Mobile Security
Mobile Device Management
Gartner’s Magic Quadrant for
Mobile Device Management Software
This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from AirWatch.
AirWatch is positioned as a
LEADER
based on
an evaluation of completeness of vision and
ability to execute.
Gartner recognizes AirWatch:
▶ “Features a strong dashboard and detailed
reporting capabilities
▶ Multitenant support is designed in for improved
scaling, with selective isolation for large installations
▶ Promotes rich policy management in
non-Microsoft e-mail server environments, such as any Post Office Protocol (POP)/Internet Message
Our Advantages
▶ Strong track record with deployments exceeding 50,000+ devices, growing to 100,000+
▶ Highly scalable architecture that can be deployed on-premise, as an appliance or SaaS and
meets strict requirements for high availability and redundancy
▶ Software built on industry standard .NET, MS SQL and HTML 5 development platforms
▶ Feature-rich solution that incorporates an enterprise app catalog, robust compliance module
and Secure Email Gateway for managing access to email infrastructure
▶ SDK framework that incorporates additional device management capabilities into internal
applications for advanced security, authentication and data loss protection
▶ Integration to enterprise infrastructure such as LDAP / AD, certificate authorities, VPN,
Exchange, help desk systems, etc.
▶ Advanced reporting, alerting and workflow with a complete DataMart for easy export of data
out to third party business intelligence solutions
▶ Easy transition from 30-day trials and proof of concepts (POCs) to production environments
Enterprise Mobility is
“Death by a Thousand Cuts”
Deploy and manage wireless technology as a strategic imperative, driving productivity and efficiency gains across enterprise
Wireless devices and applications are constantly changing and becoming mission critical, but systematic management lacking
Enable compliance to Payment Card Industry, HIPAA and Sarbanes Oxley and FINRA
Security mgmt is reactive and blind—outages and rogue intrusions difficult to detect
Wireless technology that supports reliable and scalable version control and OTA provisioning
Disparate hardware deployed across remote locations do not have the appropriate software versions
Integrated, real-time, enterprise-wide, Web-based console for mobile device and WLAN management
Complexity of managing larger number and variety of network and mobile devices
Best Practice
The Problem
New category of tools for the full lifecycle mgmt of devices— from sourcing through retirement
Enterprises do not have true visibility into their wireless network, mobile assets or support costs
A Single Console with Integrated Device,
WLAN & M2M Management
Secures, monitors, manages and supports all
mobile devices, regardless of manufacturer or mobile platform
Presents an integrated, real-time view of all
mobile devices deployed across the enterprise
Provides full life-cycle management of all
mobile assets
Streamlines device deployments, enrollments
and configurations
Secures individual devices and manages access
Why AirWatch is Different
Architecture
▶ Web-based ▶ Multi-OS ▶ Multi-tenant ▶ Multi-lingual ▶ Highly scalable ▶ Role-based access ▶ SDK libraryServices
▶ Native user interface (iUI)
▶ Enterprise integration
▶ WLAN monitoring
▶ Workflow and intelligent notifications
▶ Business intelligence and robust reporting
▶ Integrated case management
▶ Knowledge management library
Advanced Scalable Architecture
▶ Broadest platform support—Android, Apple,
BlackBerry, Symbian, Windows Mobile and Windows Phone 7—scalable and multi-tenant
▶ Web-based, intuitive user interface built on the
latest HTML 5 standards
▶ Interactive dashboards and views, advanced filters
and searches to automate repetitive tasks
▶ Exception management views and automated
workflows for proactive issue resolution
▶ Role-based access control (RBAC engine)
▶ Enterprise infrastructure integration (Microsoft
Exchange, BPOS, Office 365, Lotus Notes, Gmail for Business, LDAP, SAML, PKI (Certificate
Authority)
▶ Complete DataMart for easy export of data out to
third party business intelligence solutions
▶ SaaS or on-premise (appliance, dedicated
Configuration Management and Policy Enforcement
▶ Fast deployments with a secure and streamlined
device activation process
▶ Password, Email, Calendar, Contacts, VPN, Wi-Fi
configuration and app distribution
▶ Shift-based re-configuration by user (e.g. shared
devices for nurses)
▶ Over-the-air software and OS updates with
push/pull delivery
▶ Device grouping and bulk management for large
deployments
▶ Configuration libraries with profiles, templates and
Golden Images
▶ Automated process for assigning and deploying
configuration profiles
▶ Reduce IT time and effort to configure and
re-configure devices
The Most Secure Mobile Management
▶ Enterprise directory-based authentication
▶ SCEP/Certificate Authority integration
▶ Configurable device password policies
▶ Device data encryption
▶ Compromised device detection
▶ Secure email gateway with device level access
control and policies for securing attachments
▶ Secure mobile web browser
▶ Application lock down
▶ Security audits, events logs and compliance engine
▶ Remote lock, corporate/selective or full wipe
▶ Configurable privacy policies for
employee-liable versus corporate-owned devices
▶ Role-based console access with enterprise
Secure Email Gateway
▶ Allow or block devices using white lists and black
lists or manually based on exceptions
▶ Validate devices based on:
▷ Mobile user’s email username
▷ Mobile user’s email address
▷ Device serial number and OS version
▷ Unique device certificate
▶ Monitor interactions with the email server:
▷ Date and time of sync attempt
▷ ActiveSync command (SYNC, PROVISION, etc.)
