This document summarizes the key components and architecture of Windows Mobile devices integrated with Microsoft infrastructure. It discusses how Exchange Server, Exchange ActiveSync, firewalls, management tools, and other components work together to securely manage mobile devices. The architecture is designed for flexibility, scalability, manageability, and security. It allows reuse of existing skills and builds on the Microsoft mobility platform.
Modern mobile devices by their capabilities are almost equal to office computers. For working with different types of document or an access to corporate resources, employees often use their own tablets and smartphones ignoring the prohibition of IT service. This BYOD scenario is impossible to avoid. BYOD brings significant risks and often results in confidential data breaches. The usual restrictions are no longer working, businesses are unable to stop employees from bringing personal devices into the workplace, and today every company needs more mobile and flexible solutions.
Windows Server 2003 Migration: Take a Fresh Look at Your IT InfrastructureSymantec
This IDC Executive Brief analyzes the implications of the termination of Windows Server 2003 support in July 2015 and suggests best practices for European organizations that are planning to migrate to a more up to date IT infrastructure.
Rapid increases in information technology also changed the existing markets and transformed them into emarkets
(e-commerce) from physical markets. Equally with the e-commerce evolution, enterprises have to
recover a safer approach for implementing E-commerce and maintaining its logical security. SOA is one of
the best techniques to fulfill these requirements. SOA holds the vantage of being easy to use, flexible, and
recyclable. With the advantages, SOA is also endowed with ease for message tampering and unauthorized
access. This causes the security technology implementation of E-commerce very difficult at other
engineering sciences. This paper discusses the importance of using SOA in E-commerce and identifies the
flaws in the existing security analysis of E-commerce platforms. On the foundation of identifying defects,
this editorial also suggested an implementation design of the logical security framework for SOA supported
E-commerce system.
Session 1 for the Azure Introduction for IT Pros event held at the Microsoft Norway offices in March 2015. The deck explains the mobility support in Azure and the Enterprise Mobility Suite (EMS).
Modern mobile devices by their capabilities are almost equal to office computers. For working with different types of document or an access to corporate resources, employees often use their own tablets and smartphones ignoring the prohibition of IT service. This BYOD scenario is impossible to avoid. BYOD brings significant risks and often results in confidential data breaches. The usual restrictions are no longer working, businesses are unable to stop employees from bringing personal devices into the workplace, and today every company needs more mobile and flexible solutions.
Windows Server 2003 Migration: Take a Fresh Look at Your IT InfrastructureSymantec
This IDC Executive Brief analyzes the implications of the termination of Windows Server 2003 support in July 2015 and suggests best practices for European organizations that are planning to migrate to a more up to date IT infrastructure.
Rapid increases in information technology also changed the existing markets and transformed them into emarkets
(e-commerce) from physical markets. Equally with the e-commerce evolution, enterprises have to
recover a safer approach for implementing E-commerce and maintaining its logical security. SOA is one of
the best techniques to fulfill these requirements. SOA holds the vantage of being easy to use, flexible, and
recyclable. With the advantages, SOA is also endowed with ease for message tampering and unauthorized
access. This causes the security technology implementation of E-commerce very difficult at other
engineering sciences. This paper discusses the importance of using SOA in E-commerce and identifies the
flaws in the existing security analysis of E-commerce platforms. On the foundation of identifying defects,
this editorial also suggested an implementation design of the logical security framework for SOA supported
E-commerce system.
Session 1 for the Azure Introduction for IT Pros event held at the Microsoft Norway offices in March 2015. The deck explains the mobility support in Azure and the Enterprise Mobility Suite (EMS).
Application Security framework for Mobile App Development in Enterprise SetupEswar Publications
Enterprise Mobility has been increasing the reach over the years. Initially Mobile devices were adopted as consumer devices. However, the enterprises world over have rightly taken the leap and started using the ubiquitous technology for managing its employees as well as to reach out to the customers. While the Mobile ecosystem has been evolving over the years, the increased exposure of mobility in Enterprise framework have caused major focus on the security aspects of it. While a significant focus have been put on network security, this paper discusses on the approach that can be taken at Mobile application layer, which would reduce the risk to the
enterprises.
Microsoft Windows Intune getting started guide dec 2012 releaseDavid J Rosenthal
Get the most out of Windows Intune.
This document is designed to help you evaluate the main features of Windows Intune and set up your new Windows Intune environment. To facilitate this process, this document uses an example configuration for a business called Adatum. Throughout this paper, you will see screenshots taken from this environment that illustrate how you can similarly configure your Windows Intune environment. Subsequently, you can implement the documented steps to create and customize your environment to meet your own business needs.
Fulfillment request management (the approach)ijcsit
In this paper we introduce the term FRM (Fulfillment Request Management). According to the FRM in a
BSS / OSS environment we can use a unified approach to implement a SOA in order to integrate BSS with
OSS and handle 1. Orders 2. Events 3. Processes. So in a way that systems like ESB, Order Management,
and Business Process Management can be implemented under a unified architecture and a unified
implementation. We assume that all the above mentioned are 'requests' and according to the system we
want to implement, the request can be an event, an order, a process etc. So instead of having N systems we
have 1 system that covers all the above (ESB, Order Management, BPM etc) With the FRM we can have
certain advantages such as: 1. adaptation 2. Interoperability. 3. Re-usability 4. Fast implementation 5.
Easy reporting. In this paper we present a set of the main principles in order to build an FRM System.
Share Point Server Security with Joel OlesonJoel Oleson
From Authentication and Authorization to ports, firewall rules, and server to server communication, this session goes into depth on a number of topic with further resources on SharePoint Security by Joel Oleson
Application Security framework for Mobile App Development in Enterprise SetupEswar Publications
Enterprise Mobility has been increasing the reach over the years. Initially Mobile devices were adopted as consumer devices. However, the enterprises world over have rightly taken the leap and started using the ubiquitous technology for managing its employees as well as to reach out to the customers. While the Mobile ecosystem has been evolving over the years, the increased exposure of mobility in Enterprise framework have caused major focus on the security aspects of it. While a significant focus have been put on network security, this paper discusses on the approach that can be taken at Mobile application layer, which would reduce the risk to the
enterprises.
Microsoft Windows Intune getting started guide dec 2012 releaseDavid J Rosenthal
Get the most out of Windows Intune.
