Afaria 6.6 FP1 A closer look

Agenda

• Some more details on the new features in 6.6 & FP1

• iPhone iOS 4 MDM

• A closer look at the beta!

Afaria 6.6 & 6.6 FP1 New Features

Android Client• Inventory

• Hardware and Software inventory of devices• License Manager support for tracking software licensing

• Configuration• Configuration of WiFi settings • More to follow as OS APIs support available

• Remote Wipe/Lock/Unlock• Ability to trigger Wipe, Lock or Unlock of device from Afaria console

• Password Policies• Policy control of password enforcement, format, # failed attempts etc.

• Session Manager• Send, Get, Delete, Copy and logic commands supported within our

program space on device• Exchange Access Control

• Block email access for unmanaged devices

Afaria 6.6 & 6.6 FP1 New Features

Roaming Controls for Win-Mobile and Symbian• Windows Mobile

• Configuration manager options when roaming to• Disable data/email attachments/Afaria scheduled or manual

connections/IMAP & POP3 email when roaming• Display message to end user

• New Roaming Monitor to trigger custom actions when device roams• Symbian

• Configuration Manager options to• Disable data connections/Afaria scheduled or manual connections• Display message to end user

• New Roaming Monitor to trigger custom actions when device roams

Afaria 6.6 & 6.6 FP1 New Features

OMA DM• OMA DM policy file (DDF) import option

• Easier to support new functionality from new DDFs without building XML from scratch

Windows Mobile Management Update• Updated UI look and feel• Software Manager enhancements– More installation control options around silent install, soft reset

of device, CAB status etc.• Kill process option Server Infrastructure updates• Windows 2008 R2 64-bit server support• SQL 2008 Support• Updated installation process

iPhone Device Management

• 80% of the Fortune 100 companies in the US now actively piloting or deploying iPhone.

• In September 2009, 16% of US information workers used iPhones for work, even at the world's largest organizations.*

• By the end of 2009, Apple was estimated to have sold:– Two million iPhones to corporate accounts– Another five million iPhones were estimated to be in

mixed business use by individuals.***Forrester Blogs. Ted Schadler, January 27, 2010

** Apple Insider: http://www.appleinsider.com/articles/10/01/29/apple_to_target_ipad_at_business_users_through_new_features_sources.html

SUCCESS OF IPHONE IN THE ENTERPRISE

APPLE MDM PROTOCOL

• New MDM protocol native in iOS 4 provides enterprise-grade device management

– iOS handles all MDM requests and actions in the background using a single connection– Maintains end user experience as device is managed without user interaction after initial

provisioning– Policies installed are confirmed back to the server providing compliance assurance– Uses the Apple Push Notification Service (APNS) to deliver management to the device

• MDM Capabilities– Install/remove device configuration policies without user interaction– Query comprehensive software and hardware inventory and asset tracking information– Detect jail broken status– Remote erase, lock and clear passcode

• If MDM relationship is terminated, managed applications are disabled, configuration data is removed from the device and managed Exchange account information and data is removed

• Once a MDM relationship is established only that entity can manage the device using MDM protocol

MDM COMMUNICATION

DMZ

Provisioning Process

Ongoing Management

User Action

Provision & Send MDM PayloadProvision & Send MDM Payload

Device Association w/ServerDevice Association w/Server

Server CommunicationServer Communication

NotificationNotificationServerServerApple Push Notification

Service

Opt inOpt in

AFARIA FOR IPHONE TODAY (AFARIA 6.5 FP2)

• Basic support for iOS4 and iPhone/iPad 3.x OS

• Lockable configuration policies for OTA distribution to iPhones

• Integrated iPhone management into the Afaria console

• Trust relationship between the Afaria system and iPhones client devices to allow profiles (policies) to be set by the administrator

• Exchange Access Control support

• Remote kill for iPhone and iPad through Exchange.

• New Afaria client with jail break detection

AFARIA 6.6 FP1 KEY FEATURES FOR iOS 4

Enables the secure provisioning and management of iPhone deployments in the enterprise

Advanced Policy

ManagementEnterprise

App Deployment

Corporate Security

Accurate Asset

Tracking

Afaria Client

ENTERPRISE APPLICATION DEPLOYMENT

• Delivers enterprise in-house apps OTA, providing distribution control and reliable delivery

• Allows users to download both enterprise and suggested apps through Afaria client portal on the device

• Provides security for IT while maintaining user independence

– Enterprise apps can be managed separately from user applications

– Ability to revoke application usage remotely

• Allows authorized apps to be assigned by user groups

• Supports both 'required' and 'optional' models for package deployment

• Enables tracking and reporting of enterprise package installation

ADVANCED POLICY MANAGEMENT

Removable Policies

Remote Lock, Erase and Reset

No User Interaction

MDM Relationship

Multiple Platforms One Console

Configuration profiles can be installed and removed by the IT administrator

Native commands from the console

Deliver and remove device policies behind the scenes

Termination causes removal of managed applications Configuration data and Managed Exchange account information and data

iOS, Android, WM, Symbian, Palm and Windows

iOS 4 CONFIGURATION SETTINGSPasscode Settings WIFI Settings Restrictions Exchange

