What’s new - Latest Features & Enhancements

Overview of the enhancements made in the current release of BigFix Modern Client Management (MCM) and BigFix Mobile.

The BigFix Modern Client Management (MCM) and BigFix Mobile version 3.6 release introduces key enhancements focusing on improved operational visibility and extended control across Android, iOS, and ChromeOS.

Battery health monitoring

MCM v3.6 introduces enhanced battery monitoring for enrolled iOS and Android devices. These capabilities allow IT teams to quickly check device battery status during troubleshooting, and to better track overall battery conditions across their mobile fleet.
  • Battery Telemetry for Mobile Devices: The MCM client reports key battery information such as current battery level, charging state, and plugged status for iOS and Android devices enrolled in MCM.
  • On-demand Updates: Administrators can use Send Client Refresh from the console to trigger an immediate inventory update, including battery data, on selected iOS and Android devices. This action triggers a battery information request sent via a silent notification to the iOS app, which then reports the latest data back to the MDM plugin.
  • Configurable Battery Thresholds: Data syncing can be triggered by a configurable battery threshold (currently set to 50%) via managed configuration.
  • iOS Monitoring: The integration of the Cloud Run API allows for syncing battery data when the app is launched, during live events through an observer, or on-demand via push notifications. Parameters synced include charging status, plugged-in status, thermal state, battery level, and power saver mode.
  • Android Monitoring: A sync request and an asynchronous call for battery health are sent simultaneously, with the app returning information through Pub/Sub.
  • BigFix WebUI Display: Battery parameters, such as level and charging status, are displayed in the BigFix WebUI.

  • Cyclic Refresh: A cyclic refresh from the WebUI is supported for each parameter.

  • Default Installation: The BigFix UEM app is installed by default for newly enrolled devices when the battery health feature is enabled.

For detailed information, refer to Battery health and level monitoring.

ChromeOS enhancements

Chrome OS Enhancements: Expanded policy control for Chrome OS devices, including:

  • Auto Launch Mode: Allows setting a single application to open automatically upon device start, making the device function as a single-app kiosk.
  • Kiosk Device Settings: Introduction of policies to set device-level features such as lid close action, idle timeout, spoken feedback, high contrast mode, and screen magnifier.
  • Simplified Uninstall: Kiosk apps can be uninstalled by simply editing the existing policy and unchecking the app.

For complete information, refer to ChromeOS management.

Geofence support

Geofencing enables administrators to define geographic zones and configure automatic policy enforcement when managed devices enter or exit those zones. BigFix MCM v3.6 provides advanced targeting and configuration features, including:
  • Advanced Targeting: Deploy Geofence settings to individual devices or Smart Groups.
  • Complex Zone Support: Manage complex scenarios with support for overlapping zones.
  • Configuration & Workflow: Streamlined setup using automation tasks and a dedicated Admin page for configuration.
  • User Notifications: Deliver notifications directly to device users based on zone transitions.
  • Easy Association: An easy model for binding Zones, Settings, and Targets (Devices/Smart Groups).
  • Feature Control: Geofencing is now enabled by default and cannot be modified by the user.
For more information, refer to Geofencing.

Jailbreak Detection & Compliance

The Jailbreak Detection feature for iOS and Android introduces enhanced mobile security visibility and automated compliance enforcement workflows in MCM v3.6.

Key capabilities include:
  • Comprehensive Detection Identifies compromised devices (jailbroken iOS and rooted Android). Detection supports both pre-enrollment blocking and post-enrollment continuous monitoring. Android detection uses integrity validation mechanisms such as Google Play Integrity (formerly SafetyNet).
  • Enhanced Visibility Administrators can view device security status using color indicators and compliance labels directly in the device grid (Green for Compliant, Red for Non-Compliant, Grey/Yellow for Unknown). The Device Details page provides an audit trail with the current status, last scan date/time, and detection logs.
  • Compliance and Remediation The feature enables full compliance workflows, allowing administrators to:
  • Filter devices by compliance status and generate historical reports for security audits.
  • Create compliance policies to trigger automated actions upon detection.
  • Available policy actions include Alert Only, Unenroll Device, Auto-Wipe Device, and Restrict Access.
  • Dashboard Reporting: The dashboard provides key performance indicators (KPIs) to monitor overall security posture, such as the percentage of compliant and non-compliant devices, trend analysis over time, and average scan frequency.
For complete information, refer to Jailbreak Detection.

Remote Access

The Remote View feature has been newly introduced and enhanced in UEM v3.6 (MCM 3.6) to provide a secure, real-time screen streaming capability for troubleshooting and support.

  • Architecture and Connectivity

    • Implemented using WebRTC for real-time, low-latency viewing of a device's screen.
    • Introduced the Coturn (TURN/TURNS) service, which is mandatory for media relay across firewalls and NAT configurations.
    • The mdm-broker now serves as a secure signaling relay over WSS, authenticated by unique, short-lived JSON Web Tokens (JWT).

  • WebUI and Administrative Control

    • Administrators can initiate Remote View sessions directly from the Devices list in the WebUI.
    • The WebUI includes capabilities for the installation, configuration, and update of the mandatory Coturn service.

For complete information, refer to Remote Access

Specialized feature configuration

In MCM v3.6, the Feature configuration page is introduced to allow administrators to activate specialized management features easily after an upgrade. This mandatory setup enables Geofencing, Battery Health, Jailbreak Detection, and Remote Access, which are now selected by default to streamline deployment. By performing the deploy action, you automatically install the BigFix UEM app on targeted devices, providing the technical foundation these features require. To complete the configuration, you must upload an Android SHA key and ensure a GCP service account is available. For iOS devices, a .p12 certificate must also be uploaded to your Firebase project after the initial deployment. Without this streamlined activation, these specialized features will remain unsupported and non-functional on your managed endpoints.

Known limitations in MCM v3.6

Battery Health Data Display for Unconfigured Devices

Issue: In BigFix UEM v3.6, the Device Details page displays battery-related attributes (such as Battery Level, Battery Health, and Cycle Count) by default, even if the requiredFeature configuration has not been deployed to the device.

Symptoms: Affected devices may show placeholder values such as 0, 0%, N/A, or False. These values do not reflect the actual battery state of the device but indicate that the data collection feature is not yet enabled.

Workaround: To view accurate data, deploy the Battery Health Feature Configuration to the target devices. Once the configuration is active, the device will report actual battery metrics.

Resolution: UI improvement is planned for a future release.