This document is designed to help you evaluate the main features of Windows Intune and set up your new Windows Intune environment. To facilitate this process, this document uses an example configuration for a business called Adatum. Throughout this paper, you will see screenshots taken from this environment that illustrate how you can similarly configure your Windows Intune environment. Subsequently, you can implement the documented steps to create and customize your environment to meet your own business needs.
Fulfillment request management (the approach)ijcsit
In this paper we introduce the term FRM (Fulfillment Request Management). According to the FRM in a
BSS / OSS environment we can use a unified approach to implement a SOA in order to integrate BSS with
OSS and handle 1. Orders 2. Events 3. Processes. So in a way that systems like ESB, Order Management,
and Business Process Management can be implemented under a unified architecture and a unified
implementation. We assume that all the above mentioned are 'requests' and according to the system we
want to implement, the request can be an event, an order, a process etc. So instead of having N systems we
have 1 system that covers all the above (ESB, Order Management, BPM etc) With the FRM we can have
certain advantages such as: 1. adaptation 2. Interoperability. 3. Re-usability 4. Fast implementation 5.
Easy reporting. In this paper we present a set of the main principles in order to build an FRM System.
Share Point Server Security with Joel OlesonJoel Oleson
From Authentication and Authorization to ports, firewall rules, and server to server communication, this session goes into depth on a number of topic with further resources on SharePoint Security by Joel Oleson
Windows Phone Introduction.
Windows Phone Timeline.
What is Special in Windows Phone?
Hardware Specifications.
Windows Phone Development Tools.
Windows Phone Apps.
Conclusion.
Microsoft Unified Communications - Exchange Server 2007 Interoperability Over...Microsoft Private Cloud
Most organizations today use products and technologies from multiple vendors, creating heterogeneous computing environments. This approach can make it difficult to maximize the return on your IT investments while also realizing the value of new technologies. Technology interoperability—the ability to communicate and exchange data using technologies from different vendors—is an important factor to consider as you look for ways that IT can contribute more to your business.
Note This project is broken up into Windows and Mac version.pdfsagaraccura
Note: This project is broken up into Windows and Mac versions (listed below).
Security and privacy should never be an afterthought when developing secure software. A formal
process must be in place to ensure they're considered at all points of the product's lifecycle.
Microsoft's Security Development Lifecycle (SDL) embeds comprehensive security requirements,
technology specific tooling, and mandatory processes into the development and operation of all
software products. All development teams at Microsoft must adhere to the SDL processes and
requirements, resulting in more secure software with fewer and less severe vulnerabilities at a
reduced development cost.
Office 365 isolation controls
Microsoft continuously works to ensure that the multi-tenant architecture of Microsoft 365 supports
enterprise-level security, confidentiality, privacy, integrity, local, international, and availability
standards. The scale and the scope of services provided by Microsoft make it difficult and non-
economical to manage Microsoft 365 with significant human interaction. Microsoft 365 services are
provided through globally distributed data centers, each highly automated with few operations
requiring a human touch or any access to customer content.
Microsoft 365 is composed of multiple services that provide important business functionality and
contribute to the entire Microsoft 365 experience. Each of these services is self-contained and
designed to integrate with one another. Microsoft 365 is designed with the following principles:
- Service-oriented architecture: designing and developing software in the form of interoperable
services providing well-defined business functionality.
- Operational security assurance: a framework that incorporates the knowledge gained through
various capabilities that are unique to Microsoft, including the Microsoft Security Development
Lifecycle, the Microsoft Security Response Center, and deep awareness of the cybersecurity
threat landscape.
How do Microsoft online services employ audit logging?
Microsoft online services employ audit logging to detect unauthorized activities and provide
accountability for Microsoft personnel. Audit logs capture details about system configuration
changes and access events, with details to identify who was responsible for the activity, when and
where the activity took place, and what the outcome of the activity was. Automated log analysis
supports near real-time detection of suspicious behavior. Potential incidents are escalated to the
appropriate Microsoft security response team for further investigation.
Microsoft online services internal audit logging captures log data from various sources, such as:
Event logs
AppLocker logs
Performance data
System Center data
Call detail records
Quality of experience data
IIS Web Server logs
SQL Server logs
Syslog data
Security audit logs
Windows Users - the Windows version requires Windows (7/10/11) operating environment.
1. Your task is to examine your Windo.
This project is broken up into Windows and Mac versions lis.pdfadinathfashion1
This project is broken up into Windows and Mac versions (listed below).
Security and privacy should never be an afterthought when developing secure software. A formal
process must Security and privacy should never be in place to ensure they're considered at all
points of the product's lifecycle. Microsoft's Security Development Lifecycle (SDL) embeds
comprehensive security requirements, technology-specific tooling, and mandatory processes into
the development and operation of all software products. All development teams at Microsoft must
adhere to the SDL processes and requirements, resulting in more secure software with fewer and
less severe vulnerabilities at a reduced development cost.
Office 365 isolation controls
Microsoft continuously works to ensure that the multi-tenant architecture of Microsoft 365 supports
enterprise-level security, confidentiality, privacy, integrity, and local, international, and availability
standards. The scale and the scope of services provided by Microsoft make it difficult and non-
economical to manage Microsoft 365 with significant human interaction. Microsoft 365 services are
provided through globally distributed data centers, each highly automated with few operations
requiring a human touch or any access to customer content.
Microsoft 365 is composed of multiple services that provide important business functionality and
contribute to the entire Microsoft 365 experience. Each of these services is self-contained and
designed to integrate with one another. Microsoft 365 is designed with the following principles:
- Service-oriented architecture: designing and developing software in the form of interoperable
services providing well-defined business functionality.
- Operational security assurance: a framework that incorporates the knowledge gained through
various capabilities that are unique to Microsoft, including the Microsoft Security Development
Lifecycle, the Microsoft Security Response Center, and deep awareness of the cybersecurity
threat landscape.
How do Microsoft online services employ audit logging?
Microsoft online services employ audit logging to detect unauthorized activities and provide
accountability for Microsoft personnel. Audit logs capture details about system configuration
changes and access events, with details to identify who was responsible for the activity, when and
where the activity took place, and what the outcome of the activity was. Automated log analysis
supports near real-time detection of suspicious behavior. Potential incidents are escalated to the
appropriate Microsoft security response team for further investigation.
