Skip to content

Back to Definitions

The Evolution of Apple's MDM Protocol

Apple first introduced its mobile device management (MDM) framework with the launch of iOS 4 back in 2009. MDM followed a reactive approach to managing devices remotely. That process entailed:

  • Enrollment of the remote device into management;
  • Pushing configuration profiles from a server to the newly enrolled device;
  • Regular, continual polling by the server to confirm that those configurations were still in force.

The back-and-forth nature of this communication puts stress on the MDM server, especially as the number of devices under management grows into the thousands.

Reactive vs Proactive MDM Protocols

With the introduction of iOS 15 in 2021 and a new device-management model called Declarative Device Management (DDM), Apple moved to reduce that stress and to increase the responsiveness of the system as a whole.

DDM shifts much of the management to the enrolled device itself. It allows the device to act independently and proactively when its configuration changes. Rather than waiting for the server to “ask”—typically at pre-defined intervals—whether or not there have been changes, in the DDM framework the device itself notices those changes. It then either notifies the server about the changes or even remediates itself.

See Kandji in Action

Experience Apple device management and security that actually gives you back your time.

Start Free Trial Contact Sales

DDM's Three Data Models

DDM relies on three main components:

  • Declarations
  • Status
  • Extensibility

Declarations

According to Apple’s DDM documentation:

Declarations are payloads the server defines and synchronizes to the device with the declarative management protocol. They represent policies the organization wants to enforce on the device, and other items such as management metadata.

There are, in turn, four declaration types:

Configurations define specific settings on a device, such as passcode requirements, account settings, screen-lock timeouts, and the like.

Assets are details that devices need for configuration.

Activations are configuration data sent to the devices. They can include multiple configurations.

Management is static information, such as your organization name.

Status

The second component, Status, refers to reports sent from the device to the server providing information about the device’s current state. Those reports can cover things like battery health, hardware family (i.e., MacBook Pro, iPad Air, etc.), OS information, serial number, and a host of other details. (For a full list, see the Status Documentation.)

Extensibility

Extensibility is the way devices and servers communicate with each other, letting them know what new capabilities may be available on the server or the device.

Why You Should Use Declarative Device Management

To be clear, DDM is not something that IT admins use. It’s something that MDM solution providers can build into the products those admins use. But DDM should improve the management experience for both admins and end-users. It makes management more automatic, more responsive, and more reliable, which is good for everyone.

It’s also important to note that DDM is not a replacement for traditional MDM, Rather, as Apple’s documentation put it:, “declarative management can co-exist with MDM commands and profiles,” meaning it sits peacefully side by side with MDM in your management solution.

Conclusion

In short, DDM will make managing devices easier. You’ll be able to create more complex management strategies that give you finer control over the devices you manage. You will have better visibility into your devices, allowing for more active and accurate management. And because much of the management burden is taken over by devices themselves, it should ease the load on networks and servers.

Apple has clearly stated that DDM is the future of device management. But all you have to do as an admin or IT manager is make sure your MDM solution is taking advantage of everything DDM makes possible.

More Kandji Content

  • ResourcesApple in the Enterprise Report 2024

    Apple in the Enterprise Report 2024

    Discover the trends shaping enterprise technology as Apple devices continue to gain ground in the corporate world.

    Learn more
  • Virtual EventKandji June Product Update 2024

    Introducing Assignment Maps

    Watch the virtual event recap from our latest product announcement. Kandji unveils new assignment features and automations that make administration easy and efficient regardless of scale and complexity.

    Watch the event
  • From The Customer StoriesDemandbase Saves 50 Hours a Month

    Demandbase Saves 50 Hours a Month with Automated Device Management

    Read how Demandbase reduced Mac-related support tickets by 75% after switching to Kandji.

    Keep reading
Background Amber waves

Manage and secure your Apple devices at scale.