Presentation is loading. Please wait.

Presentation is loading. Please wait.

November, 2013 XenMobile 8.6 MDM Edition Mobile Device Management Adolfo Montoya, Karen Sciberras, George Ang and Andrew Sandford Lead Support Readiness.

Published byCharlotte O’Neal’ Modified over 9 years ago

Similar presentations

Presentation on theme: "November, 2013 XenMobile 8.6 MDM Edition Mobile Device Management Adolfo Montoya, Karen Sciberras, George Ang and Andrew Sandford Lead Support Readiness."— Presentation transcript:

1 November, 2013 XenMobile 8.6 MDM Edition Mobile Device Management Adolfo Montoya, Karen Sciberras, George Ang and Andrew Sandford Lead Support Readiness Specialist

2 © 2013 Citrix | Confidential – Do Not Distribute Document Management CategoryTracking Information Company:Citrix Systems, Inc. Author(s):Adolfo Montoya Owner(s):Worldwide Support Readiness Last modified:11/22/2013 Version:1.0 Length:4 hours

3 © 2013 Citrix | Confidential – Do Not Distribute Ground Rules Introduce yourself Expect FULL participation! We will use Polls on GoToTraining Please raise your hand for questions or comments on GoToTraining Type comments and questions in Chat window I will check your work by making you presenter… be ready! I will call you by name

4 © 2013 Citrix | Confidential – Do Not Distribute Objectives 4 At the end of this course, you will be able to : Module 1: Verify iOS 7 MDM Policies  Configure and test some of the new iOS 7 restrictions policies Module 2: Deploy XenMobile Mail Manager for ActiveSync Filtering  Install XenMobile Mail Manager  Configure and test XenMobile Mail Manager to filter ActiveSync traffic against Exchange Server 2010 Module 3: Integrate XenMobile Device Manager and NetScaler via SSL Offload  Configure SSL Offload on NetScaler to load balance HTTP connections to Device Manager server  Verify that mobile devices (e.g. iOS/Android) can enroll successfully

5 © 2013 Citrix | Confidential – Do Not Distribute Objectives 5 Module 4: Integrate XenMobile Device Manager with Microsoft PKI  Setup Client Certificate authentication on Windows  Configure Client Certificate authentication with XenMobile Device Manager  Configure Exchange Server 2010 for Client Certificate authentication  Verify mobile devices can enroll and test Client Certificate authentication and access their mailbox Module 5: Learn Samsung KNOX and Amazon MDM Policies  Learn and configure new Samsung KNOX and Amazon MDM restriction policies

6 © 2013 Citrix | Confidential – Do Not Distribute Assessment 6 There would be an assessment at the end of the course, covering the following modules: Module 1: Verify iOS 7 MDM Policies Module 2: Deploy XenMobile Mail Manager for ActiveSync Filtering Module 3: Integrate XenMobile Device Manager and NetScaler via SSL Offload Module 4: Integrate XenMobile Device Manager with Microsoft PKI Module 5: Learn Samsung KNOX and Amazon MDM Policies

7 Module 1: Verify iOS 7 MDM Policies

8 © 2013 Citrix | Confidential – Do Not Distribute iOS7 Highlights FeatureDescription Per App VPNManaged apps can initiate a per App VPN tunnel. OpenIn Document ControlRestrict opening of documents in managed apps and accounts. Enterprise SSOSingle Sign On experience for enterprise resources that requires Kerberos authentication. Silent Install/UnInstallOnly applicable to supervised iOS devices. New Volume Purchase Program (VPP) service Workflow based VPP Registration Revoke and Re-Issue VPP licenses Auto Configure AppsPush and auto configure iOS7 apps. Restrictions Prevent device unlock via biometric scanning Prevent document transfer via AirDrop Prevent password syncing via iCloud … (many others) Prevent App UnInstallOnly applicable to supervised iOS devices.

9 © 2013 Citrix | Confidential – Do Not Distribute iOS7 Policies in XenMobile 8.6

10 © 2013 Citrix | Confidential – Do Not Distribute Per App VPN

11 © 2013 Citrix | Confidential – Do Not Distribute OpenIn Doc. Control

12 Module 2: Deploy XenMobile Mail Manager for ActiveSync Filtering

13 © 2013 Citrix | Confidential – Do Not Distribute Introduction The XenMobile Mail Manager (XMM) allows you to utilize XDM to gain Dynamic Access Control for Exchange Active Sync (EAS) devices. Here are some of the features: To access EAS device partnership information provided by exchange. To perform an EAS Wipe on a mobile device. To access information about Blackberry devices, and To perform control operations such as Wipe, and Password Reset.

