Head-to-head: AirWatch vs. Maas360
Hello
I was looking for some real world feedback, that could help with a decision.
Price between the two are close. Airwatch does offer multi language interface and the option to route 443 to their environment and the back. No software installed in my environment.
I don't think maas360 has that option but I heard their up port is better
Thank you
APNS Certificates Without a Developer Membership?
Hi All,
To play with Mobile Device Management, you need an Apple Push Notification Service certificate. And to get one of those, you've always needed a paid membership in the iOS Developer Program. Until now, it seems.
Check this out: https://identity.apple.com/pushcert/
If this is true, it would be great news!
(It seems you can also manage the APNS certs that you got when using Apple Profile Manager).
Cheers,
Oliver
Apple's iOS 5 Changes to .mobileconfig Enhance Security and Add Features (updated)
(Update: AirWatch sent a useful summary of the changes. I've added them below.)
With the release of iOS 5, Apple has added some new features to its .mobileconfig specification. This is the fundamental specification for how Mobile Device Management services interface with the iPhone and iPad. This is the reason why so many MDM providers offer similar features. MDM providers are limited to providing new features until Apple updates this spec. So when Apple adds keys here, expect MDM providers to follow -- and the best to follow quickly.
The most significant changes are with email payloads. A set of new keys allow for enhanced security.
PreventMove, if set to true, forces this email account into a fence. That is, messages received by this account cannot be moved into another account. This also prevents forwarding or replying from a different account than the original account.
PreventAppSheet, if set to true, prevents this account from being used in third-party applications.
SMIMEEnabled, and its companions SMIMESigningCertificateUUID and SMIMEEncryptionCertificateUUID, allow for signed and encrypted mail. SCEP-based credentials managed by the MDM system may be used here.
iCloud
There are a number of new keys for allows control over iCloud.
allowCloudBackup permits or disables iCloud device backup.
allowCloudDocumentSync will disable document syncing, while allowCloudKeyValueSync will disable key-value syncing, for apps that use that iCloud technology (not every app is document-based). Finally, allowPhotoStream can be used to disable iCloud storage of device photos.
Restrictions
forceITunesStorePasswordEntry prevents iTunes from saving your backup password. So you'll need to add it every time.
allowUntrustedTLSPrompt enhances SSL security by rejecting invalid certificates. The default behavior is to prompt the user, who may not think before tapping.
Here's a biggie: You can now disable voice and/or data roaming.
Wi-Fi
Wi-Fi payloads gain an AutoJoin keyword. It also more specifically describes known Wi-Fi networks by allowing specification of the EncryptionType and ProxyType.
Query
Battery Life can now be queried.
Carrots and Sticks
"Carrots and Sticks" is a methodology of balancing the "stick" of security-enhancing restrictions with the "carrot" of user access to otherwise restricted data.
By design, users may opt-out of Mobile Device Management at any time. Settings > General > Profiles > Global MDM Profile > Remove. Individual configuration profiles may be password protected, but the root MDM certificate is always removable without anything more than the device passcode. And once that is removed, all child profiles are also removed. There is no programmatic way to prevent this.
One solution is to make MDM more attractive for the users. These are the "carrots." Here are some ways to do that.
- Deploy managed apps (new to iOS 5) using MDM. Managed apps are sent over the air as art of the MDM package. If MDM is removed, these apps can be set to disappear as well.
- Develop in-house apps using Apple's iOS Developer Program, and distribute the deployment certificate only by MDM.
- Use a Public Key Infrastructure to grant access to VPN, Exchange, Wi-Fi, etc. Deploy user credentials through MDM only.
- Slightly different than using PKI to grant access to corporate resources, more MDMs are offering DMZ based components to their solution which are in-line proxies prior to their Exchange, Domino, Office365, Google Apps services. These proxies/filters check with the MDM to ensure compliancy prior to allowing the device through. By using this, users are blocked & required to enroll in MDM to get to the corporate email resources.
Got more carrots, Doc? Edit this wiki page and add them here.
Demonstrating Over-the-Air App Deployment in iOS 5
Perhaps the biggest enterprise feature yet uncovered in iOS 5 is Over-the-Air app deployment. It's not quite "push"; but I'll call it "push-like".
Here's how it working, using JAMF's Casper Suite. JAMF updated their software today to support the latest iOS 5 technologies.
First, log into the MDM console.
Under Management, click "Mobile Device App Catalog".
Click "Add App".
iPhone Configuration Utility Updated to 3.4
Briefly: Apple's updated their iPhone Configuration Utility to include the .mobileconfig features of iOS 5.
