Geofencing

Geofencing is a location-based technology that creates a virtual boundary (or “zone”) around a real-world area using GPS, Wi-Fi, cellular data, or RFID signals.

When a managed device enters or exits this boundary, predefined actions are automatically triggered — such as applying security policies, sending alerts, or restricting app access.

For example, an IT admin can configure a Geofence around an office building so that when a corporate device enters the area, Wi-Fi and VPN settings are automatically enabled, and when it leaves, access to internal apps is restricted.

To ensure your organization maintains the highest standards of data privacy and security autonomy, we offer the option to deploy the application via your own Apple Developer Account.

By choosing this path, your team gains exclusive ownership over your digital identity and security credentials. This approach provides several key advantages:

Zero-Trust Security: Your private keys never leave your internal infrastructure. You generate and manage your own credentials directly within your Apple and Firebase consoles, ensuring your sensitive data remains entirely in-house.
Full Data Sovereignty: By hosting the app instance on your account, you ensure that push notification traffic and app metadata remain entirely under your organization's control and visibility.
Simplified Compliance: This model aligns with global IT best practices by isolating your communication channels and eliminating the need for cross-organization credential sharing.

Key Benefits of Using Geofencing

Using geofencing in endpoint or mobile device management provides several operational and security advantages:

Enhanced Security: Automatically restrict access to corporate resources when a device leaves a secure location.
Automated Policy Enforcement: Apply or remove configurations (Wi-Fi, VPN, app access) based on device location.
Real-Time Visibility: Monitor the location of managed devices to ensure compliance and prevent misuse.
Loss Prevention: Receive alerts if devices move out of designated areas (useful for schools, logistics, or healthcare).
Improved Productivity: Enable context-aware settings such as silencing notifications in office zones or activating tracking for field employees.

Operational Efficiency: Reduce manual effort by automating repetitive location-based management tasks.

Prerequisites

Firebase project should be created and the Firebase project name should be same as the Google Cloud Project name. Refer to the official documentation at https://firebase.google.com/docs/projects/use-firebase-with-existing-cloud-project. This is required to communicate with apps.
Enable the Geofence feature from the BigFix WebUI Feature configuration page.

Geofence Zones

: A Zone in the BigFix MCM WebUI is a logical boundary used to organize and manage devices within your environment. It allows administrators to define regions such as office buildings, restricted areas.
Zones help simplify device management and policy targeting by defining where and how configurations are applied. Each zone is associated with multiple settings.

Key Uses of Zones

Location-based management: Apply region-specific policies (for example, Wi-Fi or compliance rules for a particular office or site).
Delegated administration: Assign admins to manage devices only within their designated zone.
Simplified targeting: Deploy apps, certificates, or restrictions to a defined group of devices without manually selecting them each time.
Better visibility: View device inventory, compliance status, and health metrics filtered by zone.

Example: For instance, an organization with offices in Bangalore, Chennai, and Pune can create separate zones for each location. Administrators assigned to the “Bangalore Zone” can only view and manage devices and policies relevant to that office.