14 © 2013 Citrix | Confidential – Do Not Distribute XMM Components The XenMbile Mail Manager (XMM) consist of three main components: Exchange ActiveSync (EAS) Access Control Management: Communicates with Device Manager to retrieve EAS policies from Device Manager, and then merges this policy with any locally defined policy to determine which EAS devices that should be allowed or denied access to Exchange. Local policies allows extending the policy rules to allow access control by AD Group, User, Device Type, or Device User Agent Remote Powershell Management: Responsible for scheduling and invoking remote PowerShell commands to enact the policy compiled by EAS Access Control Management. Mobile Service Provider: Provides a web service interface so that Device Manager can query EAS and/or Blackberry devices, and issue control operations such as Wipe against them.

15 © 2013 Citrix | Confidential – Do Not Distribute XMM Components

16 © 2013 Citrix | Confidential – Do Not Distribute System and Software Requirements ComponentRequirement Server Software MS SQL or MS SQL Express 2008/2012 Microsoft.NET Framwork 4.5 Exchange Server 2010 SP2 or higher, OR Exchange 2013 MS Office 365 Blackberry Enterprise Service v5 (optional) Server Machine Requirements Windows Management Framework must be installed PowerShell V2 supported The PowerShell execution policy must be set to RemoteSigned by running “Set-ExecutionPolicy RemoteSigned” from the PowerShell command prompt. Memory1 GB HDDNTFS-formatted with 150 MB disk space

17 © 2013 Citrix | Confidential – Do Not Distribute Permissions If you are using the XMM with an onsite Exchange Server, you will need to ensure the minimum permissions specified in the Exchange Configuration Management Console must be allowed to execute the following Exchange- specific PowerShell commands: Get-CASMailbox Set-CASMailbox Get-Mailbox Get-ActiveSyncDevice Get-ActiveSyncDeviceStatistics Clear-ActiveSyncDevice

18 © 2013 Citrix | Confidential – Do Not Distribute Before Installation… Ensure that the following conditions are met:.NET Framework 4.5 SQL Server (one of the following):  MS SQL 2008  MS SQL 2008 Express  MS SQL 2012  MS SQL 2012 Express  MS SQL 2012 Express\LocalDB XMM “one LDAP Per Domain” Caveat  XMM supports only one LDAP configuration per-installation. If you want to manage the traffic of more than one LDAP configuration (such as the root domain, sub-domain), you will need to install XMM for each domain.

19 © 2013 Citrix | Confidential – Do Not Distribute Installation

20 © 2013 Citrix | Confidential – Do Not Distribute Installation

21 © 2013 Citrix | Confidential – Do Not Distribute Installation

22 © 2013 Citrix | Confidential – Do Not Distribute Installation

23 © 2013 Citrix | Confidential – Do Not Distribute Configuring XMM You can use the XMM Configuration utility to extend the capabilities of XDM to perform the following configuration: Create access control rules that can either allow of block Exchange ActiveSync (EAS) devices from accessing Exchange services. Build dynamic and statics rules that enforce corporate email policies, allowing you to block those users in violation. Perform an EAS wipe out of compliance devices

24 © 2013 Citrix | Confidential – Do Not Distribute To configure the Exchange Server

25 © 2013 Citrix | Confidential – Do Not Distribute To configure the Exchange Server

26 © 2013 Citrix | Confidential – Do Not Distribute To configure the Database Properties

27 © 2013 Citrix | Confidential – Do Not Distribute To configure the Database Properties

28 © 2013 Citrix | Confidential – Do Not Distribute To configure the Mobile Service Provider (MSP)

29 © 2013 Citrix | Confidential – Do Not Distribute To configure the Mobile Service Provider (MSP) hostname in Device Manager

30 © 2013 Citrix | Confidential – Do Not Distribute XMM and Exchange ‘Quarantine’ Mode XMM when configured in conjunction with MS Exchange ‘Quarantine’ mode, will allow the Exchange Admin to quarantine a user’s device until that device can be determined to be compliant In Exchange quarantine mode, a user’s email inbox is blocked, but the user can still see their calendar, appointments, and contacts.

