Network Requirements for Android Enterprise

Looking For

Something Else?


Android - Agent

This category covers Moki's Agent/Device Administrator management solution.


This category covers Moki's iOS management solution.

Android Enterprise

This category covers Moki's Android Enterprise management solution.


This category covers Moki's BrightSign management solution.


This category provides general FAQs about Moki's solutions.

News & Updates

This category provides news and updates.

What is Android Enterprise?

Android Enterprise is a Google-led initiative to enable the use of Android devices and apps in the workplace. The program offers APIs and other tools for developers to integrate support for Android into their enterprise mobility management (EMM) or mobile device management (MDM) solutions. 

There are three use cases supported on Android Enterprise. Moki’s Android Enterprise solution was built to manage company-owned devices for dedicated use. Dedicated devices are a subset of company-owned devices that serve a specific purpose. Android comes with a broad set of management features that allow organizations to configure devices for everything from employee-facing factory and industrial environments, to customer-facing signage and kiosk purposes.

Dedicated devices are typically locked to a single app or set of apps. Android 6.0+ offers granular control over a device’s lock screen, status bar, keyboard, and other key features, to prevent users from enabling other apps or performing other actions on dedicated devices.

An Android Enterprise solution is a combination of three components: your Moki Total Control console, a device policy controller (DPC), and managed Google Play.

Moki’s MDM Console

Moki’s MDM console is a cloud-based web application that allows admins to manage their organization, devices, and apps. Moki’s console has been integrated with the APIs and UI components provided by Android Enterprise.


All Android devices that Moki manages use Android’s DPC. A DPC is an agent that applies the management policies set in your Moki console to devices.

Managed Google Play

Managed Google Play is an enterprise app platform based on Google Play that is free to Android Enterprise customers and fully integrated into Moki’s MDM console. It combines the familiar user experience and app store features of Google Play with a set of management capabilities designed specifically for enterprises.

IT admins can use managed Google Play to discover apps, view app details, and purchase app licenses. IT admins can curate, manage, and distribute apps through Moki’s MDM console. 

Using Android Enterprise APIs, Moki can distribute apps to managed devices. Apps can be remotely installed on a device or added to the device’s managed Google Play store.

On managed devices, managed Google Play is the user’s enterprise app store. The interface is similar to Google Play—users can browse apps, view app details, and install them. Unlike the public version of Google Play, users can only install apps from managed Google Play that are whitelisted for them.

What is needed for Moki to communicate with devices?

The lifeblood of any mobile device rollout is the connectivity of the device. In order for Moki to communicate with the device there are ports that should be open constantly. It is also recommended that you get a dedicated network for the devices to connect to so that they can have maximum bandwidth and accessibility.

The following domains need to be allowed, (open port requirements):


TCP/443 Access to Moki’s cloud-based management platform.

Google Play and updates, – contains User Generated Content (e.g. app icons in the store)

*, *.ggpht,,, -Download apps and updates, PlayStore APIs

3 * TCP/443 EMM/Google APIs/PlayStore APIs
TCP/443 Authentication For[country], use your local top-level domain for [country]. For example, for Australia use, and for the United Kingdom use
5228-5230, 5235,5236
Google Cloud Messaging (e.g. EMM Console <-> DPC communication, like pushing configs)
Firebase Cloud Messaging (e.g. Find My Device, EMM Console <-> DPC communication, like pushing configs)
TCP/443 Certificate Revocation list checks for Google-issued certificates
TCP/443 Domains shared by various Google backend services such as crash reporting, Chrome Bookmark Sync, time sync (tlsdate), and many others
9 TCP/443 Chrome updates
10 TCP/443 CloudDPC download URL used in NFC provisioning
11 TCP/443 Connectivity check prior to CloudDPC v470 Android connectivity check starting with N MR1 requires _204 to be reachable, or for the given WiFi network to point to a reachable PAC file.


Submit a Ticket

Contact us by email, or just fill out the form

Skip to content