Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Delivering a Standard Mobile
Operating Environment
Don Kerr : Business Solutions Marketing – Windows Mobile
Rick Anderson : Mobility Solution Sales
Agenda
1. The Mobile overview – industry, trends, market
2. Is Exchange Good Enough????
3. A Standard Mobile Operating Environment
4. What is the business opportunity for Partners?
5. Resources
Market Shifting Beyond Messaging
• Fastest growth in rich mobile scenarios beyond e-mail
– Corporate data access and mobile LOB grows 5.4x from 2006–2011
– Messaging-only grows 2.3x in the same time period– 27% of global workforce mobile by 2009 *IDC
Note: Sizing based on support for Microsoft solutions. Source: MED Finance analysis and industry reports
Corporate data access and mobile LOB
Corporate data access and mobile LOB
Mobile Messaging
Mobile Messaging
6.3 MM
3.6 MM
0.9 MM
14.7 MM
19.8 MM
4.5 MM
2006 2011
Growth of the mobile client
18.6%Mobile PCs
5.8%Mobile Phones
3.9%Desktop PCs
34.1%Converged
Mobile Phones
Source: Gartner Dataquest, and IDC 2006
245 Million Converged
Devices by 2010
Shift in “User Type” of Mobile Devices
Segment Distribution Shifts : 2006 vs. 2008
2006 Segmentation2008 Segmentation
Po
wer U
sers
Practi
cal
Users
Co
mm
un
icato
rs
Min
imali
sts
Note: Comparison only done among countries surveyed in both 2006 and 2008 – US, W. Europe, Japan & China.
IMPROVE USER
PRODUCTIVITY AWAY
FROM THE DESK
THROUGH MOBILE
ACCESS TO:
- Messaging
- Documents
- Search
DRIVE BUSINESS
RESPONSIVENESS
WHILE AWAY FROM THE
DESK THROUGH
MOBILE ACCESS TO:
- Mobile Forms &
Portals
- Business Intelligence
& Reporting
- Custom Mobile Apps
Mobile Solution Progress
Fundamental
• Provides the fundamental solution
that empowers mobile workers with
adaptable infrastructure and
departmental applications
• Enables mobile access to data
• Provides efficient data management
and integrated search capabilities to
mobile devices
Comprehensive
• Extends mobile access to
communication and collaboration
tools
• Enhances process participation away
from the desk
• Improves mobile access to data
reporting and analysis tools
Leading
• Streamlines mobile access to corporate
data
• Enables seamless communication and
collaboration with external partners
from mobile devices
• Enables mobile access to enterprise-
wide reporting and analysis tools
Exchange is GOOD ENOUGH
Exchange ActiveSync Policies
Exchange Server Standard CAL
Sync
• Configure message formats
(HTML or plain txt)
• Include past email items
• Email body truncation size
• HTML email body truncation size
• Include past calendar items
(Duration)
• Require manual sync while
roaming
• Allow attachment download
• Maximum attachment size
Authentication
• Minimum number of complex
characters
• Enable password recovery
• Allow simple password
• Password Expiration (Days)
• Enforce password history
• Windows file share access
• Windows SharePoint access
• Minimum password length
• Timeout without user input
• Require password
• Require alphanumeric password
• Number of failed attempts
• Policy refresh interval
• Allow Non-provisionable devices
Encryption
• Require signed SMIME messages
• Require encrypted SMIME
messages
• Require Signed SMIME algorithm
• Require encrypted SMIME
algorithm
• Allow SMIME encrypted algorithm
negotiation
• Allow SMIME SoftCerts
• Device encryption
• Encrypt storage card
Color Key
Exchange 2007 SP1
Exchange 2007 RTM
Exchange 2003 SP2
Exchange ActiveSync Policies
Exchange Server Enterprise CAL
Device Control
Disable desktop ActiveSync
Disable removable storage
Disable camera
Disable SMS and any MMS text messaging
Network Control
Disable Wi-Fi
Disable Bluetooth
Disable IrDA
Allow internet sharing from device
Allow desktop sharing from device
Application Control
Disable POP3/IMAP4 email
Allow consumer email
Allow browser
Allow unsigned applications
Allow unsigned CABs
Application allow list
Application block list
Color Key
Exchange 2007 SP1
Exchange 2007 RTM
Exchange 2003 SP2
Who is in control??
It seems that smart phones have too many security risks
and could jeopardize our enterprise
“Who will tell the CEO to
give up their smart phone?”