31 © 2013 Citrix | Confidential – Do Not Distribute Understanding XMM Access Rules XenMobile Mail Manager allows you to configure three types of rules: Default Local XDM (rules from Device Manager)

32 © 2013 Citrix | Confidential – Do Not Distribute XMM Access Rules – Default Rules Default access control rules serve as a “catch-all” rule that can be set to allow or deny a device that does not meet the criteria of either the XDM rules or local rules. The Default Rule’s desired state may be set to Allow, Block, or Unchanged. If “Unchanged” is selected, the effect will be that XMM will not modify the state of any devices that are not matched explicitly by a Local or XDM rule.

33 © 2013 Citrix | Confidential – Do Not Distribute To configure Default access rules

34 © 2013 Citrix | Confidential – Do Not Distribute XMM Access Rules – Local Rules Local rules are defined within XenMobile Mail Manager. Local rules can be configured to allow or block based on any of the following properties: ActiveSync Device Id – Uniquely identifies a specific device. Device Type – A set of devices, such as “iPad”, “WP8”, or “Touchdown”. User Agent – A set of devices identified by platform version, such as “iOS/6.1.2”. User – A specific user.

35 © 2013 Citrix | Confidential – Do Not Distribute To configure Local rules

36 © 2013 Citrix | Confidential – Do Not Distribute XMM Access Rules – XDM rules XDM rules are defined within XenMobile Device Manager. These rules are delivered to XenMobile Mail Manager and continuously updated. XDM rules can identify devices by properties known to XDM, such as: Enrolled in Device Manager Jailbroken (iOS) or rooted (Android) devices Forbidden Apps are installed (blacklisted apps) Non-suggested apps are installed Unmanaged Out Of Compliance Non-Compliant Password Revoked status Inactive Device Anonymous status

37 © 2013 Citrix | Confidential – Do Not Distribute To configure XDM rules

38 Module 3: Integrate XenMobile Device Manager and NetScaler via SSL Offload

39 © 2013 Citrix | Confidential – Do Not Distribute Pre Nike Deployment – SSL Bridge SSL3 00100011 0 XM DM 443 8443 SSL3 00100011 0 443 8443 DMZ

40 © 2013 Citrix | Confidential – Do Not Distribute Nike Deployment – SSL Offload SSL3 00100011 0 XM DM 443 8443 80 DMZ

41 © 2013 Citrix | Confidential – Do Not Distribute Why change the deployment? Obvious Advantages:  NetScaler becomes de-facto authentication point for all XenMobile traffic  SSL Offload, reduces load on XDM, and hence better Scalability

42 © 2013 Citrix | Confidential – Do Not Distribute NetScaler SSL Offload setup XDM 443 8443 80 DMZ SSL Offload vServer 1 SSL Offload vServer 2 443 HTTP HTTPS Insert Client Certificate in the HTTP Header Client Cert Auth enabled No Client Auth

43 © 2013 Citrix | Confidential – Do Not Distribute What’s needed? Two virtual servers  443  8443

44 © 2013 Citrix | Confidential – Do Not Distribute What’s needed? Bind one or more XDM services on HTTP (80)

45 © 2013 Citrix | Confidential – Do Not Distribute What’s needed? Steps required for SSL Offload (HTTPS – 443) virtual server  Bind both – Devices and Root CA certificates on virtual server  This is important for iOS enrollment to work!

46 © 2013 Citrix | Confidential – Do Not Distribute What’s needed? Steps required for SSL Offload (HTTPS – 443) virtual server  Create an SSL Policy that only gets executed when a Client Cert is detected

47 © 2013 Citrix | Confidential – Do Not Distribute What’s needed? Steps required for SSL Offload (HTTPS – 443) virtual server  Configure NetScaler to insert NSClientCert header  This is important for iOS enrollment to work!

48 © 2013 Citrix | Confidential – Do Not Distribute SSL Offload option in NS GUI

49 © 2013 Citrix | Confidential – Do Not Distribute SSL Offload configuration LB vServer 1  Type – SSLSSL  Incoming port 443  Configure and Bind Service – HTTP to XDM Server on 80 Configure Bind  Install and Bind a Cert-Key pair (for SSL) Install Bind  Configure Client Certificate Authentication – details on next slide  Enable passing of Client Certificate to XDM, in HTTP Headers – details in further slide LB vServer 2  Type – SSLSSL  Incoming port 8443  Configure and Bind Service – HTTP to XDM Server on 80 ConfigureBind  Install and Bind a Cert-Key pair (for SSL) Install Bind

