| MIcrosoft enhances enterprise device management tools |
May 20, 2008
 Microsoft has announced eighteen free software utilities that work with its enterprise management platform for Windows Mobile 6.1 devices. The "System Center Mobile Device Manager 2008 Resource Kit Tools" help administrators configure management servers, provision smartphones, and remove devices that are no longer required, says Microsoft.
(Click here for a larger view of a Windows Mobile device connecting to System Center Mobile Device Manager)
System Center Mobile Device Manager 2008 (MDM), first announced last year and recently made available, is described by Microsoft as a "comprehensive Windows Mobile device management solution to distribute software and understand device inventory in a complex organizational environment." It relies on other Microsoft products and services, such as Active Directory, Certificate Authorities, SQL Server, Internet Information Services 6.0 (IIS), and .NET Framework 2.0, and includes VPN (virtual private network) capabilities.
Mobile Device Manager includes VPN capabilities
Source: Microsoft
Microsoft claims that MDM allows administrators to provision smartphones in as little as 30 seconds. An IT department simply hands out the devices; users then log in via the Web to an Active Directory server, receiving a password that lets them access their devices. At that point, software and settings can be pushed to the device over the air.
The newly announced utilities underline the fact that SCMDM is not a single software application, but rather an overall architecture. The tools variously run on both Windows Mobile 6.1 devices themselves, and on the servers that are being used to manage them.
For example, the new "MDM Client Tools" download includes three Windows Mobile applications:- MDM Connect Now
- MDM VPN Diagnostics
- MDM Managed Device Status Viewer
The MDM Connect Now Tool lets users download new software updates queued since their managed device last synchronized with the MDM system. The MDM VPN Diagnostics Tool lets users see the VPN configuration and status, diagnosing any problems and sending logs to an administrator for analysis if necessary. The MDM Managed Device Status Viewer lets users view device synchronization information, see a list of all managed programs installed on a device, and "browse through values of Open Mobile Alliance Device Management (OMA DM) management objects," says Microsoft.
Similarly, a "MDM Server Tools" download includes thirteen different applications, described as follows:- MDM Certificate Tool -- helps administrators request certificates for MDM components, set Access Control Lists (ACLs) on certificates, place requested certificates in a specific folder, and invalidate Global Certification Manager (GCM) certificates
- MDM Bulk Pre-Enrollment Tool -- lets administrators pre-enroll groups of Windows Mobile 6.1 devices into MDM
- MDM Cleanup Tool -- completely uninstalls MDM from servers in cases where other removal options have not succeeded
- MDM Device Enrollment Cleanup Tool -- a PowerShell script-based tool that helps remove no-longer-needed managed devices from Active Directory and the MDM databases
- MDM Application Hash Code Tool -- lets administrators create an XML file for use with a Group Policy Object (GPO), thereby allowing or preventing an application from running on managed devices
- MDM CAB Signing Tool -- lets administrators sign a .cab file together with all .exe and .dll files contained in the .cab file, or sign individual .exe and .dll files
- MDM Active Directory Validation Tool -- helps administators make sure that they have configured Active Directory correctly for MDM before and after they install an MDM system
- MDM System Configuration Cmdlets -- let administrators view and modify information stored in MDM Active Directory Service Connection Points (SCPs)
- MDM Device Records Synchronization Tool -- synchronizes device records maintained in the MDM AdminServices database with managed device information in Active Directory
- MDM Additional Group Policies -- includes templates for the following Group Policy settings:
- Synchronize Sent Items folder during Exchange Active Sync
- Do not automatically run auto-run applications when a storage card is inserted
- Use Wireless WAN (WWAN) connection profile for Mobile VPN
- Allow failover to the default WWAN connection configured for Mobile VPN
- MDM Group Policy Models -- provides Group Policy settings configured to appropriately set up managed devices for three common roles: "single-purpose," "restricted connection," and "minimum recommended"
- MDM Blocked Device Cleanup Tool -- removes wiped managed devices from the list of blocked managed devices maintained by MDM Gateway Server
- MDM Security Configuration Wizard (SCW) Templates -- provides three SCW templates that can be applied to MDM servers to enhance security, "disabling functionality that is not required."
A third download offers a tool known as the MDM Best Practices Analyzer (BPA). Noting that each MDM server component has different prerequisites, Microsoft says this tool "helps plan and build a successful deployment environment by assessing each server's readiness for MDM."
Finally, a fourth download offers MDM Reporting Services, said to provide a reporting and data access service across all areas of an MDM system. MDM Reporting Services is based on and integrated with SQL Server Reporting Services 2005, according to the company.
Background
Microsoft's MDM requires managed smartphones to be running Windows Mobile 6.1. By making use of Active Directory Group Policy settings, administrators can selectively disable the following smartphone functions:- Bluetooth
- SMS/MMS
- Wireless LAN
- Infrared
- POP/IMAP e-mail
- Camera
More than 125 security policies can be applied to devices, Microsoft says. "Allow" and "deny" functionality is said to give enterprises control over which applications employees may subsequently try to install on their devices.
Microsoft says MDM's "cutting-edge VPN" architecture authenticates both a device and its user, allowing for a "single security-enhanced point of access for mobile application traffic." It secures wireless access between a device and corporate servers using an SSL-encrypted tunnel, according to Microsoft.
Microsoft claims this always-on VPN access will encourage users to keep valuable data on corporate servers instead of on their phones. In addition, Mobile Device Manager can erase all data on a phone in case of loss or theft via its remote device wipe feature, according to the company.
Finally, Mobile Device Manager is said to provide inventory data for all mobile devices in an enterprise via a single console. Administrators can also employ the console to push software and firmware updates to devices.
Further Information
To fetch the four separate downloads that comprise the System Center Mobile Device Manager 2008 Resource Kit Tools, visit Microsoft's website, here.
Related stories:
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
news feed