The update is currently available via Software Update. We'll post a download link when available.
- Login or register to post comments
Post to Twitter
iOS 5 is Out
Apple has released iOS 5, the latest version of the operating system for its iPads, iPhones and iPod touches. The release is available for all current and many earlier models. See our table of iOS Devices for the list of upgradable models. The update is available via iTunes, but hopefully this is the last time we'll need a PC for updating.
iOS 5 brings a laundry list of features, including:
- A new Notification Center for text messages, email, and other alerts
- iMessage (think Apple's answer to BBM)
- New MDM features (story to follow)
Over the next few days, we'll be exploring how this update affects Enterprise users. (Yes it does, and in some big ways.)
Please post your experiences in the comments below.
- Login or register to post comments
- Post to Twitter
iPhone 4S Nifty Features for Business Users
Today's Apple product intro is now available online. In case you haven't heard, they announced the iPhone 4S, available on October 14. There are some nifty features in the iPhone 4S for business users. I'll have more tomorrow, but my short list is:
- Siri for a 24-hour personal assistant that won't break up your marriage
- Long battery life
- Quicker download speeds without the 4G downsides
- AirPlay -- fantastic for wireless presentations
- GSM+CDMA go-anywhere world phone
- Quicker dual-core A5 processor for background VPN and innovative apps
What did you think?
- Login or register to post comments
- Post to Twitter
Completely Revised Comparison of Mobile Device Management Providers
We're happy to announce the re-release our popular Comparison of MDM Providers'. While the original comparison was built by an HTML table, the new page sits atop a wiki-enabled database. This allows MDM providers and users to modify and improve the data on each provider.
We've also added several MDM solutions: Apple, MaaS360, and SOTI.
If you're favorite MDM provide is missing from this list, we encourage you to add them yourself using a simple form. We hope you find this change useful.
Your Business Your Apps – Video and Q&A
Thank you to everyone who attended our hugely successful panel discussion "Your Business, Your App," organized by Tekserve, New York's largest independent Apple consultancy and retailer. We had time for only a few questions from the audience. To address this, we've created this forum thread so we can continue the discussion online. Our panelists will try to respond to any question posted here.
In addition, we are pleased to bring you a video of the entire event. We hope you can add your questions and comments below.
About This Site
- Enterprise iOS is a community for administrators of the iPad, iPhone, and related devices. All content is available to browse. We encourage you to create an account to submit stories, edit wiki pages, and post to our forum.
Popular content
- Comparison of MDM Providers (306,315)
- Complete List of iOS User-Agent Strings (79,081)
- Apple Configurator vs. MDM (64,582)
- Mobile Device Management (43,855)
- Absolute Manage (41,370)
- AirWatch (36,484)
- How to get remote viewing/control of the IPAD screen via internet or preferably 3G? (31,672)
- Apple Profile Manager (31,594)
- iOS Device Management Open Source Way (26,168)
- Main Page (22,391)
Comparison of MDM Providers
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Recent Activity
-
Forum topic comment by Alexanderre 29 weeks ago
-
Forum topic comment by chimby 29 weeks ago
-
Forum topic comment by chimby 29 weeks ago
-
Forum topic added by stevepapp 29 weeks ago
-
Forum topic added by aircukjati 29 weeks ago
-
Forum topic added by Alexanderre 29 weeks ago
-
Mobile Management Provider comment by aankumah 30 weeks ago
-
Mobile Management Provider comment by aankumah 30 weeks ago
-
Mobile Management Provider changed by aankumah 30 weeks ago
-
Mobile Management Provider added by VijaySaradhi 30 weeks ago
-
Forum topic comment by Spud 30 weeks ago
-
Wiki Page comment by ee_dub 30 weeks ago
-
Wiki Page comment by ee_dub 30 weeks ago
-
Wiki Page comment by Aaron Freimark 30 weeks ago
-
Story comment by pyperdown 30 weeks ago
-
Forum topic added by ercole77 30 weeks ago
-
Wiki Page comment by Stevo 30 weeks ago
-
Forum topic comment by rima 30 weeks ago
-
Wiki Page added by watchmanmonitoring 31 weeks ago
-
Wiki Page comment by Eric Jensen 31 weeks ago
Who's New
-
Kirsten Rose 14 hours ago
-
Karl Rivers 2 days ago
-
Wheelert72 2 days ago
-
gmacomms 3 days ago
-
Robogumvy 3 days ago
-
HSatheesh 4 days ago
-
sivart6 4 days ago
-
DecoLoko 4 days ago
-
monk 1 week ago
-
vdanciu@bitdefe... 1 week ago