50 © 2013 Citrix | Confidential – Do Not Distribute Client Certificate Authentication on vServer 1 On LB vServer 1, enable Client Certificate Authenticationenable Mark this certificate check as Optional CA could be XDM / external PKI vServer Next step is, to install and bind the CA certificate(s) on NetScalerinstall and bind  required for validation of Client Certificates  For XDM as CA: CA has multiple CA Certificates, of which we require the following: -Intermediate CA for Devices -Root CA of XDM Certificates available at: -C:\Program Files (x86)\Citrix\XenMobile Device Manager\tomcat\conf -cacerts.pem – Contains both certificates -Root CA Certificate representing XDM -Intermediate CA for Device Certificate issuing CA -These certificates will have to be converted from PKCS 12 format to PEM / DERconverted -These certificates need to be linked on NetScalerlinked

51 © 2013 Citrix | Confidential – Do Not Distribute Insert Client Certificate in HTTP Header Create an SSL Policy  Rule Expression - CLIENT.SSL.CLIENT_CERT.EXISTS Create an SSL Action  Client Certificate – ENABLED  Certificate Tag – NSClientCert Bind SSL Action to SSL Policy Bind SSL Policy to vServer 1 More details available herehere

52 © 2013 Citrix | Confidential – Do Not Distribute NetScaler CLI Config Vserver 1 > add server XDM1 192.168.10.30 > add service HTTP_XDM1 192.168.10.30 HTTP 80 > add lb Vserver LB_VS_1 SSL 192.168.10.101 443 > bind lb Vserver LB_VS_1 HTTP_XDM1

53 © 2013 Citrix | Confidential – Do Not Distribute NetScaler CLI Config SSL Certificates > add ssl certKey Devices-CA –cert Devices-CA.cer > add ssl certKey Root-CA –cert Root-CA.cer > bind ssl Vserver LB_VS_1 –certKeyName wildcard- TrainingLab > bind ssl Vserver LB_VS_1 –certKeyName Devices-CA -CA > bind ssl Vserver LB_VS_1 –certKeyName Root-CA -CA > link ssl certKey Devices-CA Root-CA

54 © 2013 Citrix | Confidential – Do Not Distribute NetScaler CLI Config SSL Configuration > set ssl Vserver LB_VS_1 –clientAuth ENABLED –clientCert Optional > add ssl action SSL-Action –clientCert ENABLED – certHeader NSClientCert > add ssl policy SSL-Policy –rule CLIENT.SSL.CLIENT_CERT.EXISTS –action SSL-Action > bind ssl Vserver LB_VS_1 –policyName SSL-Policy – priority 100

55 © 2013 Citrix | Confidential – Do Not Distribute NetScaler CLI Config Vserver 2 > add lb Vserver LB_VS_2 SSL 192.168.10.101 8443 > bind ssl Vserver LB_VS_2 HTTP_XDM1 > bind ssl Vserver LB_VS_2 –certKeyName wildcard- TrainingLab

56 © 2013 Citrix | Confidential – Do Not Distribute Copy the a_patch_860_9998.jar file to \XenMobile Device Manager \tomcat\webapps\[instance_name]\WEB-INF\lib (on all cluster nodes, in a clustered ZDM config) Restart XDM service Browse to http://XDMURL/instance/help-patches.jsp and confirm the patch shows up under the 'in use' column of the resulting pagehttp://XDMURL/instance/help-patches.jsp NetScaler SSL Offload patch for XDM

57 Module 4: Integrate XenMobile Device Manager with Microsoft PKI

58 © 2013 Citrix | Confidential – Do Not Distribute PKI Definitions PKI provides an infrastructure to: Identify – device identity certificates, APNs Encrypt – SSL encryption, APNs Digitally Sign – profile signatures Certificate Authority – creates and publishes digital certificates to an entity (device, user, organization) Registration Authority -- brokers and verifies the request for a certificate from a user or device and communicates with and validates the certificate authority PKI is the basis for connectivity and authentication for MDM

59 © 2013 Citrix | Confidential – Do Not Distribute XDM PKI Standalone

60 © 2013 Citrix | Confidential – Do Not Distribute XDM PKI Standalone

61 © 2013 Citrix | Confidential – Do Not Distribute XDM CAs and Device ID Certificate

62 © 2013 Citrix | Confidential – Do Not Distribute XDM and Microsoft Certificate Services XDM leverages Microsoft Cert Services Web Enrollment It does not use SCEP The Windows server must be Enterprise version as standard does not work

63 © 2013 Citrix | Confidential – Do Not Distribute Create a Certificate Service Account XDM will use certificate to authenticate connection to MS Certificate Authority The Certificate used will be tied to a user which in this case will be the service account This protects the XDM connection from account deletion/disabling  if the user account were to be disabled,  deleted in Active Directory if the Admin leaves the company, etc This account needs no special rights. A standard AD user is sufficient.

