https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415048#M9990 <P>This would disallow the use of multiple profiles or certificates on a device. You can have multiple payloads on a device to manage it, this would just disallow a user from allowing another source to manage the device. Try googling "malicious profiles ios" and you will see what this button is used to deter from.</P> Tue, 23 Jan 2018 20:01:46 GMT Dcooper 2018-01-23T20:01:46Z https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415047#M9989 <P>Noob question sorry,, what does this mean, never noticed it before <SPAN class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="mdm1.jpg" style="width: 986px;"><span class="lia-inline-image-display-wrapper" image-alt="image.jpeg"><img src="https://community.cisco.com/t5/image/serverpage/image-id/262694iD209E6C14D1E9D8C/image-size/large?v=v2&amp;px=999" role="button" title="image.jpeg" alt="image.jpeg" /></span></SPAN></P> Tue, 23 Jan 2018 19:48:13 GMT https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415047#M9989 MikeMandalorian 2018-01-23T19:48:13Z https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415048#M9990 <P>This would disallow the use of multiple profiles or certificates on a device. You can have multiple payloads on a device to manage it, this would just disallow a user from allowing another source to manage the device. Try googling "malicious profiles ios" and you will see what this button is used to deter from.</P> Tue, 23 Jan 2018 20:01:46 GMT https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415048#M9990 Dcooper 2018-01-23T20:01:46Z https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415049#M9991 <P>So it would be best to have it unchecked then ?</P> Tue, 23 Jan 2018 20:03:18 GMT https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415049#M9991 MikeMandalorian 2018-01-23T20:03:18Z https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415050#M9992 <P><A href="https://community.meraki.com/t5/user/viewprofilepage/user-id/3001">@Dcooper</A> Is correct about that specific restriction. As a side note, that does not impact Meraki from installing any profiles.</P><P>If you are asking what supervised does, it just allows you as an admin to push more settings to the device. Supervision can be done via Apple Configurator 2 or DEP (which is now mandatory).</P><P>Jared</P> Tue, 23 Jan 2018 20:08:22 GMT https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415050#M9992 jared_f 2018-01-23T20:08:22Z https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415051#M9993 <P>Yes sir, leave that unchecked to stay protected.</P> Tue, 23 Jan 2018 20:18:26 GMT https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415051#M9993 Dcooper 2018-01-23T20:18:26Z https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415052#M9994 <P>Unfortunately, we cannot do that because our users install profiles that we make available to them to join WiFi networks.</P><P>I wish Meraki would let us set up a policy to see that only whitelisted profiles are installed.</P> Tue, 23 Jan 2018 20:22:04 GMT https://community.cisco.com/t5/endpoint-security/supervised-ios/m-p/5415052#M9994 jared_f 2018-01-23T20:22:04Z