This document provides an overview of Mobility XE, a mobile VPN product from NetMotion Wireless. It addresses challenges mobile workers face including connectivity, application performance, and support. Mobility XE enhances productivity by making VPN and application sessions persistent during mobility and optimizing bandwidth. It provides security using AES encryption, authentication methods like Active Directory, and controls like device authentication. The management console allows centralized visibility and control of all device connections, applications, and networks used.

1. Mobility XE Overview June 2010

2. Agenda Company Why a Mobile VPN Mobility XE Features Productivity Security Management Evaluation and Deployment 6/14/2010 2

3. NetMotion Wireless Software company focused on mobile field workers Headquartered in Seattle, Washington Formed in 2001. Sales Offices throughout N. America, Frankfurt, Paris and London 100+ employees 25+ industry awards for VPN technology 1600+ highly satisfied customers +97% maintenance renewal rate +98% satisfaction rate +50% revenue from add-on sales

4. Government Enterprise Healthcare Utilities Insurance

5. Challenges Mobile Workers Coverage and connectivity challenges Moving from location to location Poor application performance Complexity w/ limited access to support resources Business/IT Security when outside corporate network Visibility and management of field resources Extending legacy applications into a mobile and wireless environment Support costs – keeping it simple for end-users 6/14/2010 5

6. 6/14/2010 6 Mobile VPNsNew Category Emerges to Address Mobile Challenges "From our vantage point, NetMotion Wireless is the clear leader in the space“— Tony Rizzo, Director, Mobile Research with The 451 Group Like Legacy IPSec and SSL VPNs…. Uses standards based security for authentication and encryption Unlike Legacy IPSec and SSL VPNs…. Designed for organizations with mobile field workers Addresses productivity pain points Security and management platform independent of network and applications Supports smart phones, handhelds, ultra mobiles, tablets and lap tops. Removes common barriers to a successful mobile deployment

10. 6/14/2010 9 Productivity Only security product that enhances mobile worker productivity. Saves time … … eliminates VPN and application disconnects … replaces “shut-down” with “suspend” … eliminates need to launch a VPN … speeds up applications … eliminates need for multiple VPN profiles … provides real-time access to more applications Improves IT productivity Straight forward installation and maintenance Eliminates VPN client configuration issues Enables over-the-air device management Fewer support calls Unified security & mobility platform for internally developed applications.

11. Jan 2009 Mobility XE – Compression on Cellular Data Networks 6/14/2010 10 Download Speed in Kbps Laptop copying 10 MB DAT file. AMD 2800+ NMS w/ 2GB RAM running Win2K3

12. 6/14/2010 11 Security – Industry Standards Encryption FIPS 140-2 Validated 128, 192 or 256-bit AES Encryption Authentication Methods MS Active Directory RADIUS RSA SecurID Smartcards Digital Certificates FIPS 140-2 Inside* *TM: A Certification Mark of NIST, which does not imply product endorsement by NIST, the U.S. or Canadian Governments

13. 6/14/2010 12 Enhanced Security Lock-down clients Ensure traffic is routed through the corporate network Access to & from device ONLY through encrypted tunnel Complimentary to client firewall Validate user identity throughout the day Configure periodic user reauthentication without disrupting application sessions Verify device identity Stop foreign devices from accessing corporate network Enables a low cost form of multi-factor authentication The MACHINE is something you have Users log in from approved machines only

14. Enhanced Security Quarantine Devices and/or Users Quarantine NEW Devices – keeps unapproved devices off the network Prevent lost or stolen devices from accessing the enterprise Control application access by user group or device Keep devices in the field current on patches Unattended over-the-air management of mobile devices Extend the reach of existing device and patch management utilities. Supports Active Directory scripting & objects Network Access Control Prevents or allows user connection based on client’s compliance to corporate policies Client evaluates  Server enforces Allow | Warn | Remediate | Disconnect | Quarantine Integrates with Policy Module for ‘smart’ remediation 6/14/2010 13

15. Centralized web-based view Access console from anywhere See and manage entire pool of servers from a single console All configurations centralized No need to touch clients Granular view into all device connections Same view regardless of the device type Same view regardless of the network connected to Status of all device connections Battery status, operating system version, etc. Processes running on the device 6/14/2010 14 ManagementMobility Console – Session Details

16. 6/14/2010 15 ManagementMobility Console – Session Details

17. ManagementAnalytics Module Enables visibility into how mobile deployment is performing Users Networks Devices Applications Automated notifications for proactive management 6/14/2010 16

18. Connection Status 6/14/2010 17

19. Network Usage by Application 6/14/2010 18

22. Antispyware

23. Firewall

24. OS Version

25. Windows Updates

26. Registry Keys

27. Process & Files

28. Mobility Client Version NAC Compliance ManagementNetwork Access Control + Policy Corporate Network  Policy Allow App Block All Else Application Server Mobility Servers         

29. 6/14/2010 21 ManagementPolicy Management Module Conditions BSSID DNS server address DNS server name Connection name Mobility client version Interface name Interface speed Local address NAC status OS Version Registry value Schedule (date, time) SSID NMS un/reachable for X seconds Externally-set condition WINS server address Target Actions Allow (Apps/Addresses/Ports) Block (Apps/Addresses/Ports) Disconnect (Apps/Addresses/Ports) Pass through (Apps/Addresses/Ports) QoS (Apps/Addresses/Ports) DSCP Traffic Shaping Queuing Real-time Protocol (Packet Loss Recovery) Balloon notification Other Actions Start application (command line) Local networking Override Interface Speed Hide interface Disable roaming Add Static Route to address Web image acceleration (Apps/Addr/Ports)

30. NotificationsEmail, SNMP, Syslog 6/14/2010 22

31. 6/14/2010 23 Mobility XE Evaluation Program Qualified customers or partners can download full production software for lab testing and field pilots 30-day time period, up to 100 mobile devices (can be modified as appropriate) NetMotion Wireless Systems Engineer works with customer throughout the process Technical notes, phone support and in many cases on-site support provided Temporary keys are converted to permanent license keys following a purchase No contracts or fees associated with evaluation program

32. SummaryDelivering on ROI Greater Productivity Completely transparent to mobile field workers Shields mobile field workers from challenges created by wireless networks and mobility Reduce calls into help desk Easy to deploy and maintain Enhanced Security Industry standard encryption and authentication Lock-down clients Device Authentication NAC Module Gain Visibility and Control Detail reporting on users, devices, networks and applications Complete application level control of data in transit 24 6/14/2010