Microsoft online services internal audit logging captures log data from various sources,
such as:
Event logs
AppLocker logs
Performance data
System Center data
Call detail records
Quality of experience data
IIS Web Server logs
SQL Server logs
Syslog data
Security audit logs
Windows Users - the Windows version requires Windows (7/10/11) operating environment.
1. Yo.
Track your conversations post call on Jotcall Android Mobile Application. An Android mobile CRM extension application for personal, web & enterprise note taking.
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...BlackBerry
BlackBerry UEM delivers unified endpoint management and policy control for your diverse and growing fleet of devices and apps. With its single management console and trusted end-to-end security model, it provides the flexibility and security you need to keep your employees connected and protected.
Wireless mobile content genteration application with RSS feed integrationMike Taylor
Case Study for Wireless content generation application/ Content Management Portal with Integration of RSS and ATOM feeds on Mobile Devices and other hand held devices.visit us @ http://www.brainvire.com/case-study/
Sample Discussion 1Security is one of the most important fun.docxrtodd599
Sample Discussion 1
Security is one of the most important functions an organization must incorporate. Regardless of how organizations are assuming all security measures are in place, many times this isn’t enough. Ensuring this is a priority not only protects the company from hacks but also prevent fines and worst-case scenario, loss of trust which will cripple the organization income.
First, the LAN domain is where all the hubs, switches, routers, and workstations reside. This domain is also a trusted zone. Some of the risks involved in this domain includes worm that can infect all systems connected and unauthorized user access into the workstation.
Second, WAM domain which is a Wide Area Network. As the name implies, this domain covers a large geographic area. Some of the risks involved in this domain includes, network outages and the possibility of a DOS or DDOS attack to the server.
Third, the system/application storage domain. A user accessed server. Used for email and database. A very secure domain to ensure businesses doesn’t lose sensitive data and the threat of losing productivity. Some of the risks includes, DOS attack and SQL injections which can result in data corruption.
Lastly, remote access domain. Allows users to access the local network remotely from anywhere regardless of the what internet connection they may be connected to. This has to be protected with a VPN of course. Some of the risks include slow and poor connection, risk of hack due to remote connection from outside the network can be unsecure.
We are going to focus on the system/application storage domain. This is a very important domain as addressed above. This is because this domain must be protected at all times to minimize the risk of losing confidential and sensitive data. But despite the protection this domain is provided, some of the more common threats related to this domain is the operating system such as the desktop and server, email application, etc. Looking at software vulnerability, this is an easy way to exploit this domain. This is due to software having vulnerabilities and it is impossible to write perfect code that is free of any vulnerabilities. The vulnerabilities are then easily exploited by malware which is usually accidently installed by the user. What these vulnerabilities can be damaging to a corporation, they can be used to steal information or remain for a long ride to monitor or be used as keyloggers. Protecting from these attacks is not easy but ensuring all system updates are installed will help with the mitigation of the risks. Companies are always releasing updates to help correct vulnerabilities shortly after discovery. Another best practice is monitoring the systems for any suspicious software or behavior to help detect malware early.
Policy flexibility is essential to a company as it helps to keep the organization ready and mobile for any changes that will need to be made when new technology and .
Sample Discussion 1Security is one of the most important fun.docxjeffsrosalyn
Sample Discussion 1
Security is one of the most important functions an organization must incorporate. Regardless of how organizations are assuming all security measures are in place, many times this isn’t enough. Ensuring this is a priority not only protects the company from hacks but also prevent fines and worst-case scenario, loss of trust which will cripple the organization income.
First, the LAN domain is where all the hubs, switches, routers, and workstations reside. This domain is also a trusted zone. Some of the risks involved in this domain includes worm that can infect all systems connected and unauthorized user access into the workstation.
Second, WAM domain which is a Wide Area Network. As the name implies, this domain covers a large geographic area. Some of the risks involved in this domain includes, network outages and the possibility of a DOS or DDOS attack to the server.
Third, the system/application storage domain. A user accessed server. Used for email and database. A very secure domain to ensure businesses doesn’t lose sensitive data and the threat of losing productivity. Some of the risks includes, DOS attack and SQL injections which can result in data corruption.
Lastly, remote access domain. Allows users to access the local network remotely from anywhere regardless of the what internet connection they may be connected to. This has to be protected with a VPN of course. Some of the risks include slow and poor connection, risk of hack due to remote connection from outside the network can be unsecure.
We are going to focus on the system/application storage domain. This is a very important domain as addressed above. This is because this domain must be protected at all times to minimize the risk of losing confidential and sensitive data. But despite the protection this domain is provided, some of the more common threats related to this domain is the operating system such as the desktop and server, email application, etc. Looking at software vulnerability, this is an easy way to exploit this domain. This is due to software having vulnerabilities and it is impossible to write perfect code that is free of any vulnerabilities. The vulnerabilities are then easily exploited by malware which is usually accidently installed by the user. What these vulnerabilities can be damaging to a corporation, they can be used to steal information or remain for a long ride to monitor or be used as keyloggers. Protecting from these attacks is not easy but ensuring all system updates are installed will help with the mitigation of the risks. Companies are always releasing updates to help correct vulnerabilities shortly after discovery. Another best practice is monitoring the systems for any suspicious software or behavior to help detect malware early.
Policy flexibility is essential to a company as it helps to keep the organization ready and mobile for any changes that will need to be made when new technology and .
Raygain Information Technology OverviewRajesh Pandey
Raygain is an IT Company with on time, cost-effective solutions serving customers across the globe. IT services by Raygain is about consulting, maintaining, delivering end to end solutions. We render software development services for system development, mobile applications, networking and complete development of entire business applications.
Build, Manage, and Deploy Mobile Apps Faster with App Cloud MobileSalesforce Developers
Want to build mobile apps faster with the new App Cloud Mobile? In this session, learn from Salesforce mobile development experts as they show you how to build, deploy and manage mobile applications using the Mobile SDK, Heroku, Lightning Components and the Salesforce1 mobile app.
In this exclusive webinar you'll learn about
- Developing apps for iOS, Android and Hybrid Mobile environments with App Cloud Mobile
- Using Heroku as Mobile Backend as a Service (MBaaS)
- Building and Deploying Mobile Apps with Salesforce1
This project is broken up into Windows and Mac versions lis.pdfableelectronics
This project is broken up into Windows and Mac versions (listed below). Security and privacy
should never be an afterthought when developing secure software. A formal process must be in
place to ensure they're considered at all points of the product's lifecycle. Microsoft's Security
Development Lifecycle (SDL) embeds comprehensive security requirements, technology-specific
tooling, and mandatory processes into the development and operation of all software products. All
development teams at Microsoft must adhere to the SDL processes and requirements, resulting in
more secure software with fewer and less severe vulnerabilities at a reduced development cost.
