OneFabric Connect and Fiberlink MaaS360 Mobile Device Management (MDM)



Similar documents
OneFabric Connect and Lightspeed Systems Rocket Web Filtering Appliance

OneFabric Connect and iboss Internet Filtering Appliance

Extreme Networks Purview Application Analytics Integration with VMware vrealize Log Insight

Extreme Networks NetSight SDN Integration with A10 Networks Load Balancer, Service Pools and Virtualization Resources

Extreme Networks Jumpstart Deployment Guide

Optimizing Microsoft Lync Deployments on Extreme Networks IdentiFi Wireless

Premier Services Program (PSP) Tools: How to Use and Create Dashboards

Ridgeline Installation and Upgrade Guide

Ridgeline Installation and Upgrade Guide

Extreme Networks EAS t Switch Software Release Notes, Version 1.00

Premier Services Program (PSP) Tools: Security Overview

CounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module MaaS360 Version ForeScout Mobile

Advanced Configuration Steps

OneFabric Connect. Overview. Extend the OneFabric architecture to 3rd party applications DATA SHEET BENEFITS BUSINESS ALIGNMENT

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

Premier Services Program (PSP) Tools: How to Create Custom Reports

Microsoft Lync Qualification Testing on Extreme Networks Switch Infrastructure

IdentiFi and Eduroam Roaming Wireless Service Integration CONFIGURATION GUIDE

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Good MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

XenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

MaaS360 Mobile Device Management (MDM) Administrators Guide

MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

FASTER, SIMPLER AND SMARTER NETWORKS THROUGH SDN INNOVATION

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

MaaS360 On-Premises Cloud Extender

Premier Services Program (PSP) Tools: Deployment Guide

Premier Services Program (PSP) Tools: Overview

M a as3 6 0 fo r M o bile D evice s

SDN Getting Started Guide

Learn More MaaS360 Cloud Extender Checklist (MDM for Blackberry)

MaaS360 Cloud Extender

Mobile Device Management Version 8. Last updated:

Integrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal

How to Configure Guest Management on the DWC-1000

BYOD: BRING YOUR OWN DEVICE.

Data Center Manager (DCM)

Getting Started - MDM Setup

Using the Apple Configurator and MaaS3360

ClearPass Policy Manager

Workplace-as-a-Service BYOD Management

Phone Manager Application Support JANUARY 2015 DOCUMENT RELEASE 4.2 APPLICATION SUPPORT

Ridgeline Network and Service Management Software

Integrating Cisco ISE with GO!Enterprise MDM Quick Start

Sophos Mobile Control Technical guide

Cisco Mobile Collaboration Management Service

Copyright 2013, 3CX Ltd.

Sophos Mobile Control Startup guide. Product version: 3

Enroll a Windows Phone 8 Device

QUICK INSTALLATION GUIDE ACTIVATE

Sophos Mobile Control Startup guide. Product version: 3.5

Sample Configuration for H.323 Trunk between Avaya IP Office and Cisco Unified Communications Manager 7.0 Issue 1.0

Learn More Cloud Extender Requirements Cheat Sheet

MDM User Guide June 2012

Ridgeline Network and Service Management Software

Sophos Mobile Control Administrator guide. Product version: 3.6

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

BlackBerry Enterprise Service 10. Version: Configuration Guide

Ridgeline Network and Service Management Software

Mobility Manager 9.5. Users Guide

Setup Guide: Server-side synchronization for CRM Online and Exchange Server

Preparing for GO!Enterprise MDM On-Demand Service

NMS300 Network Management System

NetSight Suite Installation

When enterprise mobility strategies are discussed, security is usually one of the first topics

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual


Version 3.2 Release Note. V3.2 Release Note

Embracing BYOD with MDM and NAC. Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.

