Monday, December 9, 2013

Mobile Device Management - Part III

I just finished reading Instant XenMobile MDM - a very simple book with only 46 pages.

The book compares container-based solutions by many other vendors with the application-based enforcement found in Citrix XenMobile MDM (mobile device management). Container-based solutions are applications that embed corporate data, e-mail, contact, and calendar data.

Unfortunately, in many cases these solutions break the user experience by limiting how they can use native applications. XenMobile does this without compromising the user experience, allowing the secure applications to exist and share the same calendar, contact, and other key integration points on the mobile device. They were the only vendors at the time of writing this book, that had a single management platform which provided MDM features with secure storage, integrated VDI, multitenant, and application load balancing features, which we believe are some of the differentiators between XenMobile and its competitors.

The concept of Citrix XenMobile MDM is very similar to that of Blackberry Enterprise Server, except it supports more devices. It has integration with Apple iOS 7 MDM APIs as well as Samsung KNOX and Amazon MDM platforms extend the 60+ application-specific policy controls of XenMobile.

A "Quick start - setting up your XenMobile Server" follows in subsequent chapter. The setting up of Citrix XenMobile MDM is fairly straight-forward. (This reminds me of BES server installation sometimes back. Very simple and fast to deploy)

It covers specific platforms like Apple iOS and Samsung SAFE (Samsung for Enterprise).

The book ends with "Top 6 features you need to know about".

  1. Reporting
  2. Application stores
  3. Secure Mobile Gateway
  4. The XenMobile service manager
  5. Dashboard management
  6. Common management tasks

There are many reports which are mostly self-explanatory. E.g. OS version, OS type, Device Type. The more interesting report will be those that list the jailbroken devices and rooted devices.

I am more interested in Secure Mobile Gateway since I'm a Mail person (used to deploy numerous Sun Messaging Servers in the South-East Asia region), besides IAMS.

Secure Mobile Gateway provides granular access control for e-mail and calendar applications on devices that support Microsoft ActiveSync. ….

The benefit of Secure Mobile Gateway is that it ensures that a user won't bypass your XenMobile policies that are being enforced on devices. A user who does not agree with your policies may decide to skip enrollment. He may have somehow decided that he does not need corporate applications that are being pushed or other device centric policies. However, typically most users will need access to their e-mail from their devices. If a user somehow figures out the necessary settings and credentials to configure his device manually, Secure Mobile Gateway can intercept that connection and make policies decisions based on an organization's needs. In other words, you could stop a user from accessing e-mails until he enrolls in the XenMobile MDM solution..

Citrix Secure Mobile Gateway works as an ISAPI plugin on the same server with Microsoft Forefront Threat Management Gateway.

Hmm… I thought Microsoft has announced discontinued support for Microsoft Forefront Threat Management Gateway? No, it still has mainstream support until April 2015 and extended support until April 2020. Good to know.


1 comment:

  1. The Instant XenMobile MDM book compares container-based solutions offered by various vendors with Citrix XenMobile MDM (mobile device management). This MDM application, based on application-based enforcement, functions on a single management platform with secure storage, integrated VDI, multitenant, and application load balancing features. Yes, it's good enough. But, has it been compared with the Comodo MDM mobile device management solution? Is it as good as the Comodo MDM solution.