Office 365 isolation controls Microsoft continuously works to ensure that the multi-tenant
architecture of Microsoft 365 supports enterprise-level security, confidentiality, privacy, integrity,
and local, international, and availability standards. The scale and the scope of services provided
by Microsoft make it difficult and non-economical to manage Microsoft 365 with significant human
interaction. Microsoft 365 services are provided through globally distributed data centers, each
highly automated with few operations requiring a human touch or any access to customer content.
Microsoft 365 is composed of multiple services that provide important business functionality and
contribute to the entire Microsoft 365 experience. Each of these services is self-contained and
designed to integrate with one another. Microsoft 365 is designed with the following principles: -
Service-oriented architecture: designing and developing software in the form of interoperable
services providing well-defined business functionality. - Operational security assurance: a
framework that incorporates the knowledge gained through various capabilities that are unique to
Microsoft, including the Microsoft Security Development Lifecycle, the Microsoft Security
Response Center, and deep awareness of the cybersecurity threat landscape. How do Microsoft
online services employ audit logging? Microsoft online services employ audit logging to detect
unauthorized activities and provide accountability for Microsoft personnel. Audit logs capture
details about system configuration changes and access events, with details to identify who was
responsible for the activity, when and where the activity took place, and what the outcome of the
activity was. Automated log analysis supports near real-time detection of suspicious behavior.
Potential incidents are escalated to the appropriate Microsoft security response team for further
investigation. Microsoft online services internal audit logging captures log data from various
sources, such as: Event logs AppLocker logs Performance data System Center data Call detail
records Quality of experience data IIS Web Server logs SQL Server logs Syslog data Security
audit logs Windows Users - the Windows version requires Windows (7/10/11) operating
environment. 1. Your task is to examine your Windows .
Raygain information technology overview (1)ROBIN R
Raygain Technologies is an IT Sector Company which provides Business Consultation and IT solutions. Domain Coverage of Raygain covers ERP,CRM,Telecom,Education,Retail,Logistics,
Manufacturing,E-commerce and E-governance.
Daniel Downs: Student Experiences In A Project Based Learning Technology Curr...Daniel Downs
The purpose of this qualitative study was to understand the group dynamic in PBL task delegation and technology skill fluency through the language of its participants. The researcher collected themes, experiences, and decisions depicted in the language of high school students as they negotiated a final project using computer technology tools to create mobile applications for their high school community.
Often in groups, teachers are not always part of the exchange of learning and necessary communication between students to complete tasks and negotiate ideas. This research assists teachers in developing strategies to better organize and guide groups in a PBL curriculum with technology so students can more effectively address the needs of projects independently.
In this research, the PBL curriculum promoted conversation and communication for delegated tasks amongst students and developing a sense of familiarity and cohesiveness in student centered groups. Scenarios which required the management of group members to complete the tasks required in the project were also prevalent. Group members shared critical vocabulary related to technology and the process of the project. Additional benefits included group approaches with the consideration of continually improving the project and also an increased awareness and appreciation for the technology used in the project.
The final mobile applications of the groups represent the combination of group process, technology, and addressing the authentic question in the PBL curriculum. Students were able to develop authentic projects which were the results of a variety of technology based skills, project management and conceptualization.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
Windows mobile architecture_overview
1. Architectural Overview of Windows Mobile
Infrastructure Components
Windows Mobile 5.0 and 6-powered Devices
White Paper
Published: May 2007
For the latest information, please see http://www.microsoft.com/windows/mobile/
Abstract
This whitepaper describes how mobile devices running Windows Mobile 5.0 and Windows Mobile 6 are
fully integrated into Microsoft’s server infrastructure, and how the components fit together. The paper
goes over the fundamental design requirements for employing Microsoft infrastructure components to
help secure and manage mobile devices. The following components and their interrelationships are
discussed: Exchange Server 2003 and 2007, Exchange ActiveSync, Internet Security and Acceleration
Server 2004 and 2006, Microsoft Dynamics Platform, Small Business Server 2003, Microsoft Operations
Manager (MOM) 2005 and Systems Center Operations Manager (SCOM) 2007, Systems Management
Server (SMS) 2003 and Systems Center Configuration Manager 2007, Microsoft Office SharePoint Server
2007 and Live Communications Server 2005.
3. Overview
In an enterprise environment, properly leveraging mobility involves much more than buying Windows
Mobile enabled devices. In this whitepaper, you will learn how mobile devices running Windows Mobile
5.0 and Windows Mobile 6 are fully integrated into Microsoft’s server infrastructure, and how the
components fit together to provide immediate value to your enterprise. After reading this overview,
you should be familiar with the fundamental design requirements for employing Microsoft
infrastructure components to help secure and manage your mobile devices.
The Microsoft mobility platform is comprised of several key components. Because email and messaging
is such an important application of information technology, Exchange Server is a key component of the
architecture. Additionally, your firewall solution serves to enhance security. Other components, such as
Systems Management Server 2003 and Systems Center Operations Manager 2007 (formerly Microsoft
Operations Manager) are available to manage and control the operations of the infrastructure. You will
also learn how the Windows Mobile platform allows you to reuse much of your Line of Business
application investment and personnel skill sets. The infrastructure components and the development
platforms form work together to drive one seamless, cost effective and scalable solution with enhanced
security for your enterprise.
Mobility Architecture Goals
Microsoft’s mobility architecture is designed to integrate with your existing environment, and allow you
to reuse existing systems administration skill sets. The following are some of the design goals of the
architecture:
Flexibility. In most enterprises, IT infrastructure is heterogeneous. Microsoft mobility
architecture is designed to work with your existing environment, such as a variety of advanced
firewall solutions, network topologies, and 3rd
party device management products. While this
whitepaper addresses Microsoft components and recommended architecture, the architecture
is modular and was designed to work with other designs and products. This allows you to
leverage your investment in such areas such as security, scalability, and manageability. This
works for both enterprise messaging applications and line of business applications – no new
special setup is necessary for security and authentication.
