Back to Resources
DEPLOYMENT

iPad 1:1 Deployment Guide

Step-by-step guide for deploying KyberGate on iPad fleets using Jamf, Mosyle, or Apple School Manager.

10 min read

Prerequisites

iPads enrolled in Apple School Manager (ASM)

MDM solution (Jamf Pro, Mosyle, or similar)

Supervised mode enabled on all iPads

KyberGate organization account created

Network access to KyberGate proxy servers (auto-configured via PAC)

1

Download Your CA Certificate

Download your organization's CA certificate from the KyberGate dashboard (Settings → Proxy → Download CA Cert) or directly from proxy.kybergate.com/api/ca.pem. This certificate allows KyberGate to inspect HTTPS traffic.

2

Create MDM Certificate Profile

In your MDM console, create a new configuration profile. Add the CA certificate as a trusted root certificate. This must be deployed before the proxy profile to avoid certificate errors.

3

Create Proxy Auto-Config Profile

Create a second configuration profile with a Global HTTP Proxy payload. Set ProxyType to 'Auto' and set the PAC URL to: https://proxy.kybergate.com/api/pac/YOUR_ORG_ID?email=$EMAIL&udid=$UDID. Jamf will substitute the MDM variables automatically.

4

Deploy to Device Group

Assign both profiles to your iPad device group. Deploy in phases — start with a test group of 5-10 devices. Verify filtering is working by visiting a known blocked domain (e.g., tiktok.com).

5

Verify in KyberGate Dashboard

Log into dashboard.kybergate.com and check the Devices page. You should see your iPads appearing with status 'online'. Each device will show its UDID, model, OS version, and current user.

6

Configure Policies

Go to Policy Manager and apply appropriate filtering policies. Use the built-in templates (Elementary, Middle, High) or create custom policies. Set up schedule-based rules if needed.

Troubleshooting

Certificate errors on websites

Ensure the CA certificate profile is installed and trusted. Check Settings → General → About → Certificate Trust Settings on the iPad.

Devices not appearing in dashboard

Verify the PAC URL includes the correct orgId. Check that proxy.kybergate.com:8443 is not blocked by your firewall.

Some sites loading slowly

Check your network bandwidth. The proxy adds minimal latency (<50ms) but large sites may be slower on congested networks.

Apple services not working

Apple domains (*.apple.com, *.icloud.com) are automatically bypassed in the PAC file. If issues persist, add them to your org's bypass list.

Ready to deploy?

Start a free demo and get your first iPads filtered in under 15 minutes.

Start Free Demo

Chat with KyberGate

We typically respond within a few hours

👋 Hi! Have questions about KyberGate for your school? Drop us a message and we'll get back to you.