▷ Amount of data traffic to and from the device
▷ ActiveSync version
▷ Device type (e.g., iPhone, iPod, iPad) & IP address
▶ View and filter information for exceptions/threats
▶ Intercept sensitive email attachments and store in
a secure document viewer
Corporate Firewall Corporate Firewall
DMZ Corporate Network AirWatch Secure Email Gateway AirWatch MDM Server Mobile Email Front-End Server
Back-End Email Servers Public
SDK/Developer Toolkit
▶ Developer toolkit for iOS enterprise apps
▶ Device check-in and usage monitoring
▶ Device location
▶ App launch frequency ▶ App usage duration ▶ Data usage
▶ Compromised device detection with the ability
to automatically wipe corporate data
▶ Enterprise app single sign-on with certificate or
location-based authentication
▶ Enterprise app passcode and lock capabilities
▶ Data encryption for data stored within an
enterprise app
▶ Remote wipe of corporate data based on # of
Application Catalog and Distribution
▶ Distribute and perform silent updates to
enterprise apps
▶ Limit selection, recommend and ease the
distribution of publicly available apps (Apple AppStore or Android Market)
▶ Monitor app lists (installed/not installed/out of
date), app usage and data usage
▶ Manage app white lists/black lists and
compliance policies
▶ Lock down devices (kiosk mode) to an
IT-approved set of programs or apps
▶ Set up a workflow to automatically manage
policy violations:
▶ Notify user and/or IT
Remote Control
▶ Remote power management and device reboot
▶ Remote control capabilities for BlackBerry and
Windows Mobile devices
▶ Screen resolution options to maximize response
time in low-network bandwidth conditions (i.e., WWAN, satellite, etc.)
▶ Screen capture and video recording
▶ Central storage of electronic documents for issue
tracking and trending analysis
Location Tracking and Management
▶ GPS and Wi-Fi location tracking
▶ Breadcrumb mapping showing speed,
location and direction
▶ Geo-fencing for location-based provisioning
and access control for corporate apps and resources
▶ Enterprise app location-based authentication
▶ Location history search using configurable
date and time ranges
▶ Historical breadcrumb analysis for route
Business Intelligence, Workflow and Reporting
▶ Automated workflow for exception management
▶ Isolate or wipe “at-risk” devices
▶ Remote help desk and troubleshooting
capabilities with an integrated case management system
▶ Self-service portals to locate devices, reset
passcodes and remotely lock or wipe lost devices
▶ Alerts via console, Email or SMS triggered by
specific device or user actions
▶ Reporting portal with over 100+ customizable
reports and automatic report distribution
▶ Multiple export formats: PDF, EXL, EML or CSV
▶ Central knowledge management
Integrated WLAN Management and Views
▶ Enhanced security by monitoring the device from
the network side and vice versa
▶ WPA key/SSID rotation and synchronization
between infrastructure and devices
▶ Easy to view parent and child relationships with a
history of network associations
▶ Network performance (signal strength)
monitoring
▶ Exception management and troubleshooting
▶ Full lifecycle support
▶ Compliment OEM management platforms ▶ Flexible monitoring tools to minimize overhead ▶ Controlled access and support
Our Benefits
▶
Enterprise-grade security from the industry’s most secure mobility platform
▶Reduce IT involvement through the automation of device enrollment and
configuration
▶
Mitigate legal and business risk associated with enterprise mobility
▶Gain comprehensive, integrated view of all your mobile devices
▶
Streamline the management of all your mobile assets and applications
▶Reduce the cost and effort of mobile device deployments
▶
Improve the overall support experience for mobile workers
▶Increase IT and help desk efficiencies and productivity rates
▶Increase mobile worker productivity
▶
Enable and enforce IT security and compliance policies
Deployment Options
#
of
D
e
vic
e
s
Requirement Complexity
On-premise
Appliance
On-premise
1-100,000+ devices
Physical or virtual hardware
Integrates with multiple
enterprise services (Email environments, Directory Services, Certificates, etc.)
.NET, SQL architecture
Deployment Options
Appliance
1-5,000 devices
Tiered solutions to optimize
appliance size
Industry standard hardware
Redundant hardware
components
AirWatch perpetual licenses
Software as a Service
1-100,000+ devices
Multiple redundant data centers
Best of class hardware -Cisco,
F5, EMC and Dell
24 / 7 / 365 Atlanta-based NOC
High availability (HA)
Multi-tenant Architecture
▶Manage assets by division, geography or
organizational grouping
▶
Customize user access and capabilities
▶
Standard roles for easy implementation
▶Granular control for custom roles
▶
Users can carry different access rights
across different logical device groupings
▶
Secured access for third-party device
Multi-lingual Console
▶
Localizes languages by integrating
cultural, linguistic or industry terms
▶Creates a data dictionary for any IT or
business-defined group of console users
▶Gives console users the ability to select
their preferred language and dialects
▶Converts and stores all languages in
Unicode
▶
Uses the IETF language tag to support
internal localization
Secure Role-based Access
▶Provide hierarchical console access
based on location, role and function:
▶
Active Directory integration
▶Role-based access to views and
functionality
▶
N-tier levels of security
▶
Single sign-on integration with 3rd
party apps
▶
Complete audit trail, ensuring only
Intelligent Notifications
▶Provide immediate notifications
to end users and IT groups for
security and compliance issues:
▶
Device roaming alert
▶Non-compliance
▶
Device compromised
▶Inactive device
▶
Unauthorized applications
▶Expired certificates
▶
SIM card change
Robust Reporting
▶Generate actionable reports
▶Provide automated distribution
▶
Multiple access and reporting levels
▶Reports linked with security model
▶Provide IT-defined access to
partners and other third parties
▶
Extensive library of reports
▶
Flexible and easy customization:
▶
Desired data points
▶Date ranges
▶