Scalability. Most enterprises already have a scalable infrastructure for managing their server
and desktop environments. Mobility should be viewed as just another piece of overall
management strategy. Therefore, Windows mobility architecture relies on existing
infrastructure, such as Exchange 2007 or 2003, for scalability and high availability. No new
middle tier servers, which can result in a single point of failure, are required for the architecture.
Manageability. Microsoft architecture supports many points of management, such as Exchange
console, Systems Management Server 2003 or the upcoming Systems Center Configuration
Manager 2007, or operations monitoring through Systems Center Operations Manager 2007 or
Microsoft Operations Manager 2005. This allows different levels of management, depending on
4. existing infrastructure investment. Third-party device management products are supported as
well.
Extensibility. The architecture is the basis on top of which other Microsoft and third party
applications are built. It has built-in support for Microsoft Office SharePoint Server, and Live
Communications Server 2005. A multitude of third party applications works with the
infrastructure. Additionally, Microsoft Dynamics ERP and CRM applications use the same
infrastructure to deliver their functionality.
Security. Windows Mobile Operating Systems are designed with security in mind and form an
integral part of the infrastructure. Windows Mobile cryptography services have been certified
with US Federal Information Processing Standard (FIPS) 140-2, level 1. Additionally, there is
support for dual-factor authentication, 256-bit AES encryption, remote device wipe and
application certificates. Additionally, the Internet Security and Acceleration 2006 Server has
features that integrate with components on the corporate networks, such as analysis of
Exchange traffic that flows to and from mobile devices.
Reuse of Existing Skill Sets. Both on the administration and application development sides,
same familiar tools are used. For systems management, mobile devices are treated as just
another type of asset from management tools perspective. For application development,
development for both Mobile Web using ASP.NET 2.0 and Mobile Smart Client using the
Compact Framework offer a similar development environment and APIs.
Overview of Windows Mobile Security
Windows Mobile operating systems play a key role in enterprise mobility infrastructure through their
support of communication security standards, security policies and features designed for remote policy-
based management. Windows Mobile 5.0 with Messaging and Security Feature Pack (MSFP) and the
new Windows Mobile 6 both have a sophisticated security system to protect the device from running
malicious code and to help secure communications with corporate servers. As an enterprise
administrator, you are responsible for provisioning and managing security policies on devices and thus
need to understand Windows Mobile features that support communications and device security.
Windows Mobile Application and Network Security
Mobile devices face many threats in today’s environment. To address these threats, digital certificates
are used both to ensure both application and communication security. In the first role, certificates help
Windows Mobile to determine whether an application can be run on the device, and what level of
privilege it receives. Furthermore, most applications are restricted from writing to the registry and
other services that might compromise security. This prevents malicious code from infecting the device
and gives administrators tight control over the applications that are installed on the device. Some
manufacturers even put additional restrictions that require all applications to be signed by a known
trusted authority in order to run.
In securing communications, Windows Mobile uses digital certificates to establish a network connection
using Secure Sockets Layer (SSL) and validate the identity of the server using its installed root
certificates. Windows Mobile offers cryptographic services for:
5. Data encryption - to help secure communications
Hashing - to help ensure data integrity
Digital signatures – to verify identity
SSL is used to enhance security of communications for applications such as Mobile Outlook client
connecting to an Exchange Server, Line of Business applications connecting over web services, or
database clients connecting to a central data store.
The cryptography services have been certified with the US Federal Information Processing Standard
(FIPS) 140-2, level 1. The certification designates that Windows Mobile security algorithms work
properly and protect against a variety of threats. Additionally, Windows Mobile supports Virtual Private
Networking (VPN), Wi-Fi encryption, Storage Card Encryption, and two-factor authentication systems
like RSA SecureID. Lastly, Windows Mobile supports Certificate-Based Authentication, in which each
device is issued a digital certificate that uniquely identifies the device and encrypts the connection.
For more information on security model in Windows Mobile please see Security Model for Windows
Mobile 5.0 and Windows Mobile 6, Windows Mobile 5.0 Application Security.
Windows Mobile Security Policies
Security policies are used for device management; they define levels of security. The policies dictate
whether a device can be configured over the air (OTA), and whether to accept unsigned messages,
applications, or files. The policies include settings such as the number of login attempts before local
device wipe, password strength and length, and PIN-based device protection. Additionally, Windows
Mobile 5.0 and 6 include ability to remotely wipe the device, or locally wipe it after administrator-
settable number of incorrect password entry attempts. By default, only a manager of the device can
change security policies. The policies can be configured through a central management system such as
SMS 2003 or mobile management features built into Exchange 2003 and 2007, provided the OEM or
Mobile Operator has given the administrator Manager permissions. For more information on
management capabilities of SMS 2003 and Exchange, please see references in related sections of this
whitepaper.
Exchange Deployment and Mobile Device
Management
Today, every computer user is also an email user, so Exchange Server is central in enterprise
deployments. Mobile devices communicate with Exchange for a variety of services including email, data
synchronization and security. Understanding Exchange deployment topologies will give you the
background you need to leverage Microsoft Exchange with your mobile devices. Additionally, Exchange
has features that support over-the-air management, data synchronization, and security of mobile
devices through Exchange ActiveSync. Exchange ActiveSync works directly with the Windows Mobile 5.0
and 6 operating systems so you can avoid the added cost of middleware or service fees.
6. Exchange 2003 Deployment Topologies
Exchange 2003 is a highly scalable enterprise messaging environment designed to support many types of
clients. For large enterprises deploying several thousand devices and tens, or even hundreds of
thousands users, Exchange 2003 allows to distribute load across multiple servers. Exchange 2003
allows deployment using two types of servers – front-end and back-end. This topology is shown in
Figure 1.
Front-end servers accept all of the communications with the clients outside the corporate network.
They use a proxy mechanism to transfer requests to the correct back-end servers on behalf of client
computers and devices. They can be configured to support Outlook Web Access (OWA), Outlook
Mobile Access (OMA), Exchange ActiveSync for mobile devices, and RPC over HTTPs. Front-end servers
use Active Directory to find the correct back-end server, where the user’s mailboxes are stored. The
front-end – back-end topology results in a highly scalable solution, as the front-end servers take the load
off the back-end servers. The front-end and back-end topology should be used by large organizations; it
results in decreased management costs, and provides better performance and fault tolerance.
