How is the Symantec Mobile Security 7.2 (SMS 7.2) app on Android upgraded to a newer release? How are the management components on the server upgraded?
From time to time, new updates are made available to the management components of Symantec Mobile Security 7.2 and to the Android or Windows Mobile client software. Below are details on how to apply these updates.
Upgrading the Symantec Management Platform (SMP)
The management components on the Symantec Management Platform (formerly known as the Altiris Notification Server) server are updated via the SIM (Symantec Installation Manager). The SIM should be configured to perform periodic checks to see if new software is available. Details on new upgrades and hot fixes are featured when opening the SIM.
*Note* - If the SIM is up to date and no Mobile Security updates appear to be available, then click on the "Install new products" option. The hot fix may show up in that list instead of in the "Install hot fixes" or "Upgrade installed products" options.
Follow the prompts within the SIM to apply the updates and any necessary dependent upgrades.
Once the install is complete, the new Android client software will be automatically copied to the Mobile Security Gateways (MSG) and made available for download. The default is to always use the latest Android agent package, but Administrators may choose to configure the version of software that is available from each MSG. This allows an organization to perform a controlled rollout or test the new Android client before widespread deployment.
Another way to control the rollout of the newer version is by policy. The option to "Automatically upgrade agents" is checked by default. If this is unchecked, then the Androids assigned this policy will not be prompted to upgrade, even if there is an upgrade available on their MSG.
Upgrading the Android Mobile Security App
There are two main ways to upgrade the Mobile Security client app on the Android devices:
Upgrade the app from Google Play
Simply visit the official Play Store to install the latest available release of the software once it is made available.
Allow the Android's client software to be upgraded from its Mobile Security Gateway.
The Android devices always communicate with the SMP through the Mobile Security Gateway (MSG). Once the SMP has applied a product upgrade or hotfix, the latest version of the Mobile Security app’s .apk will be available on the MSG (by default). When clients with older releases of the app communicate through the MSG, then the new .apk will be downloaded from the MSG and the user prompted to install it.
*Note* - If the mobile devices are not receiving the upgrade notification, then check the "Android Configuration Settings" screen in the Management Console under the "Settings" blade. Ensure that the Project ID and API Key fields are valid. If they are blank, then refer to TECH191945 for instructions on inputting the proper information in this section so the mobile devices will receive the upgrade notification.
Androids check in with the SMP with the frequency configured in their policy. To check in immediately and upgrade, instruct end users to "refresh policies and activity" from Settings > Accounts.
Once the Android's user has chosen to "upgrade now," they will be prompted to replace the existing application. (It may be necessary to change settings to "Allow installation of non-Market applications" for a successful upgrade.)
No settings or data will be lost during the upgrade, and there is no need to re-enroll afterward.
In the SMP console, it is possible to see the Agent Version for each Android under Manage Android Devices.
Mobile Security Logs show that Android clients are periodically checking for a newer version, and an entry is recorded at the time of upgrade:
Time StampLog TypeModuleEvent TypeDataDescription
[date] 11:4111010001Checking for upgrade. [date] 11:1711010005User agrees to install the new version. [date] 10:5611010002No upgrade found. [date] 10:5611010001Checking for upgrade.
Note that these "Checking for upgrade" log entries will be present even if policy prevents the end users from being prompted to upgrade.