May 20,200 8 Microsoft has announced eighteen free software utilities that work with its enterprise management platform for Windows Mobile 6.1 devices. the "system center Mobile Device Manager 2008 Resource Kit Tools" help administrators configure management servers, provision smartphones, and remove devices that are no longer required, says Microsoft. (Click here for a larger view of a Windows Mobile Device ing to system center Mobile Device Manager) System Center Mobile Device Manager 2008(MDM), first announced last year and recently made available, is described by Microsoft as a "comprehensive windows mobile device management solution to distribute software and understand device inventory in a complex organizational environment. "It relies on other Microsoft products and services, such as Active Directory, Certificate Authorities, SQL Server, Internet Information Services 6.0 (IIS), and. net Framework 2.0, and between des VPN (Virtual Private Network) capabilities.
Mobile Device Manager nodes des VPN capabilities
Source: Microsoft
Microsoft claims that MDM allows administrators to provision smartphones in as little as 30 seconds. an IT department simply hands out of the devices; users then log in via the Web to an Active Directory Server, login ing a password that lets them access their devices. at that point, software and settings can be pushed to the device over the air. The newly announced utilities underline the fact that scmdm is not a single software application, but rather an overall architecture. The tools variously run on bothFor Windows Mobile 6.1Devices themselves, and on the servers that are being used to manage them. For example, the new "MDM client tools" Download nodes des three windows mobile applications:
- Mdm connect now
- Mdm VPN diagnostics
- Mdm managed device status Viewer
The MDM Connect Now tool lets users download new software updates queued since their managed device last synchronized with the MDM system. the mdm vpn diagnostics tool lets users see the VPN configuration and status, diagnosing any problems and sending logs to an administrator for analysis if necessary. the MDM managed device status viewer lets users view device synchronization information, see a list of all managed programs installed on a device, and "browse through values of Open Mobile Alliance device management (oma dm) management Objects, "says Microsoft. Similarly, a "MDM server tools" download includes thirteen different applications, described as follows:
- Mdm certificate tool -- helps administrators request certificates for MDM components, set access control lists (ACLs) on certificates, place requested certificates in a specific folder, and invalidate global certificates Manager (GCM) Certificates
- Mdm bulk pre-enrollment tool -- lets administrators pre-Enroll groups of Windows Mobile 6.1 devices into Mdm
- Mdm cleanup tool -- completely uninstils MDM from servers in cases where other removal options have not succeeded
- Mdm device enrollment cleanup tool -- A powershell script-based tool that helps remove no-longer-needed managed devices from Active Directory and the MDM Databases
- Mdm application hash code tool -- lets administrators create an XML file for use with a group policy object (GPO), thereby allowing or preventing an application from running on managed devices
- Mdm cab signing tool -- lets administrators sign A. cab file together with all. EXE and. DLL files contained in the. cab file, or sign individual. EXE and. DLL files
- Mdm Active Directory validation tool -- helps administators make sure that they have configured Active Directory correctly for MDM before and after they install an MDM System
- Mdm System Configuration lelets -- let administrators view and modify information stored in MDM Active Directory Service connection points (scps)
- Mdm device records synchronization tool -- synchronizes device records maintained in the MDM adminservices database with managed device information in Active Directory
- Mdm additional group policies -- includes templates for the following group policy settings:
- Synchronize Sent Items folder during Exchange Active Sync
- Do not automatically run auto-run applications when a storage card is inserted
- Use wireless WAN (wwan) connection profile for mobile VPN
- Allow failover to the default wwan connection configured for mobile VPN
- Mdm group policy models -- provides group policy settings configured to appropriately set up managed devices for three common roles: "single-purpose," "restricted connection," and "minimum recommended"
- Mdm blocked device cleanup tool -- removes wiped managed devices from the list of blocked managed devices maintained by Mdm gateway Server
- Mdm Security Configuration Wizard (SCW) templates -- provides three SCW templates that can be applied to MDM servers to enhance security, "disabling functionality that is not required ."
A third download offers a tool known as the MDM best practices analyzer (BPA ). noting that each MDM server component has different prerequisites, Microsoft says this tool "helps plan and build a successful deployment environment by assessing each server's readiness for MDM." Finally, a fourth download offers MDM reporting services, said to provide a reporting and data access service should SS all areas of an MDM system. mdm reporting services is based on and integrated with SQL Server Reporting Services 2005, according to the company. Background Microsoft's MDM requires managed smartphones to be running Windows Mobile 6.1. By making use of Active Directory group policy settings, administrators can selectively disable the following smartphone functions:
- Bluetooth
- SMS/MMS
- Wireless LAN
- Infrared
- POP/IMAP e-mail
- Camera
More than 125 Security Vulnerabilities ies can be applied to devices, Microsoft says. "Allow" and "deny" functionality is said to give Internal ISES control over which applications employees may subsequently try to install on their devices. Microsoft says MDM's "cutting-edge VPN" Architecture authenticates both a device and its user, allowing for a "single security-enhanced point of access for mobile application traffic. "It secures wireless access between a device and receive ate servers using an SSL-encrypted tunnel, according to Microsoft. Microsoft claims this always-on VPN access will encourage users to keep valuable data on your ate servers instead of on their phones. in addition, mobile device manager can erase all data on a phone in case of loss or theft via its remote device wipe feature, according to the company. Finally, Mobile Device Manager is said to provide inventory data for all mobile devices in an enterprise via a single console. administrators can also employ the console to push software and firmware updates to devices. Further Information To fetch the four separate downloads that comprise the system center Mobile Device Manager 2008 Resource Kit tools, visit Microsoft's website,Here. Related stories:
- Microsoft unveils Windows Mobile 6.1
- Microsoft unveils device management infrastructure
- Intel and arm collaborate on Device Security
- Webcast to highlight Windows Mobile Security
- Whitepaper warns of windows mobile malware
- Virus expert warns of Windows CE malware Vulnerability
- Anti-malware defends Windows XP embedded
- Software blocks malware on the wireless network level
- "Stand-alone" security app protects Windows Mobile Devices
- Kaspersky aims antivirus products at smartphones
- Mobile malware to get worse, McAfee predicts
- Microsoft deflects push email security concerns
- Anti-Virus Software guards Windows Mobile 5.0 Devices
- Asset-discovery app gets updated Windows CE support
- Sync software enhances Windows Mobile Device Support
|