Additional elements in the figure, such as SCCM 2007 Device Management and SCOM 2007 Operations
Monitoring, are discussed later in the whitepaper.
Advanced
Firewall
Exchange,
AD and Firewall Monitoring
AD Monitoring
AD Server
Back-End Server 1
Front-End
Server
Back-End Server 2
Look up
User’s Mailbox
Location
SCCM 2007 –
Common Management
Infrastructure for
Desktop / Server /
Mobile Environments
Perimeter
Network
SCOM 2007
or MOM 2005
Common
Monitoring Infrastructure
Device Management
Point
Exchange Farm
SSL Bridging
Internet
HTTPS
Device Distribution Point Primary Site Server
Site Database
Exchange
Monitoring
Corporate
Network SM
S
M
onitoring
Figure 1 Mobile Infrastructure Architecture Including Exchange 2003 Front-end and Back-End Topology
The mobile device communicates with the front-end server. All email, task, calendar, and other data
synchronization operations are coordinated through the front-end server. Because the front-end
7. servers are responsible for client communication, this topology has several advantages in mobile
scenarios:
1) A single server name is exposed to the users for accessing Exchange. Addition of new servers is
transparent to the user.
2) SSL Encryption and Decryption can happen on the front-end server, thus offloading this operation
from the back-end servers and saving resources.
3) To enhance security of front-end servers, they can be put into a perimeter network creating an
additional layer of protection between the front-end and back-end servers.
Many organizations with a smaller number of users choose to run Exchange on a single server. This also
works well for testing purposes. However, to achieve scalability and security advantages, Microsoft
recommends the front-end, back-end architecture.
For more information please see the following resources:
Exchange Server 2003 and Exchange 2000 Server Front-End and Back-End Topologies
Step-by-Step Guide to Deploying Windows Mobile-based Devices with Microsoft Exchange
Server 2003 SP2
Microsoft Exchange Server 2003 Client Access Guide.
Exchange 2007 Server Roles
Exchange 2007 introduces the concept of server roles as the primary mechanism of scalability. Each
server can act as one or more roles within the topology. Mobile users are supported by a special server
role called the Client Access Server, which is analogous to the front-end server in Exchange 2003. Client
Access Server has interfaces for Exchange ActiveSync, Outlook Web Access, and RPC over HTTPS. The
Mailbox and Hub Transport server roles in combination are similar to the back-end server in Exchange
2003. The Mailbox Server role is the storage server that hosts mailboxes and public folders while the
Hub Transport Server role is responsible for routing mail.
For more information please see The Fundamentals of Mobile Access to Exchange 2007.
Exchange ActiveSync
Exchange ActiveSync is a part of Exchange Server 2003 and 2007 that is optimized to deal with high-
latency / low-bandwidth networks, and also with clients that have limited amounts of memory and
storage. Exchange ActiveSync supports Direct Push technology which automatically synchronizes (or
“pushes”) new email to mobile devices as soon as the mail arrives. Direct Push is in contrast to a polling
style where the device has to request new email from the server on a timed basis. Under the covers,
the Exchange ActiveSync protocol is based on HTTP, SSL, and WBXML, so the communications channel
has enhanced security. Exchange ActiveSync is enabled out of the box on all user mailboxes without
any additional software or servers.
Mobile devices interact with Exchange ActiveSync on the front-end servers when synchronizing email,
schedules, contact information and tasks to the device. Synchronization is extremely fast, with
8. enhanced data compression that enables rapid sending and receiving of messages. Because Exchange
ActiveSync uses standard transport protocols, there is no need to buy special data plans from mobile
operators; standard data plans can be used for global mobile access. It supports all types of mobile
communication networks, including GSM, GPRS, UMTS, HSDPA, and CDMA.
Microsoft Exchange Server 2007 adds several productivity-enhancing features to Exchange ActiveSync.
It includes support for flags, HTML mail, and allows users to search the entirety of their mailboxes from
the mobile device, including messages not currently synced to the device. This helps overcome the
limited resources of a mobile device, and not limiting access to just the portion that fits in device
memory.
For more information, including Exchange ActiveSync features for Exchange 2003 and Exchange 2007,
please see Mobile Messaging with Exchange ActiveSync
Mobile Device Management through Exchange ActiveSync
Since Exchange is so central in many enterprise deployments, Microsoft added special administrative
features into Exchange which can allow mobile devices to adhere to the organization's security policies.
This native device management support helps reduce complexity and costs because you can reuse
existing infrastructure.
Security policies are set on the Exchange 2003 server and delivered to the client through Exchange
ActiveSync. When a mobile device security policy is defined on the server, it is automatically sent to
each device the next time the user of the device starts synchronization. The Exchange 2003 ActiveSync
Mobile Administration Web tool enables administrators to manage the process of remotely erasing lost,
stolen, or otherwise compromised mobile devices.
With Exchange Server 2007, mobile device management is integrated into the Exchange Server
Management Console and self-service capabilities are exposed via Outlook Web Access. For example,
when the device is lost or stolen, users can wipe data from their device themselves, rather than calling
the corporate helpdesk. By doing this, Exchange Server 2007 helps to drive down the cost of supporting
mobile messaging. With Exchange Server 2007, the system administrators can define and name
multiple sets of security policies and apply them to individual users or to different user groups in Active
Directory. They also have access to enhanced monitoring and logging for operational monitoring.
For information on Exchange ActiveSync in Exchange 2007, see Overview of Exchange ActiveSync .
Exchange ActiveSync Communication Security
To help secure Exchange ActiveSync traffic, encryption through Secure Sockets Layer (SSL) is necessary.
If your organization currently exposes Outlook Web Access (OWA), you already have the infrastructure
in place to support a mobile deployment using high-grade, 128-bit SSL encryption. Because Exchange
ActiveSync is implemented as an application that runs on Internet Information Services (IIS), its security
settings can be configured using the same certificates you’re already using for OWA. All communication
between the Windows Mobile device and the Exchange front-end server take place over a single TCP/IP
9. port: TCP port 443, used for SSL-secured HTTP traffic. This greatly simplifies enterprise firewall
configuration, because only a single port needs to be opened from the Internet to the Exchange
ActiveSync front-end server, and that port will probably be open in any case because it’s the same port
used for Outlook Web Access. Additionally, more advanced security scenarios are supported by
Exchange Server and Windows Mobile, such as S/MIME messaging, and SecureID or certificate-based
authentication.