64 © 2013 Citrix | Confidential – Do Not Distribute Install Microsoft Certification Services Sign in as service account that will be running the CA Ensure service account is a local administrator CA Type – Enterprise Configure IIS for CA installation  Ensure both Client Cert Mapping and IIS client Cert Mapping are checked

65 © 2013 Citrix | Confidential – Do Not Distribute CA Configuration for Client Certificate Create certificate for IIS https binding IIS Authentication mode  Enable Cert Based Authentication /CertSrv home  Configure SSL setting to accept Certificates Create a certificate for Service Account user  Create User Template  Security tab – grant Service Account user full control  Request SSL certificate for Service Account user Install requested certificate Export certificate and private key

66 © 2013 Citrix | Confidential – Do Not Distribute Disable Windows Auth to Test CA Connection Uncheck Enable Integrated Windows Authentication.

67 © 2013 Citrix | Confidential – Do Not Distribute Disable Windows Auth to Test CA Connection Uncheck Enable Integrated Windows Authentication. Close and relaunch your browser This tests the certificate that was created to authenticate with CA Test on the certificate server with service account Should be prompted to select certificate

68 © 2013 Citrix | Confidential – Do Not Distribute Disable Windows Auth to Test CA Connection Uncheck Enable Integrated Windows Authentication. Close and relaunch your browser This tests the certificate that was created to authenticate with CA Test on the certificate server with service account Should be prompted to select certificate Do not proceed with configuration until this part works

69 © 2013 Citrix | Confidential – Do Not Distribute Setup XDM CA Options Import Users Certificate for Service Account

70 © 2013 Citrix | Confidential – Do Not Distribute Setup XDM CA Options Service root URL – trailing “/” at the end is needed

71 © 2013 Citrix | Confidential – Do Not Distribute Configure Available Templates Click New Template Enter the name of the template created for this Note: The Template name is case sensitive

72 © 2013 Citrix | Confidential – Do Not Distribute Configure Available Templates If the wrong template is specified, the following errors are seen:  In the zdm.log file 2013-11-13 05:37:03,736 [http-nio-443-exec-7] DEBUG com.sparus.nps.pki.connector.CertSrvResponseParser [UID=28,usr=certsvc@training.lab,dev=9] - Parsed CrtSrv response, found: error=true ReqId=null Message=Your request was denied. The disposition message is: "Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Active Directory Certificate Services policy: XDM User Template.“

73 © 2013 Citrix | Confidential – Do Not Distribute Configure Available Templates If the wrong template is specified, the following errors are seen:  In the zdm.log file  In the event viewer of server running Certificate Authority

74 © 2013 Citrix | Confidential – Do Not Distribute Configure Available Templates Select the Server cert you recently uploaded. In this case, administrator-user-cert.pfx

75 © 2013 Citrix | Confidential – Do Not Distribute Define a Credential Provider Name Provider Issuing Entity created in previous set Select SIGN and select your template you entered earlier.

76 © 2013 Citrix | Confidential – Do Not Distribute Define a Credential Provider Define key size: Must be 2048 Subject Name: $user.username Fill in username and UPN. UPN is used by Exchange to determine rights to a user mailbox for example.

77 © 2013 Citrix | Confidential – Do Not Distribute Determine Distribution Method

78 © 2013 Citrix | Confidential – Do Not Distribute Create iOS/Andriod Credential Create an iOS/Andriod Credential Select credential provider and MS CA provider you created.

79 © 2013 Citrix | Confidential – Do Not Distribute Caveats When creating a certificate template, Windows 2003 must be selected as the certificate template type.  This is needed as Windows 2008 templates are not exposed via web enrollment due to changes in the MS CA.  There is potentially a workaround by pointing to another enrollment.dll on the MS side, but that hasn't been explored.

80 © 2013 Citrix | Confidential – Do Not Distribute Set CAS to Accept Certificates Verify in Exchange Management Console. Basic authentication box should be checked if you want to allow both cert and windows based authentication.

