McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync



Similar documents
McAfee Enterprise Mobility Management

McAfee Enterprise Mobility Management

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1

Symantec Mobile Management 7.2

Symantec Mobile Management for Configuration Manager 7.2

Athena Mobile Device Management from Symantec

Symantec Mobile Management Suite

Mobile Device Management and Security Glossary

Cisco Mobile Collaboration Management Service

Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

Mobile Device Management Glossary.

IBM Endpoint Manager for Mobile Devices

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

How To Protect The Agency From Hackers On A Cell Phone Or Tablet Device

10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM)

MDM Mobile Device Management

RFI Template for Enterprise MDM Solutions

ForeScout MDM Enterprise

Kaspersky Security for Mobile

MaaSter Microsoft Ecosystem Management with MaaS360. Chuck Brown Jimmy Tsang

The ForeScout Difference

Enterprise solution comparison chart

Secure, Centralized, Simple

How To Use A Microsoft Mobile Security Software For A Corporate Account On A Mobile Device

The User is Evolving. July 12, 2011

Choosing an MDM Platform

M a as3 6 0 fo r M o bile D evice s

CHOOSING AN MDM PLATFORM

SANS Mobility/BYOD Security Survey

The Maximum Security Marriage:

SA Series SSL VPN Virtual Appliances

iphone in Business Mobile Device Management

Mobile Device Management for CFAES

Exchange ActiveSync (EAS)

Managing and Securing the Mobile Device Invasion IBM Corporation

11 Best Practices for Mobile Device Management (MDM)

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

How To Manage A Mobile Device Management (Mdm) Solution

Deploying iphone and ipad Mobile Device Management

TCS Hy5 Presidio Your Mobile Environment, Your Way Configure, Secure, Deploy. Mobility Solutions

The flexible workplace: Unlocking value in the bring your own device era

White Paper. McAfee Cloud Single Sign On Reviewer s Guide

OWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work.

The Future of Mobile Device Management

SANS Mobility/BYOD Security Survey

ipad in Business Mobile Device Management

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

IT Self Service and BYOD Markku A Suistola

MDM: Enabling Productivity in the world of mobility. Sudhakar S Peddibhotla Director of Engineering, Good Technology

IBM MobileFirst Managed Mobility

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

Embracing Complete BYOD Security with MDM and NAC

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

BEST PRACTICE GUIDE MOBILE DEVICE MANAGEMENT AND MOBILE SECURITY.

AirWatch Solution Overview

Multi-Platform Enterprise Mobility Management. Perfectly balancing end-user and corporate needs

Ensuring the security of your mobile business intelligence

Mobile Workforce. Connect, Protect, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite.

ios Enterprise Deployment Overview

Multi-OS Enterprise Mobility Management. Perfectly balancing end-user and corporate needs

Advanced Configuration Steps

The Future of Mobile Computing

What We Do: Simplify Enterprise Mobility

McAfee Security Architectures for the Public Sector

A Symantec Connect Document. A Total Cost of Ownership Viewpoint

Technical Note. ForeScout MDM Data Security

Endpoint Management and Mobility Solutions from Symantec. Adapting traditional IT operations for new end-user environments

iphone in Business How-To Setup Guide for Users

Systems Manager Cloud Based Mobile Device Management

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

DEVICE MANAGEMENT EXTENSIONS

How To Write A Mobile Device Policy

E-commerce: Competing the Advantages of a Mobile Enterprise

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Statement of Direction

Guideline on Safe BYOD Management

Why Digital Certificates Are Essential for Managing Mobile Devices

Healthcare Buyers Guide: Mobile Device Management

Total Protection for Compliance: Unified IT Policy Auditing

Transcription:

McAfee Enterprise Mobility Management Versus Microsoft Secure, easy, and scalable mobile device management

Table of Contents What Can Do? 3 The smartphone revolution is sweeping the enterprise 3 Can enterprises manage their growing mobile device fleets in a way that is secure, easy, and scalable? 3 Why ActiveSync Isn t Enough 3 Ease of setup and provisioning 4 Breadth of capabilities 4 Strong authentication 4 Compliance enforcement 4 Detailed reporting 4 Operational considerations 4 Application mobilization 4 Mobile operating system (OS) advancements 5 Device management 5 IT activation 5 Policy compliance 5 Applications beyond email 6 Division of IT responsibilities 6 Summary 6 Getting Started 6

