Mobile Security Mobile Device Management Mobile Application Management
Addressing MDM Challenges in Education Proliferation of mobile devices Asset tracking and multi-os management Student- and teacher-owned devices Secure access to school services Compliance with FERPA and CIPA Explosion of mobile apps Application distribution Internal and public apps Volume Purchase Program (VPP) 2
Corporate Overview Largest MDM provider with over 300+ employees, 150 focused on R&D Provide mobility solutions to 1500+ global customers Leaders in mobile security, device management and application management across multiple platforms Experienced management team previously built Manhattan Associates (NASDAQ: MANH) to 2,000+ employees and $250M in revenue with no outside capital Our mission: Simplify Enterprise Mobility 3
Industry Recognition Gartner Positioned as A Leader in 2011 Magic Quadrant for Mobile Device Management Software Info-Tech Research Group Identified as a Champion in 2011 Mobile Device Management Vendor Landscape Forrester Research Inc. Named innovative MDM and mobile security vendor in Market Overview: Mobile Security, Q4, 2011 IDC Recognized as a company to watch in AirWatch Private Vendor Watchlist Profile Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. IDC, Vendor Profile: AirWatch Private Vendor Watchlist Profile: Addressing Key Enterprise Mobility Challenges Through Mobile Device Management and WLAN Management Software, IDC #226046, December 2010 Market Overview: Mobile Security, Q4, 2011, Forrester Research, Inc., October 21, 2011 4
Higher Education 5
K-12 6
Complete Mobility Management Deploy Retire Configure Support Secure Monitor & Manage Apps & Content 7
AirWatch Advantages Strong track record with deployments exceeding 50,000+ devices, growing to 100,000+ Highly scalable architecture that can be deployed on-premise, as an appliance or SaaS and meets strict requirements for high availability and redundancy Software built on industry standard.net, MS SQL and HTML 5 development platforms Feature-rich solution that incorporates an enterprise app catalog, robust compliance module, secure content delivery and Secure Email Gateway for managing access to email infrastructure Integration to enterprise infrastructure such as LDAP / AD, certificate authorities, VPN, Exchange, Office365, Gmail, help desk systems, etc. Advanced reporting, alerting and workflow with a complete DataMart for easy export of data out to third party business intelligence solutions SDK framework that incorporates additional device management capabilities into internal applications for advanced security, authentication and data loss protection Easy transition from 30-day trials and proof of concepts (POCs) to production environments Competitive pricing with flexible commercial terms for $3/month SaaS model and $40 perpetual licenses Professional services and implementation packages available to fit enterprise deployment needs 8
Deployment Options Software as a Service (SaaS) On-premise Appliance Multiple redundant data centers Best of class hardware - Cisco, F5, EMC and Dell 24 / 7 / 365 Atlanta support center High availability (HA) Standard SLA > 99.9% Physical or virtual hardware Single server to highly available, redundant environment.net, SQL architecture Streamlined installation Tiered solutions to optimize appliance size Industry standard hardware Redundant hardware components AirWatch perpetual licenses 9
Support and Services Implementation Services and Training Successful combination of technical knowledge, industry experience and resources Streamlined implementation process regardless of deployment method or scale Professional Services Prepared to assess technology needs, provide on-site deployment, integration services, mobility best practices and technical solutions Technical Support 24/7/365 support Atlanta-based NOC Fast response times Online support and training portal Dedicated enterprise contacts Software maintenance and upgrades 10
The Most Secure Mobile Management Enterprise directory-based authentication SCEP/Certificate Authority integration Configurable device password policies Device data encryption Compromised device detection Secure email gateway with device level access control and policies for securing attachments Secure mobile web browser Application lock down Security audits, events logs and compliance engine Remote lock, corporate/selective or full wipe Configurable privacy policies for employee-liable versus corporate-owned devices Role-based console access with enterprise directory integration 11
Advanced Scalable Architecture Broadest platform support Android, Apple, BlackBerry, Symbian, Windows Mobile and Windows Phone 7 scalable and multi-tenant Web-based, intuitive user interface built on the latest HTML 5 standards Interactive dashboards and views, advanced filters and searches to automate repetitive tasks Exception management views and automated workflows for proactive issue resolution Role-based access control (RBAC engine) Enterprise infrastructure integration (Microsoft Exchange, Office 365, Lotus Notes, Gmail for Business, LDAP, SAML, PKI (Certificate Authority) Complete DataMart for easy export of data out to third party business intelligence solutions SaaS or On-premise (appliance, dedicated hardware or VM) deployment options 12
Business Intelligence, Workflow and Reporting Automated workflow for exception management Isolate or wipe at-risk devices Remote help desk and troubleshooting capabilities with an integrated case management system Self-service portals to locate devices, reset passcodes and remotely lock or wipe lost devices Alerts via console, Email or SMS triggered by specific device or user actions Reporting portal with over 100+ customizable reports and automatic report distribution Multiple export formats: PDF, EXL, EML or CSV Central knowledge management system for storing documents, manuals etc. 13
