동connect: 연결Whether the network should be connected to automatically when in range.
범위Fast 내에Transition: 있을Whether 때the 자동으로client 네트워크에should 연결할지attempt 여부
13.4.to 빠른 전환
네트워크에use Fast Transition(Transition (IEEE 802.11r-2008) 사용을with 시도할지the 여부network.
MAC randomization mode: Hardware or Automatic (Android 13+).
13.5.20.1. 숨김 SSIDSecurity
SSIDWi‑Fi 브로드캐스팅security 여부 표시options:
13.6. 보안
WPA‑PSK: WPA/WPA2/WPA3-개인Personal (사전Pre-Shared 공유 키)Key).
WPA‑EAP: WPA/WPA2/WPA3-엔터프라이즈Enterprise (확장Extensible 인증Authentication 프로토콜)Protocol).
WPA3 192-bit mode: WPA‑EAP network allowing only WPA3 192-bit mode.
13.7.20.2. 비밀번호Passphrase 구문(Pre‑Shared Key)
비밀번호,Shown when Security is 사전 공유 키WEP‑PSK 보안or 옵션.WPA‑PSK. The passphrase is required.
13.8.20.3. EAP 방식method (Enterprise)
확장Shown 인증when 프로토콜Security 방식is WPA‑EAP or WPA3 192-bit mode. Select one EAP outer method:
EAP-EAP‑TLS
EAP-EAP‑TTLS
PEAP
EAP-EAP‑SIM
EAP-EAP‑AKA
13.9.20.4. 2단계Phase 인증2 authentication
Shown for tunneling outer methods (EAP‑TTLS and PEAP).
MSCHAPv2
PAP
13.10. 사용자20.5. EAP 자격credentials 증명from users
활성화하면When 시스템은enabled, 사용자를the 기준으로system 장치에automatically applies EAP 자격credentials 증명을on 자동으로devices 적용합니다.on a per-user basis. You can configure user credentials in the 사용자Users 섹션에서 사용자 자격 증명을 구성할 수 있습니다.section.
13.11.20.6. 클라이언트Client 인증서certificate
이For WiFiEAP‑TLS, 네트워크로you 기기를can 인증하는assign 데a 사용할client 인증서입니다.certificate 자세한used 내용은for Wi‑Fi authentication. For more information read the 인증서Certificate 관리management 섹션을page.
If 참조하세요.a certificate is already assigned, you can use Open certificate to view it or Change certificate to select a different one.
Alternatively, you can specify Client certificate key pair alias, which references a client certificate stored in the Android keychain and allowed for Wi‑Fi authentication.
If both Client certificate and Client certificate key pair alias are set, the key pair alias is ignored.
13.12.20.7. 증명Identity
사용자Identity ID.of 터널링user. 외부For 프로토콜(tunneling outer protocols (PEAP, EAP-EAP‑TTLS)의, 경우,this 이is 값은used 터널to 내부에서authenticate 인증하는inside 데the 사용되며,tunnel, and 익명Anonymous IDidentity는 터널is 외부의used for the EAP ID에identity 사용됩니다.outside 터널링하지the 않는tunnel. 외부For 프로토콜의non-tunneling 경우,outer 이protocols, 값은this is used for the EAP ID에 사용됩니다. 이 값은 문자열 확장에 적용될 수 있습니다.identity.
13.13.20.8. 익명Anonymous ID는 터널 외부의 EAP ID에 사용됩니다. 터널링하지 않는 외부 프로토콜의 경우, 이 값은 EAP ID에 사용됩니다. 이 값은 문자열 확장에 적용될 수 있습니다identity
터널링For 프로토콜에서만tunneling 사용되며,protocols 외부only, 프로토콜에this 제시되는indicates 사용자the ID를identity 나타냅니다.of 이the 값은user 문자열presented 확장에to 적용될the 수outer 있습니다. 지정하지 않으면 빈 문자열을 사용합니다.protocol.
13.14.20.9. 암호Password
사용자 비밀번호
13.15.20.10. 서버Server CA 인증서certificates
호스트List 인증서 체인을 확인하는 데 사용되는of CA 인증서certificates 목록입니다.to be used for verifying the host’s certificate chain. At least one CA 인증서certificate 중must 하나match. 이상이For 일치해야more 합니다.information 설정하지read 않으면the 클라이언트가Certificate 서버management 인증서가page.
Use 특정Add CA에 의해 서명되었는지 확인하지 않습니다. 시스템의Server CA 인증서를certificate 사용한to 확인이add 적용될entries 수도and 있습니다.remove 자세한them 내용은with 인증서the 관리delete 섹션을action.
20.11. 참조하세요.Domain suffix matches
A list of constraints for the server domain name. The entries are used as suffix match requirements against the DNS name(s) of the alternative subject name of an authentication server certificate.