Microsoft (EAS) is a mobile data synchronization technology and protocol that provides push synchronization of contacts, calendars, tasks, and email between ActiveSync-enabled servers and devices. EAS however supports only limited security policy management. McAfee Enterprise Mobility Management (McAfee EMM ), on the other hand, complements EAS by providing the full lifecycle of the device, self-service provisioning, configuration and policy management, compliance management, and reporting. McAfee EMM is the right solution for enterprises looking to manage their mobile fleets in way that is secure, easy, and scalable. What Can Do? ActiveSync is a mobile data synchronization technology and protocol developed by Microsoft, originally released in 1996. There are two implementations of the technology: one that synchronizes data and information with handheld devices with a specific desktop computer (originally known as Handheld PC Explorer) and another technology, commonly known as (or EAS), which provides push synchronization of contacts, calendars, tasks, and email between ActiveSync-enabled servers and devices. is a proprietary protocol and is licensed to a number of mobile device companies, including Apple for the Apple iphone, HP for its webos devices, and Google for certain Android smartphones. technology is also used by other messaging and collaborative software servers, including Novell GroupWise and Lotus Domino. Why buy, deploy, and use the McAfee EMM solution if you can achieve so much with EAS to begin with? The smartphone revolution is sweeping the enterprise Since the original release of the iphone 1.0 on January 9, 2007, the mobile market has gone through a major paradigm shift. Smartphones now are on track to becoming the majority of mobile devices in use, and vendors who were smart enough to develop a superior offering now dominate this rapidly growing market. Innovative new smartphones are displacing traditional mobile phones, and that wave has now reached the enterprise. Until recently, the BlackBerry was the preferred choice of the mobile worker; today the situation is changing quickly. In contrast to the BlackBerry, McAfee EMM allows enterprises to control email end to end, making their smartphones and Apple ipads true endpoints that are part of their data centers, just like laptops. More and more enterprises are testing other smartphone platforms such as the iphone and Android and like what they see. Moreover, the re-emergence of the tablet with the launch of the ipad opens up a new set of mobile device opportunities and requirements. Can enterprises manage their growing mobile device fleets in a way that is secure, easy, and scalable? The need for an enterprise-level mobile device management (MDM) solution has been a critical issue for many CIOs and CSOs and their teams. At first, many were looking to address this issue using tools they already had in house, such as the Microsoft EAS. However, more and more IT leaders within the enterprise have come to the realization that tools such as EAS can only take them so far. Secure, easy, and scalable enterprise mobility management solution has thus become mission-critical for the enterprise. Why ActiveSync Isn t Enough ActiveSync is a highly scalable protocol developed by Microsoft primarily to synchronize devices with Microsoft Exchange. Microsoft has licensed this protocol to device manufacturers and to many email server vendors. For example, IBM Lotus Notes uses ActiveSync to push email to Apple iphones. ActiveSync also includes a limited policy management capability as part of the protocol, and Microsoft Exchange leverages ActiveSync for basic policy management. 3

McAfee EMM, on the other hand, covers the full lifecycle of the device, including: Self-service provisioning Configuration and policy management Compliance management Detailed deep mobile device reporting In comparison, EAS covers only a limited subset of this lifecycle, focusing on some policy management and elements of compliance. Ease of setup and provisioning McAfee EMM s self-service provisioning fully configures the device for email, along with WiFi and VPN. Exchange s ActiveSync policies can exercise partial control over the device only once Exchange has been configured. The initial device configuration is complicated, and McAfee EMM makes it easy. Breadth of capabilities ActiveSync is limited in what it can do, especially when compared to McAfee EMM. For example, ActiveSync can wipe the whole device, while McAfee EMM can selectively wipe parts of the device (Exchange synced email, contacts, and calendar), in addition to the whole device. This is useful for personally owned devices that are accessing only corporate email. Strong authentication McAfee EMM puts a client certificate on the device so that the device strongly authenticates itself to the network for email access. Most large enterprises require strong or two-factor authentication and are bending their policies to permit push email. They choose not to use a VPN because of latency, battery impact, and complexity. McAfee EMM provides push email with strong authentication with no impact on performance or battery life, and it hides the complexity of a mobile VPN. Compliance enforcement Enterprises need to ensure that only devices that satisfy their security properties are able to connect to their networks. Exchange s ability to enforce compliance is limited. McAfee EMM ensures that only authenticated, managed, and secured devices can connect. For example, McAfee EMM can block compromised (jailbroken) iphones. Detailed reporting McAfee EMM collects lots of device data and metadata as well as real-time information about the device and provides reports on this information. Exchange reporting about devices is minimal. A McAfee EMM report tracks the compliance status of devices and can report on noncompliant devices. This report can be used to help IT guide users to remediate their devices back to compliance. Operational considerations Organizationally and politically, many enterprises do not want to use Exchange to manage devices. They don t use Exchange to manage laptops and don t want to risk the availability of email. iphone devices are viewed as small computers properly managed by the endpoint group, not as an appendage of messaging. Application mobilization The enterprise is intent on mobilizing business applications beyond email, such as business intelligence, sales force automation, point of sale, and document creation. Today, McAfee EMM is able to distribute applications for Windows mobile devices and with the release of ios 4.0 by Apple, the platform will become an Enterprise App Store for custom app distribution for Apple mobile devices like the iphone and ipad. 4

