Microsoft takes big step in managing enterprise handhelds
- 07 April, 2008 08:14
One new bit of code in Windows Mobile 6.1 makes this otherwise-minor release of Microsoft's handheld operating system a watershed for enterprise users.
The new code contains hooks into Microsoft's System Center Mobile Device Manager 2008 (MDM), a new server application that is the first major effort by the company to make handhelds as manageable and secure as PCs. At the CTIA Wireless show, Microsoft announced that MDM, unveiled last October, was now shipping.
The company also said that a handful of mobile carriers are preparing subscription service plans for enterprise customers, built around MDM. The carriers will offer simplified licensing for the application, one-call tech support, and an optimized network connection for subscriber devices.
Enterprises face a daunting set of challenges in administering and securing Windows Mobile handhelds and the corporate data they carry. In meeting these challenges, Microsoft has lagged far behind a group of well-established rivals, both large and small.
MDM is a major step forward for Microsoft. It's a licensed server application, deployed behind the firewall, with a gateway server in the DMZ. Each mobile client needs a separate access license. The server works only with Windows Mobile 6.1, just released and due out on new phones by mid-year. Version 6.0 phones can be upgraded to 6.1, says John Traynor, a senior director in Microsoft's Mobile Communications Business.
In Version 6.1, Microsoft added code to support automatic device enrollment, a new mobile VPN, and mobile VPN drivers for WLAN and cellular adapters. As a result, devices with Version 6.1 can register automatically with MDM, with no additional client code to download or administer. "Typically a user would be provided a one-time [registration] password," Traynor says. "They input their e-mail address on the device, with the password, the device registers automatically, and then downloads the relevant [management and security] policies. It's a very simple process."
This first MDM release has 130 such policies, implementing and enforcing a wide range of administrative and security controls on the handsets. Among other things, administrators can permit or block specific applications on the device, encrypt different types or groups of files and data, and disable cameras or any of a number of communications interfaces, including Bluetooth and Wi-Fi.
Also in Windows Mobile 6.1, Microsoft has introduced its first VPN designed specifically for handhelds, called Mobile VPN, which ensures that device traffic only flows over an authenticated, encrypted link. The previous version did have a VPN feature, but it was not optimized for mobile networks, says Traynor. Mobile VPN sets up the IPsec tunnel to the MDM gateway server, which authenticates the connection using Internet Key Exchange Version 2 (IKEv2) and the machine certificates downloaded during the enrollment process.
Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.
- Credit Union Australia signs Good Technology to secure 400 devices
- Taxi startup ingogo hails $3.4 million in latest funding round
- Updated: Federal Court dismisses Aust Post trade mark appeal
- Ruyton Girls’ School to swap paper books for tablets
- Training critical to Australia tapping broadband potential: CSIRO
Training critical to Australia tapping broadband potential: CSIRO
US faces major Internet image problem, former gov't official says
Why CIOs stick with cloud computing despite NSA snooping scandal
Telstra hits 300 Mbps in LTE-A trial
TPG buys AAPT