For more information on securing communications with SSL, please see the Step-by-Step Guide to
Deploying Windows Mobile-based Devices with Microsoft Exchange Server 2003 SP2 and Mobile Secure
Certificates Whitepaper.
Communication Security and Advanced Firewall Configurations
Most enterprises use a combination of hardware and software firewall solutions, such as Internet
Security and Acceleration (ISA) Server 2004 or 2006. In addition to the ISA Servers, Exchange supports
most other reverse proxy software firewall products available on the market. Typically, the advanced
firewall is deployed in the perimeter network (see Figure 1). Existing IIS website already used for RPC
over HTTPS or Outlook Web Access is used, so usually no new inbound ports need to be opened on the
firewall. Exchange ActiveSync communicates through a different virtual directory, and the ISA server
can be configured to examine Exchange ActiveSync traffic. SSL is applied between the client and ISA
server, and between the ISA server and the front-end server. This is called terminate – initiate, or SSL
bridging.
SSL bridging protects against attacks that are hidden in SSL-encrypted connections. ISA is configured to
decrypt and examine Exchange traffic from the client, terminating the SSL connection. This step
prevents any malicious traffic from getting into the corporate network, protecting it from any threats.
ISA Web publishing rules configure the connection to the Exchange front-end server. If the rule specifies
to forward the request using HTTPS, ISA 2006 then initiates a new SSL session to the Front-End
(Exchange 2003) or Client Access (Exchange 2007) Server. The second SSL session ensures that the
communication is safe from a malicious user already inside the firewall.
For more information about ISA and Exchange deployment scenarios please see one of the following
documents:
Security for Windows Mobile Messaging in the Enterprise
Publishing Exchange Server 2007 with ISA Server 2006
Using ISA Server 2004 with Exchange Server 2003
Publishing Exchange Server 2003 with ISA Server 2006
Exchange Scalability
Mobile devices represent a relatively light load on the Exchange servers compared to Outlook Web
Access or RPC/HTTP, so your infrastructure may be able to support the extra load without adding
additional servers. When rolling out Exchange ActiveSync at Microsoft to 26,000 users, Microsoft IT
10. found that only 3.6% of the load on their servers being due to Exchange ActiveSync, and thus did not
need to add any new servers.
The front-end and back-end architecture provides several client access performance and availability
benefits. The front-end servers offload some load processing duties from the back-end servers.
Therefore, front-end servers do not need large or particularly fast disk storage, but should have fast
CPUs and a large amount of memory. Microsoft provides several tools, such as the Exchange Server
Load Simulator tool (LoadSim) and the Exchange Server Stress and Performance (ESP) 2003 tool to test
the performance of Exchange Servers. These tools allow better planning of performance and scalability
requirements of Exchange infrastructure.
Through continuous monitoring with operations tools such as MOM 2005 or SCOM 2007 (see below),
administrators can monitor trends and pinpoint performance degradation. They can then provision
additional back-end servers to decrease the load on existing infrastructure and move mailboxes over to
the new servers. Since the clients use one URL for all their communications with the front-end servers,
back-end servers can be added transparently to the users. For Exchange 2007, the scalability efforts are
focused on the Mailbox and the Hub Transport server roles. Exchange Server architecture should
always include some planned redundancy in order to effectively handle peak loads and unforeseen
events.
Office SharePoint Server 2007 and Live Communications Server (LCS)
2005
Microsoft Office SharePoint Server (MOSS) 2007 web portal technology supports mobile devices out-of-
the-box. Every list and library in MOSS 2007 or Windows SharePoint Services (WSS) v3 is capable of
hosting ‘Mobile Views’. These are standard views of lists or libraries that an administrator has defined as
being mobile enabled. Individual list items can be viewed in mobile form and InfoPath forms can be
opened in a mobile client via a web browser interface. Additionally, Exchange 2007 and Windows
Mobile 6 enable access to files stored on WSS sites and Universal Naming Convention (UNC) file shares via
embedded Exchange links.
Microsoft Office Communicator Mobile allows users to use Microsoft Live Communications Server (LCS)
2005 SP1 on the mobile device. This allows the mobile users to use instant messaging to communicate
with their co-workers who are on the corporate network, all the while taking advantage of enterprise
features such as more secure communications and centralized logging and auditing. Communicator
Mobile provides integration between multiple mobile applications such as Voice over IP (VoIP), presence
status information and organization’s address book. Additionally, users can also communicate with
partners or public instant messaging service users.
For more information please see Microsoft Office Communicator Mobile Planning and Deployment
Guide.
Mobile Device Management and Operations
11. In addition to Exchange-based device management, Systems Management Server (SMS) 2003 Device
Management Pack provides features for device management using an interface already familiar to
administrators. Microsoft Operations Manager (MOM) 2005 allows operational monitoring of
enterprise infrastructure, and the Exchange Management Pack for MOM 2005 has features to monitor
mobile device performance.
Mobile Device Management
Systems Management Server (SMS) 2003 Device Management Feature Pack enables management of
mobile devices when they are connected on the corporate network, or through the VPN. It allows SMS
to collect hardware and software inventory information, distribute and install software, execute scripts
and manage security policies and other settings on devices. SMS is fully integrated with Active
Directory and allows management at levels of different granularity. This is done in one central place
through an Administrative GUI. Importantly, SMS Device Management Feature Pack allows reusing the
same common infrastructure that is already being used for Server, Laptop, and Desktop management.
Systems Management Server works by installing an agent on the mobile device, and using the agent to
collect information about the device, as well as perform management functions. The agent gets
installed during a desktop ActiveSync session and after that enables management of the devices when
on the corporate network. SMS 2003 supports multiple device management and device distribution
points, thus providing a scalable solution. Please see the SMS 2003 Device Management Feature Pack
Site for more information.
The System Center Configuration Manager (SCCM) 2007, scheduled for release in second half of 2007,
is a new version of SMS that builds on the features included with SMS 2003. It adds support for smart
phones and over-the-air software distribution from gateway located in a corporate DMZ (see Figure 1).
The user no longer has to be on the corporate network to get software updates. The device must enroll
for a client certificate during the setup process to be manageable from the internet.
For more information please see the System Center Configuration Manager 2007 site.