Configuration Management and Policy Enforcement Fast deployments with a secure and streamlined device activation process Password, Email, Calendar, Contacts, VPN, Wi-Fi configuration and app distribution Shift-based re-configuration by user (e.g. shared devices for students) Over-the-air software and OS updates with push/pull delivery Device grouping and bulk management for large deployments Configuration libraries with profiles, templates and Golden Images Automated process for assigning and deploying configuration profiles Reduce IT time and effort to configure and reconfigure devices Full lifecycle support with minimal IT involvement 14
Secure Email Gateway Allow or block devices using white lists and black lists or manually based on exceptions Validate devices based on: Mobile user s email username Mobile user s email address Device serial number and OS version Unique device certificate Monitor interactions with the email server: Date and time of sync attempt ActiveSync command (SYNC, PROVISION, etc.) Amount of data traffic to and from the device ActiveSync version Device type (e.g., iphone, ipod, ipad) & IP address View and filter information for exceptions/threats Intercept sensitive email attachments and store in a secure document viewer Public Internet Corporate Firewall DMZ AirWatch Secure Email Gateway Corporate Firewall Corporate Network AirWatch MDM Server Mobile Email Front-End Server Back-End Email Servers 15
Mobile Virtual Private Network (VPN) Provision settings for various VPN types: IPsec Junipier SSL F5 SSL Cisco AnyConnect Deploy VPN authentication certificates Support split tunneling via native platform capabilities Provision on-demand VPN settings for enterprise apps VPN should not be used to filter and monitor all device traffic as VPN settings can be turned off by end users 16
Application Catalog and Distribution Distribute and perform silent updates to enterprise apps Limit selection, recommend and ease the distribution of publicly available apps (Apple AppStore or Android Market) Monitor app lists (installed/not installed/out of date), app usage and data usage Manage app white lists/black lists and compliance policies Lock down devices (kiosk mode) to an ITapproved set of programs or apps Set up a workflow to automatically manage policy violations: Notify user and/or IT Disable app/corporate access (Wi-Fi, VPN, Email) Selective/corporate or full wipe 17
Content Locker Application Enable secure content management though the native content locker app Enforce basic, LDAP and Proxy user authentication to access content locker Upload content individually or in bulk and organize into categories and sub-categories: Document types supported: MS Office, iwork, PDF, XML, JPG, PNG, Rich text format Define effective and expiration dates for each document Distribute content based on user role, device group or ownership Define distribution method cellular versus Wi-Fi only Encrypt content data 18
Content Locker Application Cont. Manage access to content in online and offline modes Enable users to download content on-demand or push content automatically Define download priority as high, medium and low Enable users to search, filter by favorites and view by most recent documents Track content versions and notify users when updates are available Detailed content visibility at the device level: Content status (unknown, installed, uninstalled) Content priority (high, medium and low) Deployment method (on demand or automatic) Content version and size When the document was downloaded When it was last viewed If a device is compromised/mdm is broken, prevent access to content locker 19
SDK/Developer Toolkit Developer toolkit for ios enterprise apps Device check-in and usage monitoring: Device location App launch frequency App usage duration Data usage Compromised device detection with the ability to automatically wipe corporate data Enterprise app single sign-on with certificate or location-based authentication Enterprise app passcode and lock capabilities Data encryption for data stored within an enterprise app Remote wipe of corporate data based on # of failed passcode attempts or on-demand 20
AirWatch Differentiators Architecture Multi OS support Multi-tenant Highly scalable Role-based access API Integration HTML 5 UI Custom branding Mobile Security Secure email gateway Secure content locker Secure mobile browser Compromised device detection Compliance rules engine Enterprise or full device wipe Privacy policies based on ownership Enterprise Integration SCEP, PKI (Certificate Authorities) Directory services (LDAP/AD, Domino) Smart-card, token, SAML authentication Email (Exchange, Traveler, BPOS-D, Office 365 and Gmail) VPN (IPsec, Juniper SSL, F5 SSL and Cisco AnyConnect) Wi-Fi (WEP, WPA, WPA Enterprise - TLS, TTLS, EAP, PEAP) Configuration and Profiles Corporate-liable, employee-liable or shared devices with unique policies Automated profile distribution by user roles, groups and device types Certificate integration Shift and user-based reconfiguration Location-based provisioning Flexible Delivery SaaS - $3/device/month Software appliance - $6,500 On-premise - $40/device Professional services 24/7/365 global support Applications App inventory and distribution HTML and native app catalog White lists and black lists Compliance engine Volume Purchase Program SDK Library Single sign-on App passcode, lock and wipe App data encryption Compromised device detection App and data usage monitoring Self-Service Registration and activation Device locator Clear passcode, lock and wipe Compliance audit Optional profiles App requests Technical support Mobile Intelligence Alerts via console, Email or SMS 100+ customizable reports with automated distribution Automated business rules to respond to exceptions or threats DataMart export to BI tools Mobile telecom management 21
AirWatch Benefits Enterprise-grade security from the industry s most secure mobility platform Reduce IT involvement through the automation of device enrollment and configuration Mitigate legal and business risk associated with enterprise mobility Gain comprehensive, integrated view of all your mobile devices Streamline the management of all your mobile assets and applications Reduce the cost and effort of mobile device deployments Improve the overall support experience for mobile workers Increase IT and help desk efficiencies and productivity rates Increase mobile worker productivity Enable and enforce IT security and compliance policies Improve communications and reduce help desk response times 22