Administering Jive Mobile Apps

EPICenter Network Management Software

Sophos Mobile Control user help. Product version: 6.1

BlackBerry Enterprise Service 10 version 10.2 preinstallation and preupgrade checklist

The ForeScout Difference

Stefan Dürnberger. Consulting Systems Engineer Cisco Deutschland. sduernbe@cisco.com. Co-Author Bitkom Leitfaden BYOD

ForeScout MDM Enterprise

BlackBerry Enterprise Service 10. Universal Device Service Version: Administration Guide

Compliance Rule Sets in MaaS360

Sophos Mobile Control User guide for Windows Phone 8. Product version: 3.5

GlobalSign Integration Guide


Extreme Networks EAS t Switch Software Manual

Ensuring the security of your mobile business intelligence

EPICenter Network Management Software

Product Manual. MDM On Premise Installation Version 8.1. Last Updated: 06/07/15

Active Directory Self-Service FAQ

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Licensing Guide BES12. Version 12.1

SysAid MDM User Guide for Android

MaaS360 Mobile Enterprise Gateway

AirWatch for ios Devices

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Ben Hall Technical Pre-Sales Manager

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace

MaaS360 Mobile Enterprise Gateway

GRAVITYZONE HERE. Deployment Guide VLE Environment

Transcription:

OneFabric Connect and Fiberlink MaaS360 Mobile Device Management (MDM) Configuration and Integration Guide Abstract: This document provides instructions for integrating Extreme Networks OneFabric Mobile IAM and OneFabric Connect with Fiberlink MaaS360 Mobile Device Management. Published: June 2014 Extreme Networks, Inc. 145 Rio Robles San Jose, California 95134 Phone / +1 408.579.2800 Toll-free / +1 888.257.3000 www.extremenetworks.com 2012 2014 Extreme Networks, Inc. All Rights Reserved. AccessAdapt, Alpine, Altitude, BlackDiamond, Direct Attach, EPICenter, ExtremeWorks Essentials, Ethernet Everywhere, Extreme Enabled, Extreme Ethernet Everywhere, Extreme Networks, Extreme Standby Router Protocol, Extreme Turbodrive, Extreme Velocity, ExtremeWare, ExtremeWorks, ExtremeXOS, Go Purple Extreme Solution, ExtremeXOS ScreenPlay, ReachNXT, Ridgeline, Sentriant, ServiceWatch, Summit, SummitStack, Triumph, Unified Access Architecture, Unified Access RF Manager, UniStack, XNV, the Extreme Networks logo, the Alpinelogo, the BlackDiamond logo, the Extreme Turbodrive logo, the Summit logos, and the Powered by ExtremeXOS logo are trademarks or registered trademarks of Extreme Networks, Inc. or its subsidiaries in the United States and/or other countries. sflow is the property of InMon Corporation. Specifications are subject to change without notice. All other registered trademarks, trademarks, and service marks are property of their respective owners. For additional information on Extreme Networks trademarks, see www.extremenetworks.com/company/legal/trademarks. 120955-00

Overview This document highlights the integration of Extreme Networks Mobile IAM and OneFabric Connect solutions with Fiberlink MaaS360 Mobile Device Management. The document describes the necessary installation and configuration actions required to complete the Extreme Networks Fiberlink integration. Fiberlink MaaS360 for Mobile Devices is a cloud-based multi-tenant platform providing enhanced management of ios and Android devices. MaaS360 is designed to provide maximum control over mobile devices and reduce risks to corporate data without jeopardizing employee productivity. It will monitor mobile devices - both employee-owned and those provided by the organization to ensure compliance with corporate security policies. With the integration Extreme Networks and Fiberlink solutions, network administrators benefit from single-pane-of-glass management control of corporate network resources, based on established profiles and policies. Requirements Extreme Networks Software Requirements Extreme Networks NetSight 6.1 or above NMS- XXX (e.g. NMS-10 - NetSight License for up to 10 devices and 100 thin Aps) Extreme Networks NAC 6.1 or above NAC-A-XX, NAC-V-XX or IA-ES-XX (e.g.ia-es-1k - Identity and Access 1,000 end-system license, IA licenses with appliance IA-A-XX require NMS- ADV-XXX NetSight Advanced licenses ) with 802.1X or Web Authentication / Registration where usernames are populated into NAC Manager. Fiberlink MaaS360 Requirements Fiberlink MaaS360 account that will be used by OpenFabric Connect to access information about mobile devices. Extreme Networks, Inc. All rights reserved. 2

