Task: You would like to configure iPads to be filtered by Securly for on-site and/or off-site.
Prerequisite: Regardless of which deployment method you choose, all iPads must have the Securly CA installed for SSL inspection to work properly. It is important to know that filtering will still occur even without the certificate deployed, but users will receive certificate warnings in their browser for HTTPS sites that Securly provides SSL inspection (google.com, for example).
The certificate is included as an attachment at the end of this KB. The preferred method for deployment is with your Mobile Device Management (MDM) software. Please see below for our MDM KB links.
If you do not have an MDM, the steps to manually install the certificate can be found here: https://support.securly.com/hc/en-us/articles/206978437
PAC File URL
PAC file URL Notes by Apple ISO version. If URL is not matched correctly, there may be problems Apps or web browsing.
|ISO Version||Security||PAC file URL|
|10.1.1 and older||Unsecure Only||HTTP://|
|10.2.0 exactly||Secure Only||HTTPS://|
|10.2.1 and new||Unsecure or Secure||HTTP:// or HTTPS://|
On-Site Only Solution: If you are successfully using Securly DNS filtering already, all iPads should be covered with that implementation. If you do NOT use the Securly DNS filtering solution, and would only like to filter your iPads on-site, please submit a request to firstname.lastname@example.org, and jump over to our Best Practices Guide for further assistance.
On-Site and Off-Site Solution: A PAC file that is created by your Sales Engineer is a hard requirement for any off-site iPads. Please reach out to your Sales Engineer by submitting an email to email@example.com to have this created for you.
Once you have a PAC file ready for you, please follow one of our below MDM Platform KB articles to complete your setup:
- AirWatch: https://support.securly.com/hc/en-us/articles/214079038
- Casper by JAMF: https://support.securly.com/hc/en-us/articles/212511418
- Meraki: https://support.securly.com/hc/en-us/articles/214771437
- FileWave: https://support.securly.com/hc/en-us/articles/225591508
- TabPilot: https://support.securly.com/hc/en-us/articles/224737027
- Apple Configurator: https://support.securly.com/hc/en-us/articles/218848097
Off-Site Only Solution: Inline filtering appliances can conflict with an off-site iPad filtering solution. It is best to have a discussion with an engineer to come up with a design plan that works best for you.
Off-site Filtering Note: It is not recommended to allow iPads to go home without an MDM.
Please follow the above "Prerequisite" section to install the Securly CA certificate. Once that is completed, you will need to configure the iPad to use a PAC file. A PAC file is provided by your Sales Engineer before or during the deployment. If you have not been provided with a PAC file, please reach out to your Sales Engineer by submitting an email to firstname.lastname@example.org to have one created.
Navigate to: Settings > Wi-Fi > (i) next to Network Name > HTTP Proxy > Auto > URL