How can we setup/configure our Windows Mobile devices?
Is there a way to control what the user can/can’t do?
We want to be able to secure the data and the devices.
How can we keep these devices up to date?
We would like to provide secure access to our Intranet and other services.
Lets you deploy and manage Windows Mobile devices like you do PCs/laptops in your IT infrastructure and provides security-enhanced access to corporate data Management Workload Deployment: Inside Firewall Network Access Workload Deployment: in DMZ Security Management
Active Directory Domain join
Policy enforcement using Active Directory/Group Policy targeting (>130 policies)
Communications and camera disablement*
Application allow and deny
Single point of management for mobile devices in enterprise
Full OTA provisioning and bootstrapping
OTA Software distribution based on WSUS 3.0
SQL Server 2005 based reporting capabilities
Role based administration
MMC snap-ins and Powershell cmndlets
WMU On/Off controlcompliant
Mobile Optimized VPN
Machine authentication and “double envelope security”
Standards based (IKEv2, MobIKE, IPSEC tunnel mode)
Smartcard Internet DMZ Corporate Intranet Front Firewall Initial OTA Device Enrollment Mobile GW Back Firewall SSL Auth (PIN+Corp Root) SSL Machine Mutual Auth E-mail and LOB Servers SSL User- mutual Auth or Similar Console Mobile Server Back-end R/O AD WSUS Catalog Self Help Site Enrollment Service OMA Proxy CA Mobile VPN