Solution Components Overview The integration requires the following software and hardware components. Fiberlink MaaS360 MDM - Can be either on-premise or cloud-based implementation Extreme Networks Mobile IAM Appliance - Performs end-system identification, authentication, and assessment for the mobile devices. Working in combination with the OneFabric Connect, a bidirectional communication channel is established to provide automatic and precise provisioning of mobile devices whether they are enrolled with Fiberlink MaaS360 or not. Extreme Networks NetSight Server - This server consists of several components: Extreme Networks OneFabric Connect Module - The core module in the integration, OneFabric Connect provides services for mobile device discovery, management of the local cache and administrative interface. Call-Back Web Services The front end to the OneFabric Connect Module is used to connect and communicate with Fiberlink MaaS360 to update mobile device information within Mobile IAM. Mobile Device Assessment Engine - This component is responsible for verifying the compliance of a mobile device. Data Store local cache populated with device information obtained from Fiberlink MaaS360 system. Extreme Networks, Inc. All rights reserved. 3

Network Infrastructure - All the required networking hardware, servers, and software for the local environment, both Extreme Networks and 3 rd party based. Mobile Devices - Supported mobile devices include Android, Apple ios, and Windows Mobile tablets and smartphones. Theory of Operation Initial Database Population and Re-synch Process The OneFabric Connect module will poll the Fiberlink MaaS360 system for devices (1). The Fiberlink MaaS360 system returns its current list of mobile devices to the OneFabric Connect module (2). The OneFabric Connect module will write the device information to the local datastore. The local datastore used to supplement the end-system population within the Mobile IAM as well as provide data for the Assessment Engine (3). This datastore will then be maintained through updates that Fiberlink MaaS360 will send to the OneFabric Connect module. Extreme Networks, Inc. All rights reserved. 4

Mobile Device On-Boarding Process Process Extreme Networks Mobile IAM detects an end-system connection event and identifies the mobile device based on device-type profiling and the data provided by the OneFabric Connect module (1). If the mobile device is a recognized Fiberlink MaaS360 enrolled device, an assessment can be triggered (2). The Assessment Engine will then query the local datastore and verify the compliance of the mobile device (3). The Assessment Engine returns the compliance results to the Mobile IAM (4). The Mobile IAM will provision the device according to the assessment results (if triggered), device ownership, or according to the device-type profiling configuration within the Mobile IAM (5). For example, an unregistered mobile device can be assigned a separate network access policy (Extreme Networks-based hardware only), redirected to a captive portal, or confined to a specific VLAN. Extreme Networks, Inc. All rights reserved. 5

OneFabric Connect Installation Note Please reference the OneFabric Connect Plugin and NetSight API Installation Guide. Configuration Note Fiberlink MaaS360 account information is required for the integration The Fiberlink MaaS360 integration requires Fiberlink authentication credentials and other account settings. This information is used in the Fiberlink MaaS360 module tab. Service configuration 1 settings: Username: the login/username that will be used to execute the Fiberlink MaaS360 web services. Password: the password that is used to authenticate the login/username. MaaS360 Webservice URL: use https://services.fiberlink.com unless told otherwise by Fiberlink. Account Billing ID: the account billing ID is used to identify the Fiberlink MaaS360 account. To find the account billing ID, log into the Fiberlink MaaS360 management page. In the example below, the account billing ID is 30001503. Extreme Networks, Inc. All rights reserved. 6

General Module configuration default setting are usually not changed. Service specific configuration default settings: End system group for Managed Business Mobile Devices: Mobile IAM end system group that will be used for mobile devices that are corporate owned. End system group for Managed Personal Mobile Devices: Mobile IAM end system group that will be used for mobile devices that are personally owned. End system group for Default Mobile Devices: Mobile IAM end system group that will be used for mobile devices that do not have their ownership set. End system group for performing a remote wipe: Mobile IAM end system group that is monitored to perform a remote wipe on a mobile device. To perform a remote wipe, enable the remote wipe option and use either Mobile IAM or OneView and add the end system to the remote wipe system group. Enable Remote Wipe: Enable remote wipe by selecting either a selective wipe or a full wipe. Update Kerberos Username For End systems: Update Mobile IAM end system username with the username from Fiberlink MaaS360. Update Device Type For End systems: Update Mobile IAM end system device type with the device type from Fiberlink MaaS360. Notify User When Quarantined: Send a notification message to the mobile user when Mobile IAM quarantines the end system. Enable Assessment: Retrieve additional data for end system assessment. For more information please visit https://community.extremenetworks.com/extreme. Please direct your questions and comments to sai@extremenetworks.com. Extreme Networks, Inc. All rights reserved. 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information