• Require Passcode• Allow Simple Value• Require Alphanumeric Value• Minimum Passcode Length• Minimum Complex Characters• Maximum Number of Failed Attempts – device is wiped• Maximum Passcode Age – in Days• Passcode Lock – in minutes

• Grace Period for device lock • Passcode History

• Service Set Identifier - SSID of the wireless network• Hidden Network• Security Type

• Password• Accepted EAP Types • EAP-FAST Protected Access

• Authentication Settings • Identity Certificate • Certificates for validating the authentication server for the Wi-Fi connection. • Trusted authentication servers • Allow Trust Exceptions

• SSID •Hidden Network • Encryption Type

• Allow Explicit Content• Allow Use of Safari• Allow Use of YouTube• Allow Use of iTunes• Allow Installing Apps• Allow Use of Camera• Allow Screen Capture• Allow Voice Dialing• Force Encrypted Backups• Allow Multiplayer Games• Set Safari Security Preferences• Force Fraud Warning• Allow Java Script• Allow Pop Ups• Accept Cookies• Allow inApp Purchaces• Content Rating• Disable Push while Roaming

• Account Name• Exchange Active Sync Host• User• Email Address• Use SSL

• Domain • Password • Credential Name• Number of Past Days to SyncUser is prompted for values not set

VPN Settings Email LDAP/CalDAV/Calendars/Web Clip

Advanced

•Connection Name• Connection Type• Server IP or Name• Account• Authentication Type• Shared Secret Entry• Send All Traffic Through VPN Setting • Proxy

VPN’s Supported• L2TP/IP• PPTP• Cisco IPSec

• Account Description• Account Type – IMAP or POP• Path Prefix• Account Name• Email Address• Mail Server and Port• Username• Use Password Authentication• Use SSL

• Incoming Username • Outgoing Username

• LDAP Connection Settings• CalDAV Connection Settings• Calendar Connection Settings• Web Clip Settings• Certificate Payload• SCEP Payload• CardDAV

• APN• AP Username• AP Password• Proxy Server and Port

Available with Afaria todayNew Configuration for iOS 4

CORPORATE SECURITY

• Devices can be locked and wiped remotely from through commands sent through the Apple push notification service

• Passcode reset commands can be sent to the device requiring a passcode change

• Policies and device configurations are reliably applied to the device with status being reported back to the server

• Enterprise application usage can be revoked

• Removing managed Exchange credentials removes account and PIM data from the device

• Able to gate access to Exchange email based upon device policy compliance, time/date of last client connection, and jailbreak

status

ASSET TRACKING• Accurate and comprehensive asset tracking provides a real

time view of current inventory and device status

• Data is easily accessed through the Afaria console

• MDM allows a queries to the device that report the following information

Device Info Network Info Applications Compliance and Security

• UDID• Device Name• iPhone OS and Build• Model Name and Number• Serial Number• Capacity and Space Available• IMEI• Device Compromised• Modem Firmware

• ICCID• BR and Wi-Fi MAC Address• Current Carrier Network• SIM Carrier Network• Carrier Settings Version• Phone Number• Data Roaming Setting (On.Off)

• Applications Installed • App ID • App Name • App Version • App and App Data Size• Provisioning Profiles

Installed • Expiry Dates

• Configuration Profile Installed

• Certificates Installed• List of All Restrictions

Enforced• Hardware Encryption

Capability• Passcode Present

AFARIA CLIENT ON THE DEVICE• Afaria client is downloadable from the App Store

• Afaria console is equipped to send a configuration message to the device to configure the client connection automatically

• Client can be manually configured on the device if required

• Client provides:– Extra jailbreak detection– App selection and download– Provides Exchange Access Control by optionally

requiring the client to connect periodically

AFARIA CONSOLE MANAGEMENT

• iPhone management is part of the Policy and Profile infrastructure

• Assign apps to profiles that are downloaded through Afaria Client

• Configuration profiles are now policies within the Afaria console – Create and edit configuration policies in the Afaria console– No longer requires iPhone Configuration Utility (iPCU)– Ability to import policies from iPCU in the event that new policies are available before they are in

Afaria

• Send OTA commands to erase, lock the device and reset pass codes using native Apple commands no longer requiring Active Sync

• View and manage iOS devices in client data views– Add, edit, delete client in standard Afaria UI

• Integrated inventory views, log data and reports displayed in data views

A CLOSER LOOK

WHY AFARIA?

Thank you