Welcome
Administrator Guide
Read this guide to learn about enrolling, administering, and troubleshooting endpoints through BigFix MCM and BigFix Mobile.
Jailbreak Detection
Jailbreak Detection enables administrators to identify compromised mobile devices enrolled in the MDM platform.
Scanning for Jailbroken Devices
Identify compromised iOS and iPadOS devices by initiating an on-demand jailbreak detection scan.

BigFix Documentation Homepage
Modern Client Management and BigFix Mobile
Welcome to the Modern Client Management and BigFix Mobile documentation, where you can find information about how to install, maintain, and use Modern Client Management and BigFix Mobile.
BigFix Mobile and MCM Overview
Discover how BigFix Mobile and Modern Client Management (MCM) extend unified endpoint management to mobile devices and modern OS platforms like iOS, Android, and Windows 10+, all from a single console.
Guides in PDF format
This section contains links to PDF versions of all the MCM and BigFix Mobile manuals.
Installing and Configuring BigFix Mobile and MCM
Read this guide to learn about the requirements and available installation scenarios to ensure that the deployment of BigFix MCM and BigFix Mobile goes smoothly in your environment.
Deployment Guide
This document provides guidance for deploying the certificate enrollment infrastructure required for BigFix Mobile Configuration Management (MCM). It describes how to integrate BigFix MCM with Microsoft certificate services to enable device certificate enrollment using the Simple Certificate Enrollment Protocol (SCEP).
Quick Start
This quick start guide gets you up and running with your BigFix MCM and BigFix Mobile solution. It helps you secure, configure, and manage your mobile devices quickly and efficiently.
User Guide
Administrator Guide
Read this guide to learn about enrolling, administering, and troubleshooting endpoints through BigFix MCM and BigFix Mobile.
- Modern Client Management and BigFix Mobile
  This guide is intended for HCL BigFix Master Operators (MO) and those who administer BigFix deployments. If you are looking for information about using Modern Client Management (MCM) and BigFix Mobile, see the WebUI User's Guide.
- BigFix MCM
  Read this section to learn enrolling and managing Windows and macOS desktop and laptop devices.
- BigFix Mobile
  BigFix Mobilesimplifies the management and security of Android, iOS, and iPadOS devices, enabling IT admins to seamlessly enroll, configure, and monitor mobile devices, ensuring compliance and protection of corporate data.
- Feature configuration
  The Feature Configuration page in BigFix WebUI enables you to target specific MDM servers and deploy advanced feature modules to managed endpoints. After uprading to MCM v3.6 or later, use the Feature Configuration page to activate specialized management capabilities like Geofencing, Battery Health monitoring, Jailbreak detection, and Remote Access for your MDM servers.
- SCEP Certificate-based authentication
  BigFix MCM supports certificate-based authentication through Simple Certificate Enrollment Protocol (SCEP). SCEP is the fastest and most secure way to provision certificates to all your MCM-managed devices. With SCEP, IT Admins can automate issuing certificates to the endpoints to provide access to corporate Wi-Fi, VPN, and secure e-mail through encryption.
- SAML-authenticated enrolment flow
  When you configure SAML as the authentication method, when a user hits the enrollment URL and click Enroll, the user is first authenticated via the identity provider before proceeding with the enrollment process.
- Application management
  App Management in BigFix Mobile and MCM provides a centralized way to distribute, update, and control applications across multiple device platforms. Administrators can deploy both public store apps and internal corporate apps, enforce policies, and secure company data while simplifying the app lifecycle for end users.
- Battery health and level monitoring
  The Battery Health feature provides visibility and proactive monitoring of mobile device battery performance to improve device reliability and minimize user productivity disruption. Monitoring is event-driven and avoids continuous polling mechanisms.
- Email configuration management
  With BigFix MCM and BigFix Mobile, you have the ability to install and set up email application that can connect to your email system. This allows users to easily connect, verify their identity, and synchronize their work email accounts on their devices.
- VPN management
  BigFix MCM and BigFix Mobile enable organizations to manage and configure Virtual Private Network (VPN) settings on enrolled Android, Apple, and Windows devices, ensuring secure remote access to corporate networks.
- Wi-Fi configuration management
  BigFix MCM and BigFix Mobile offer WiFi configuration management, where administrators can control and configure the wireless network settings on MCM-enrolled devices. This helps organizations to maintain a secure and reliable wireless network infrastructure while providing flexibility for users to connect to authorized networks.
- Jailbreak Detection
  Jailbreak Detection enables administrators to identify compromised mobile devices enrolled in the MDM platform.
  - Jailbreak Detection overview
    Understand the security implications of jailbroken or rooted devices and how BigFix MCM identifies these risks.
  - Scanning for Jailbroken Devices
    Identify compromised iOS and iPadOS devices by initiating an on-demand jailbreak detection scan.
  - Compliance, Remediation, and Policy Enforcement
    You can make devices compliant by defining automated policies and executing remediation actions and policy enforcement.
  - Compliance Enforcement Setting
    The Compliance Enforcement Setting page in the BigFix WebUI allows administrators to create automated links between a device's security status and a specific Policy Group. When a device is identified as "Potentially compromised" (Jailbroken or Rooted), the system automatically enforces the associated policy to mitigate risks.
- Geofencing
  Geofencing is a location-based technology that creates a virtual boundary (or “zone”) around a real-world area using GPS, Wi-Fi, cellular data, or RFID signals.
- Remote Access
  This procedure outlines the steps required to start a Remote Access session using Modern Client Management.
- BigFix MCM and Mobile Known Limitations
  This topic lists known limitations and restrictions in BigFix Modern Client Management (MCM) and BigFix Mobile for each version. Use this to understand feature gaps, known issues, or unsupported configurations relevant to your environment.
- Troubleshooting
  This section is intended to help you solve problems that might occur when installing BigFix MCM and BigFix Mobile.
- Frequently Asked Questions
  Read this section for commonly asked questions and their answers to manage the MCM deployments better.
Glossary
This glossary provides terms and definitions for the BigFix software and products.

Scanning for Jailbroken Devices

Identify compromised iOS and iPadOS devices by initiating an on-demand jailbreak detection scan.

Before you begin

Ensure the Jailbreak feature is activated in Feature configuration and that target devices have the BigFix UEM app installed.

About this task

Jailbroken devices bypass critical OS security layers. Use the Scan for Jailbreak action from BigFix WebUI to audit device integrity.

Procedure

In the Modern Client Management side menu, navigate to Actions > Scan for Jailbreak
In the Target Devices section, click Edit Devices.
Choose the target mobile endpoints and click Done.
Click Send Command.

Results

The command is queued for deployment. You can view the results and device statuses in the Deployments or Reports tabs.
To audit a specific department's tablets, filter the device list by "Department: Marketing" before clicking Send Command.

What to do next

Tip: If a device is found to be jailbroken, use the Lock Device or Wipe action to secure corporate data immediately.