uklug 2011 - ios devices in the enterprise
DESCRIPTION
These slides have been shown at UKLUG 2011 in Manchester and are overview about the iOS management capabilities.TRANSCRIPT
![Page 1: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/1.jpg)
Presenter: René Winkelmeyer Company: midpoints | purify it
iOS devices in the enterprise
![Page 2: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/2.jpg)
• René Winkelmeyer
• Senior Consultant at midpoints | purify it
• IBM Design Partner for Notes/Domino NEXT
• IBM Design Partner for Mobile
• OpenNTF projects
• File Navigator (http://filenavigator.openntf.org)
• Contact • Skype/Twitter/LinkedIn/Facebook: muenzpraeger • http://blog.winkelmeyer.com • [email protected] / [email protected]
About the speaker
![Page 3: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/3.jpg)
• midpoints | purify it (http://www.midpoints.de)
• IBM Advanced Business Partner
• Apple Enterprise Developer Partner
• we mobilize notes
• IBM Lotus Traveler administration add-ons
• IBM Lotus Traveler deployments
• E-Mail-Management consulting
• Notes/Domino, RCP, XPages development
About the speaker
![Page 4: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/4.jpg)
• Why do YOU need to be engaged about iOS devices?
• Using iOS devices with IBM Lotus Traveler
• iOS enterprise capabilities
• Over-The-Air-Deployment & MDM
Agenda
let‘s see demos for that
![Page 5: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/5.jpg)
• Why do YOU need to be engaged about iOS devices?
• Using iOS devices with IBM Lotus Traveler
• iOS enterprise capabilities
• Over-The-Air-Deployment & MDM
Agenda
![Page 6: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/6.jpg)
Why do YOU need to be engaged?
![Page 7: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/7.jpg)
Why do YOU need to be engaged?
![Page 8: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/8.jpg)
Why do YOU need to be engaged?
![Page 9: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/9.jpg)
Why do YOU need to be engaged?
![Page 10: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/10.jpg)
Why do YOU need to be engaged?
![Page 11: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/11.jpg)
Why do YOU need to be engaged?
![Page 12: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/12.jpg)
Why do YOU need to be engaged?
![Page 13: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/13.jpg)
Why do YOU need to be engaged?
![Page 14: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/14.jpg)
Why do YOU need to be engaged?
![Page 15: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/15.jpg)
Why do YOU need to be engaged?
![Page 16: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/16.jpg)
Why do YOU need to be engaged?
![Page 17: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/17.jpg)
Why do YOU need to be engaged?
![Page 18: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/18.jpg)
Why do YOU need to be engaged?
You‘ve got iOS devices and your users want mail (and more)!
Be the king!
![Page 19: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/19.jpg)
Why do YOU need to be engaged?
Mobile devices mean: configure the device manually. Everything: VPN, Mail, WiFi and so on. And what about security? And about „BYOD“?
![Page 20: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/20.jpg)
Why do YOU need to be engaged?
Step 1: Define standards Step 2: Configure policies Step 3: Device Enrollment Step 4: Manage devices
![Page 21: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/21.jpg)
Why do YOU need to be engaged?
Step 1: Define standards Step 2: Configure policies Configuration profiles Step 3: Device Enrollment OTA Enrollment Step 4: Manage devices Mobile Device Management
![Page 22: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/22.jpg)
• Why do YOU need to be engaged about iOS devices?
• Using iOS devices with IBM Lotus Traveler
• iOS enterprise capabilities
• Over-The-Air-Deployment & MDM
Agenda
![Page 23: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/23.jpg)
Using iOS devices with Lotus Traveler
![Page 24: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/24.jpg)
• Till now you need to activate ANY iOS device via iTunes (activate mode)
• see the “iPhone Enterprise Deployment Guide”, Chapter 4
• BUT
• there are serious rumors, that Apple will implement OTA-Activation with iOS 5 !!!
Using iOS devices with Lotus Traveler
![Page 25: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/25.jpg)
• IBM is leveraging the ActiveSync protocol for syncing mail, calendar and contacts, which is implemented per default on any iOS device.
• “Normally” your users need to use the Traveler server and their http username and password to authenticate – and to install the “configuration profile”.
Using iOS devices with Lotus Traveler
![Page 26: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/26.jpg)
Using iOS devices with Lotus Traveler
![Page 27: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/27.jpg)
Using iOS devices with Lotus Traveler
![Page 28: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/28.jpg)
• IBM Lotus Traveler does NOT solve ALL of you’re administration and security requirements like
• realtime black- and whitelisting on a device basis
• distributed administration (allow local administrators or the 1st level suppurt access to the Traveler server)
Using iOS devices with Lotus Traveler
![Page 29: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/29.jpg)
• Why do YOU need to be engaged about iOS devices?
• Using iOS devices with IBM Lotus Traveler
• iOS enterprise capabilities
• Over-The-Air-Deployment & MDM
Agenda
![Page 30: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/30.jpg)
iOS enterprise capabilities
![Page 31: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/31.jpg)
• Traveler does NOT serve YOUR requirements for a real enterprise deployment.
• IMHO it’s not the job of IBM to deliver it.
• The good news: Apple is (the only!) hardware provider which has currently real good configuration capabilities for their devices.
