techlockdown logo
B

Recommended Andoff Settings

There are several ways to lock down your Android device once Andoff is installed. We recommend a combination of Andoff and Tech Lockdown settings.

techlockdown logo
Tech Lockdown Team

Now that you have your Android smartphone configure with Andoff, you will be able to make use of its features.

There are some features that we strongly recommend to enforce your device's connection to your DNS Content Policy:

  • Protect the Cloudflare One Agent and prevent it from being uninstalled or disabled.
  • Lock the VPN used on your smartphone to only use your filtered connection.
  • Block access to Android settings to prevent network settings from be changed.
  • Disable Factory Reset.

Recommended Tech Lockdown Settings

Install the Cloudflare One Agent

App Preferences

You can change this by logging into the Tech Lockdown dashboard and going to Settings > App Preferences:

Recommended Andoff Settings

You can change this to see all of the available options.

Turn on Advanced mode

You should see a menu like this:

Andoff's home screen should look have many more options available:

Block or Protect Apps

You will see a list of currently installed apps on your smartphone. You have the option to either Block or Protect an app.

You can further customize as needed, by either protecting or blocking specific apps.

If you try to uninstall or disable a Protected app, you won't be able to uninstall the app. You may still see the option to uninstall that app, but your smartphone will show an error and it will fail:

Lock VPN

We recommend setting this to Cloudflare Zero Trust.

Protect Private DNS settings

You can choose to enable this if you've connected your device to your Content Policy manually. We recommend enabling the feature anyway, so DNS settings can't be overwritten later.

Other settings

Make sure the following settings are turned on:

  • Disallow hotspot and tethering
  • Disallow network reset
  • Basic protection

Dumb Phone Restrictions

If you want to a highly restrictive setup, here are the settings that we recommend using:

  • Block new apps from being installed onto your smartphone
  • Block the Settings app
  • Block Web Browsers (including the default Android browser)
  • Disallow hotspot and tethering
  • Disallow network reset

Block new apps from being installed onto your smartphone

Generally disallow app uninstallation

We recommend setting this to on:

While enable, the option to disable or uninstall app will be removed from the home screen for all apps: 

Block the Settings app

Block Web Browsers (including the default Android browser)

Disallow hotspot and tethering, and Disallow network reset

Block safe mode and factory reset

Enable Protect against safe mode and Protect against factory reset options:

Lock Andoff settings with a Password or Time Delay

You can now set Andoff settings to be blocked with a password or time delay.

Next Up

tutorial

Frequently Asked Questions (for Andoff)

null

View