81 © 2013 Citrix | Confidential – Do Not Distribute Verify AD Client Certificates is Enabled Connect to CAS IIS Admin console and enable Client Cert Authenticaiton

82 © 2013 Citrix | Confidential – Do Not Distribute ActiveSync configured to accept Client Cert

83 © 2013 Citrix | Confidential – Do Not Distribute Ensure Windows Authentication is Enabled

84 © 2013 Citrix | Confidential – Do Not Distribute Access Configuration Editor

85 © 2013 Citrix | Confidential – Do Not Distribute Access Configuration Editor Select system.webServer->Security->authentication->ClientCertificateMappingAuthentication

86 © 2013 Citrix | Confidential – Do Not Distribute Enable CertificateMappingAuthentication

87 © 2013 Citrix | Confidential – Do Not Distribute Configure iOS ActiveSync Profile

88 © 2013 Citrix | Confidential – Do Not Distribute Configure iOS Deployment Package

89 Module 5: Learn Samsung KNOX and Amazon MDM Policies

90 © 2013 Citrix | Confidential – Do Not Distribute What is Samsung KNOXKNOX Dual persona approach for device, app, and data security Samsung markets it as the most comprehensive mobile solution for work and play KNOX compatible devices include: Samsung S4 Samsung Note3 Samsung Note 10.1 (2014 Edition)

91 © 2013 Citrix | Confidential – Do Not Distribute XenMobile 8.6 KNOX Policies Use Case/PolicyDescription Exchange ActiveSync for KNOXProvision EAS profile to the container Browser RestrictionsDisable popup, cookies, auto-fill and Javascript Silent App. UnInstallUninstalls apps that are provisioned to the container Container PasscodeProtect apps in container using a PIN code App. BlacklistingB/L apps and prevent users from launching these apps Enterprise VPNIPSec VPN policy for apps provisioned to the container Lock ContainerAdmin can lock container in case the device is lost or stolen Unlock and Reset PasscodeAdmin can unlock container and reset container passcode Container WipeAdmin can selectively wipe KNOX container from device

92 © 2013 Citrix | Confidential – Do Not Distribute KNOX Icon on Device Home Screen KNOX is an app on deviceLogin to containerAccess corporate apps

93 © 2013 Citrix | Confidential – Do Not Distribute Amazon/XenMobile Integration FeatureDescription Silent Install/UninstallInstall and Uninstall Apps w/o user intervention Prevent App UninstallPrevent user from uninstalling apps Device RestrictionsPrevent use of Location Services Factory Reset Bluetooth Turn Off Wi-Fi App. install from Non Amazon app. store

94 © 2013 Citrix | Confidential – Do Not Distribute Prevent ShareFile Uninstall

95 © 2013 Citrix | Confidential – Do Not Distribute Device Restrictions

96 © 2013 Citrix | Confidential – Do Not Distribute Review 96 Module 1: Verify iOS 7 MDM Policies  Configure and test some of the new iOS 7 restrictions policies Module 2: Deploy XenMobile Mail Manager for ActiveSync Filtering  Install XenMobile Mail Manager  Configure and test XenMobile Mail Manager to filter ActiveSync traffic against Exchange Server 2010 Module 3: Integrate XenMobile Device Manager and NetScaler via SSL Offload  Configure SSL Offload on NetScaler to load balance HTTP connections to Device Manager server  Verify that mobile devices (e.g. iOS/Android) can enroll successfully

97 © 2013 Citrix | Confidential – Do Not Distribute Review 97 Module 4: Integrate XenMobile Device Manager with Microsoft PKI  Setup Client Certificate authentication on Windows  Configure Client Certificate authentication with XenMobile Device Manager  Configure Exchange Server 2010 for Client Certificate authentication  Verify mobile devices can enroll and test Client Certificate authentication and access their mailbox Module 5: Learn Samsung KNOX and Amazon MDM Policies  Learn and configure new Samsung KNOX and Amazon MDM restriction policies

98 Work better. Live better.

Download ppt "November, 2013 XenMobile 8.6 MDM Edition Mobile Device Management Adolfo Montoya, Karen Sciberras, George Ang and Andrew Sandford Lead Support Readiness."

Similar presentations

Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.

Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.
Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.

Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Chapter 9 Deploying IIS and Active Directory Certificate Services

Chapter 9 Deploying IIS and Active Directory Certificate Services
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.

IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Senior Technical Writer

Senior Technical Writer
Configuring Active Directory Certificate Services Lesson 13.

Configuring Active Directory Certificate Services Lesson 13.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Managing Client Access

Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN

Similar presentations

Ads by Google