Mobile operating system (OS) advancements Mobile OS vendors are recognizing the need for device security and management beyond ActiveSync. Apple ios 4.0 includes a mature MDM capability and a device side that needs a server like McAfee EMM for security management. Google Android 2.2 introduces a similar MDM capability. Both demonstrate that enterprise mobile device security management needs a full management server for scale, security, compliance, and reporting. Device management McAfee EMM does full iphone security and configuration management through the use of ActiveSync policies and iphone Configuration Profiles. Conversely, Exchange can only manage ActiveSync policies that govern a subset of the iphone s features. Currently, ActiveSync policies govern a subset of the iphone and Apple ipod Touch features, and ActiveSync enforces only a limited set of policies for defining functions such as how the device password is used and controlling the device camera. In addition, the ActiveSync protocol supports remote wipe of the device. Apple differentiates the iphone from other smartphones by providing a second, richer way for IT to configure devices en masse. Configuration profiles are XML files that quickly load device configuration (for example, VPN and WiFi settings) and authorization information. Profile Services, used for the creation and secure distribution of configuration profiles, is core to Apple s blueprint and serves as a reference model for IT departments supporting the iphone or ipod Touch. McAfee EMM combines these two management approaches Apple Configuration Profiles and ActiveSync policy management into a single device management solution that uses group-based policy management, where a device is associated with a user who is associated with a group. This allows for one-to-many policy management and simplifies large-scale deployment of the iphone. Exchange, on the other hand, manages each device independently. IT activation Increasingly, enterprises are adopting policies that permit employees to use their personal iphones for business. IT wants to automate the activation process that allows employees to connect their personal devices to work. Automation typically includes the configuration of basic services such as email and access (WiFi or VPN). For the iphone, these capabilities are configured via configuration profiles that are beyond the capabilities of Exchange. McAfee EMM bootstraps an iphone that is not known to and does not know of the enterprise data center into a fully managed endpoint that mobilizes applications and services from the data center. Exchange relies on manual configuration of the ActiveSync email client to enable the iphone to be managed by Exchange through the set of ActiveSync policies that it supports. McAfee EMM also implements the Apple iphone enrollment process, including the use of simple certificate enrollment protocol (SCEP) to deploy digital certificates to the iphone. This capability enables the secure deployment of subsequent iphone configuration profiles used to configure IT services and application. This process is outside the scope of Exchange policy management. Policy compliance The McAfee EMM Access Manager performs a compliance check on all iphones before they enter the corporate network to ensure that ActiveSync policies and configuration profiles remain persistent. Since the McAfee EMM Access Manager operates in the demilitarized zone (DMZ), IT does not have to publish ActiveSync directly to the Internet, providing an added layer of security. Policy compliance enforcement by the McAfee EMM platform considers all the device information known about the iphone, including hardware version (to ensure that data at rest is encrypted on the iphone 3GS), software version, configuration profiles, and ActiveSync policies, as well as the authorization of the user and of his iphone. Exchange manages compliance based only on the ActiveSync policies present on the device. 5

Applications beyond email McAfee EMM is independent of the messaging server and supports environments that include Exchange, Lotus Notes, IMAP, and Google Apps. Furthermore, McAfee EMM treats email as just one more application and provisions and connects the iphone to applications beyond email, using VPN and WiFi configurations. Division of IT responsibilities In summary, most IT organizations would never entertain the management and control of their Blackberry devices from Exchange. Enterprise IT is highly protective of its messaging infrastructure, has not used it as an endpoint manager for laptops or PCs, and does not want to risk the availability of corporate messaging servers by using Exchange as a device manager for the iphone. In a similar fashion, the messaging group does not want to give administrative access to Exchange to the device management group. Summary The mobile environment in the enterprise is changing rapidly. The smartphone revolution is sweeping the globe, and its impact is reverberating throughout IT and security organizations. The future mobile workforce demands the enablement of many mobile computing platforms, including smartphones and tablets, all of which need to be supported in a way that is secure, easy, and scalable. Attempts by Microsoft to extend ActiveSync as an enterprise mobility management tool are limited in breadth and depth. While at first glance it seems that EAS can provide all of an organization s MDM needs, it is quickly becoming apparent this is not the case. McAfee EMM provides a secure, easy, and scalable enterprise mobility management solution. EAS is not a viable alternative to McAfee EMM. Getting Started McAfee EMM is the best solution in the market today for enterprise mobility management. Reach out to a McAfee representative, and schedule a webinar and an evaluation. We are certain that you will notice the increase in productivity once you get iphones, ipads, and Android devices seamlessly integrated into your organization. About McAfee, Inc. McAfee, Inc., headquartered in Santa Clara, California, is the world s largest dedicated security technology company. McAfee is relentlessly committed to tackling the world s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. http://www.mcafee.com. McAfee, Inc. 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.mcafee.com McAfee, the McAfee logo, and McAfee EMM are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2010 McAfee, Inc. 14300wp_emm-vs-activesync_0910_fnl_ASD 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information