You would like to configure iPads to be filtered by Securly for on-site and/or off-site.
Prerequisite: Regardless of which deployment method you choose, all iPads must have the Securly CA installed for SSL inspection to work properly. It is important to know that filtering will still occur even without the certificate deployed, but users will receive certificate warnings in their browser for HTTPS sites that Securly provides SSL inspection (google.com, for example).
The certificate is included as an attachment at the end of this KB. The preferred method for deployment is with your Mobile Device Management (MDM) software. Please see below for our MDM KB links.
If you do not have an MDM, the steps to manually install the certificate can be found here: https://support.securly.com/hc/en-us/articles/206978437
PAC File URL
PAC file URL Notes by Apple iOS version. If URL is not matched correctly, there may be problems Apps or web browsing.
|iOS Version||Security||PAC file URL|
|10.1.1 and older||Unsecure Only||HTTP://|
|10.2.0 exactly||Secure Only||HTTPS://|
|10.2.1 and new||Unsecure or Secure||HTTP:// or HTTPS://|
On-Site Only Solution: If you are successfully using Securly DNS filtering already, all iPads should be covered with that implementation. If you do NOT use the Securly DNS filtering solution, and would only like to filter your iPads on-site, please submit a request to firstname.lastname@example.org, and jump over to our Best Practices Guide for further assistance.
On-Site and Off-Site Solution: A PAC file that is created by your Sales Engineer is a hard requirement for any off-site iPads. Please reach out to your Sales Engineer by submitting an email to email@example.com to have this created for you.
Once you have a PAC file ready for you, please follow one of our below MDM Platform KB articles to complete your setup:
- AirWatch: https://support.securly.com/hc/en-us/articles/214079038-How-to-deploy-Securly-to-iPads-with-AirWatch-MDM-
- Casper by JAMF: https://support.securly.com/hc/en-us/articles/212511418-How-to-deploy-Securly-via-Casper-JAMF-MDM-
- Meraki: https://support.securly.com/hc/en-us/articles/214771437-How-to-deploy-Securly-to-iPad-with-Meraki-s-System-Manager-
- FileWave: https://support.securly.com/hc/en-us/articles/225591508-How-to-deploy-Securly-to-iPad-using-FileWave-MDM-
- TabPilot: https://support.securly.com/hc/en-us/articles/224737027-How-to-deploy-Securly-to-iPad-using-TabPilot-MDM-
- Apple Configurator: https://support.securly.com/hc/en-us/articles/218848097-How-to-deploy-Securly-to-iPads-using-Apple-Configurator-
Off-Site Only Solution: Inline filtering appliances can conflict with an off-site iPad filtering solution. It is best to have a discussion with an engineer to come up with a design plan that works best for you.
Off-site Filtering Note: It is not recommended to allow iPads to go home without an MDM.
Please follow the above "Prerequisite" section to install the Securly CA certificate. Once that is completed, you will need to configure the iPad to use a PAC file. A PAC file is provided by your Sales Engineer before or during the deployment. If you have not been provided with a PAC file, please reach out to your Sales Engineer by submitting an email to firstname.lastname@example.org to have one created.
Navigate to: Settings > Wi-Fi > (i) next to Network Name > HTTP Proxy > Auto > URL
Later this Fall, Securly's current SSL Certificate will expire. We have provisioned a brand new SSL Certificate available below which expires in 2034. While to get up and running today you only need to have the original SSL Certificate Installed, we recommend that you install both SSL Certificates at the same time to ensure when the original expires, you are at no loss of service.