=
Common Criteria Evaluation for Windows
Mobile
• Windows Mobile has been awarded the Common Criteria
Evaluation Assurance Level 2+ (EAL2+) for:
– Windows Mobile 5.0 with MSFP
– Windows Mobile 6
• Certification lab is Stratsec, Canberra, Australia
• http://www.dsd.gov.au/infosec/evaluation_services/epl/epl
.html
Introducing: System Center Mobile Device
Manager 2008
End User Experience
John
Gateway/VPN
Server
Enrollment & Device
Management Server
Corporate
Resources
Standard Mobile Operating Environment
• Integration with existing Microsoft Technologies– Active Directory, Group Policy, WSUS, Windows Server, SQL, CA
– Exchange not mandatory
• No duplication of management effort
• No Single Point of Failure (NOC)
• Customer controls end to end security
Business Opportunity for Partners
• Revenue
• Driving alignment with Core IO progress
• Mobile Device Manager SI Certification
Secure Mobile Messaging Only
Mobile messaging with high security due to regulatory compliance issues or internal security policies
Key Messages
Security management
Integration with AD/GP
Inventory and reporting
Standard Mobile Operating Environment
“SWEET spot” is…
Applications, Documents, Data
Rich applications for task workers using ruggedized handhelds with no requirement for mobile messaging
Key Messages
Mobile VPN
OTA software distribution
Rich inventory and reporting
App allow/deny
Apps, Docs, Data & Messaging
Rich or lightweight LOB applications. Could also include high security requirements mobile messaging
Key Messages
Mobile VPN
Advanced DM features
Security management
Breadth Messaging Only
Mobile messaging/PIM withlowest TCO and baseline securityand manageability
Key Message
Exchange Standard CAL is “good enough”
Exchange Ent. CAL for device management
Product Offerings
Offering Category License Offering Net Price (Select
C level)
Microsoft Systems Center
Mobile Device Manager
2008 (MDM 2008)
MDM 2008 Server License $1500
MDM 2008 User Client Access License
(CAL)
$40
MDM 2008 Device Client Access License
(CAL)
$40
Microsoft Systems Center
Mobile Device Manager
2008 with Microsoft SQL
Server 2005 Technology
(MDM 2008 with SQL)
MDM 2008 with SQL Server License $2122
MDM 2008 with SQL User Client Access
License (CAL)
$40
MDM 2008 with SQL Device Client Access
License (CAL)
$40
B S R/A D
FU
ND
AM
EN
TA
L
Security & Networking
Identity & Access Mgmt
Desktop, Device & Server
Mgmt
Data Protection & Recovery
IT & Security Process
CO
MP
RE
HE
NS
IVE Security & Networking
Identity & Access Mgmt
Desktop, Device & Server
Mgmt
Data Protection & Recovery
IT & Security Process
LE
AD
ING
Security & Networking
Identity & Access Mgmt
Desktop, Device & Server
Mgmt
Data Protection & Recovery
IT & Security Process
Secure, remote access, server isolation for directory and e-mail server. Secure wireless networking.
Directory tools for central administration. Information protection infrastructure.
Mobile device provisioning, security policy provisioning for mobile devices, remote wipe, and policy enforcement for mobile devices.
Remotely manage devices and enforce corporate IT policy “over the air,” remote synchronization.
CORE IO MAPPING
Secure, remote access. Server isolation for directory and e-mail server. Secure wireless networking.
Directory tools for central administration. Information protection infrastructure.
Certificate provisioning and authorization for mobile devices and Web apps
Remote synchronization. Backup and restore on servers.
Quarantine for desktops and devices. SIP for secure communication through presence.
Federated identity management across organizational and platform boundaries.
Standard mobile OS, apps push, access to LOB apps, patch management for devices, bootstrapping, and asset management for mobile devices.
Backup restore on all servers & mobile device data.
Streamlined security management, all security processes and policies are in place.
The Business Opportunity for SIs
• Mobile device management should be an integral part of any enterprise IT infrastructure
• MDM is a complex product for businesses to deploy
• Microsoft can help SIs become MDM-certified
Mobile Device Manager SI
Certification Requirements
* If available
Internal deployment of
Mobile Device Manager
Evidence of Mobility
practice
Creation of Mobile
Device Manager Partner
Solution Plan
MDM 400-level
training
Next Steps
• Deploy SCMDM inside your organisation
• MDM evaluation: 120 trial version– http://technet.microsoft.com/en-au/evalcenter/cc339027.aspx
• Brightpoint– Device offers @ APC
– Device Customisation service
• Loan/Seed devices– Trial a Treo
www.palm.com/au/trytreo
• Mobility Competency– https://partner.microsoft.com/global/productssolutions/mobility
• Significant/strategic opp engagement with MS– Rick “Batman” Anderson
– Peter “Robin” Brown
Partner Readiness
• SCMDM Tech Center
http://technet.microsoft.com/en-us/scmdm/default.aspx
• MDM Resource Kit Tools
http://technet.microsoft.com/en-au/scmdm/cc304591.aspx
• Partner Sales Resources– General: https://partner.microsoft.com/partnersaleresources
– MDM Specific: https://partner.microsoft.com/Australia/40050861?PS=95000124
Architecture Guidance & Whitepapers
• Configuring External and Internal Firewalls in Mobile
Device Managerhttp://technet.microsoft.com/en-us/library/cc645153(TechNet.10).aspx
• Integrating Mobile Device Manager with Existing Web
Sites or SharePoint Serverhttp://technet.microsoft.com/en-us/library/cc678152(TechNet.10).aspx
• Integrating Mobile Device Manager with Microsoft
Exchange Serverhttp://technet.microsoft.com/en-us/library/cc645161(TechNet.10).aspx
• Integrating Mobile Device Manager with Office
Communications Serverhttp://technet.microsoft.com/en-us/library/cc664624(TechNet.10).aspx