• The bad news: They don’t have an enterprise-ready software for that.
iOS enterprise capabilities
![Page 32: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/32.jpg)
• For small environments you may use the “iPCU” – the iPhone Configuration Utility (despite the name it’s although for any iOS device).
• You can create profiles with it.
• But you don’t get a real OTA deployment.
iOS enterprise capabilities
![Page 33: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/33.jpg)
• A “profile” is a XML file, which follows the plist DTD. They file extension is “.mobileconfig”.
• Those settings can be
• Mail settings: Exchange Traveler, IMAP, POP3
• Certificates
• VPN
• WiFi
• Passcode
• Restrictions
• …
iOS enterprise capabilities
![Page 34: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/34.jpg)
iOS enterprise capabilities
![Page 35: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/35.jpg)
• You can deploy those iPCU profiles via
• USB
• HTTP download
• For a secure deployment they should be encrypted and signed!
iOS enterprise capabilities
![Page 36: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/36.jpg)
iOS enterprise capabilities
![Page 37: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/37.jpg)
iOS enterprise capabilities
![Page 38: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/38.jpg)
iOS enterprise capabilities
![Page 39: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/39.jpg)
iOS enterprise capabilities
![Page 40: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/40.jpg)
iOS enterprise capabilities
![Page 41: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/41.jpg)
iOS enterprise capabilities
![Page 42: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/42.jpg)
iOS enterprise capabilities
![Page 43: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/43.jpg)
iOS enterprise capabilities
![Page 44: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/44.jpg)
iOS enterprise capabilities
![Page 45: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/45.jpg)
iOS enterprise capabilities
![Page 46: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/46.jpg)
iOS enterprise capabilities
![Page 47: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/47.jpg)
iOS enterprise capabilities
![Page 48: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/48.jpg)
iOS enterprise capabilities
![Page 49: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/49.jpg)
iOS enterprise capabilities
![Page 50: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/50.jpg)
iOS enterprise capabilities
![Page 51: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/51.jpg)
iOS enterprise capabilities
![Page 52: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/52.jpg)
iOS enterprise capabilities
![Page 53: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/53.jpg)
iOS enterprise capabilities
![Page 54: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/54.jpg)
• Why do YOU need to be engaged about iOS devices?
• Using iOS devices with IBM Lotus Traveler
• iOS enterprise capabilities
• Over-The-Air-Deployment & MDM
Agenda
![Page 55: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/55.jpg)
Over-The-Air deployment & MDM
![Page 56: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/56.jpg)
Over-The-Air deployment & MDM
D E M O
![Page 57: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/57.jpg)
7. Confirm installation
6. Profile installation 6. Profile installation
5. Individual encrypted profile
5. Individual encrypted profile
3. Identify device 3. Identify device
2. Login 2. Login
1. Open URL 1. Open URL
Profile Service
4. Enroll Identity (SCEP)
Certificate Authority
4. Enroll Identity (SCEP)
Over-The-Air deployment & MDM
![Page 58: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/58.jpg)
• Mobile Device Management allows you
• transparent OTA management of your iOS devices (through HTTPS)
• Remote commands
• Install/remove profiles seamless
• Lock / erase device
• reset passcode
• Queries
• Network information
• Device information
• App information
Over-The-Air deployment & MDM
![Page 59: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/59.jpg)
4. Bind to MDM server
4. Bind to MDM server
3. Install MDM Profile
3. Install MDM Profile
2. Create MDM Profile 2. Create MDM Profile
1. OTA Enrollment 1. OTA Enrollment
Notification Service
MDM Server
Initial setup
Over-The-Air deployment & MDM
![Page 60: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/60.jpg)
Over-The-Air deployment & MDM
D E M O
![Page 61: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/61.jpg)
4. Queries + commands via Profile-Payload
Notification Service
4. Queries + commands via Profile-Payload
3. Connect to MDM
3. Connect to MDM
2. Device notification
2. Device notification
1. Send MDM Push 1. Send MDM Push
MDM Server
Active Management
Over-The-Air deployment & MDM
![Page 62: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/62.jpg)
• iOS devices are enterprise ready.
• YOU need device management to have a valuable and secure iOS experience.
• Get the most out of you business with iOS devices, OTA and custom applications. It’s really worth!
Conclusion
![Page 63: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/63.jpg)
Conclusion
![Page 64: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/64.jpg)
Thank you!
If I’m not overdue: let’s switch to Q&A!
![Page 65: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/65.jpg)
• René Winkelmeyer • Skype/Twitter/LinkedIn/Facebook: muenzpraeger • http://blog.winkelmeyer.com • http://www.xing.de/Rene_Winkelmeyer • [email protected] / [email protected]
• midpoints | purify it • http://www.midpoints.de • [email protected]
Contact
![Page 66: UKLUG 2011 - iOS devices in the enterprise](https://reader033.vdocuments.us/reader033/viewer/2022052600/5584b4acd8b42a9c768b4956/html5/thumbnails/66.jpg)
• iTunes deployment • http://images.apple.com/iphone/business/docs/iPhone_iTunes.pdf
• Device Deployment • http://images.apple.com/iphone/business/docs/iPhone_Business.pdf
• Security • http://images.apple.com/iphone/business/docs/iPhone_Security.pdf
• Mobile Device Management • http://images.apple.com/iphone/business/docs/iPhone_MDM.pdf
• Certificates • http://images.apple.com/ipad/business/docs/iPad_Certificates.pdf
Resources