Operations Management
Microsoft Operations Manager (MOM) 2005 with Exchange Management Pack monitors the Exchange
Servers including some aspects of the mobile device operations. MOM uses event log entries and
special performance counters on Exchange Servers to collect information. It allows administrators to
monitor all aspects of the Exchange Server, including protocol metrics, events generated by Exchange,
server performance, and mobility features.
MOM 2005 monitors the heartbeat interval and synchronization latency of mobile devices, giving the
administrators a good indication of the mobile user’s experience. System administrators can then make
decisions about how to tune or to scale Exchange components once they notice performance
degradation.
12. The new version of MOM, the Systems Center Operations Manager (SCOM) 2007 together with the
SCOM Exchange Management Pack extend the advances of the MOM platform and provide more
advanced rule-based availability and performance monitoring. MOM 2005 and SCOM 2007 both
support a consolidated view of the entire enterprise infrastructure tiered deployment architecture that
can scale up to hundreds of thousands of clients.
For more information on MOM 2005 please see the Exchange Server Management Pack Guide for MOM
2005. For more information on SCOM 2007 please see the Systems Center Operations Manager 2007
Site.
Application Design and Development
Windows Mobile 5.0 and 6 are supported by one of the largest catalogs of Line of Business (LOB)
applications, offered both by Microsoft and third-party ISVs. However, to meet specific needs of many
enterprises, customers need to develop their own mobile applications. The infrastructure elements
described above combine into a platform for deploying and managing Line of Business applications.
Mobile applications use the same common infrastructure already being used for desktop and server
applications, leading to reduced complexity and lower deployment costs. Common design and
architecture issues, such as development, deployment, operations, and communication security have
well defined solutions. Development frameworks, databases and tools that are common to both
traditional and mobile development allow organizations to reuse much of their existing application
investment and the skill set of their personnel.
Windows Mobile 5.0 and 6 support the .NET Compact Framework, a specialized mobile platform for
developing applications that is based on Microsoft’s .NET. Compact Framework allows application
developers to use the same development languages and tools they are using to develop Windows and
Web-based applications. Both C# and VB.NET languages are supported, and Compact Framework has
built-in support in state-of-the-art Visual Studio 2005 Integrated Development Environment. Available
emulator tools simplify application development and testing on different types of devices.
Additionally, Microsoft provides many resources and tools for mobile development, including recently
released the Mobile Client Software Factory, which provides a framework and application blocks for
commonly used smart client application scenarios. For example, it includes a library that allows queuing
of web service calls to the server when the device is disconnected, and optimizes data transmission
depending on the network speed. For more information on Compact Framework, please see .NET
Compact Framework site.
Mobile database-based applications can take advantage of SQL Server 2005 Compact Edition. SQL
Server 2005 Compact Edition deployed on a device works with a central SQL Server 2005 database
server to synchronize data with the device. SQL Server 2005 supports ability to target each user and
device with a small subset of the enterprise database to reduce the storage requirements on the device.
Advanced mobile database scenarios such as merge replication allow database engine to synchronize
the local database that resides on the mobile device with a central database running on a server.
13. Developers access the database using Visual Studio 2005 development system and the familiar ADO.NET
mechanism supported by all SQL Server editions. In addition to mobile devices, the Compact Edition is
supported on other Windows platforms, including tablet PCs, and desktops. In many single-user client
applications, this means that the same code can be reused on all Windows platforms. For more
information on mobile database development, please see the SQL Server 2005 Compact Edition site.
Many Line of Business (LOB) applications are web-based or web-services based. Internet Information
Server (IIS) and ISA 2004 and 2006 allow advanced security configurations of applications, including
authentication and security rules targeted to specific applications. The network connections are
typically encrypted using SSL and the clients must authenticate themselves against the corporate
firewall server and Active Directory. For the environments using Service Oriented Architecture, mobile
devices often become just another client accessing the SOA web services.
Microsoft LOB applications also support Windows Mobile computing platforms. Microsoft Dynamics
software, such as Microsoft Dynamics AX, and Microsoft Dynamics CRM have out-of-the-box support for
mobile access. Dynamics AX offers a mini mobile ERP client called the Mobile Sales Assistance. It allows
the sales force to examine their route plans, email and calendar, point of sale information for each
costumer, and product and inventory data. There is also Mobile Business Assistant to assist business
decision makers in understanding business performance and tracking KPI metrics of a business.
Dynamics CRM 3.0 was also designed with the mobile sales force in mind. CRM Mobile Express, a
Microsoft Dynamics CRM 3.0 mobility application, enables users to instantly view, create, and modify
data on any Internet-capable device. It lets a salesperson in the field tap into the same sales, marketing,
and customer service data they have access to in the office. CRM Mobile Express runs in a Web browser
and doesn't require users to install additional software.
Mobile Device Support in Small Business
Server 2003
For smaller businesses that require only mail and file share, Microsoft recommends SBS server. Small
Business Server (SBS) 2003 R2 is an “all-in-one” server solution designed for small businesses. It is a
single server that is designed to perform the functions of the IT infrastructure in larger environments, at
a much lower cost. It provides the following services: Exchange 2003, Active Directory, DHCP, DNS,
Domain Controller, Monitoring and Management Services and Windows SharePoint Services. SBS 2003
R2 Premium version also includes SQL Server 2005 Workgroup, ISA Server 2004 and Microsoft FrontPage
2003.
SBS 2003 R2 supports mobile devices through Exchange mobility features offered in Exchange SP2
including Exchange ActiveSync access, this can be configured using SBS’s group policy (similar
functionality to SMS 2003). A key limitation of the SBS server is that only 75 users, computers, or
devices can connect to the server at one time, so adding mobile devices will count against the total limit
that the SBS server will support.
14. For more information and how-to instructions please see Deploying Windows Mobile 5.0 with Windows
Small Business Server 2003.
Conclusion
Properly supporting mobile devices in an enterprise environment requires interaction of several
different areas of enterprise architecture, software security, and operational support tools. Once you
understand the broad components of communications (Exchange ActiveSync), security (SSL and
certificates), management and operations (Exchange ActiveSync, Microsoft Operations Manager,
Systems Management Server), and how they fit together with LOB applications and back-end servers,
you can work with your enterprise security, administration, infrastructure and management teams to
make the most out of your mobile device investment. Since these are familiar tools that are likely
already being used to manage your Windows desktop and server infrastructure, you can expand the use
of existing infrastructure components without additional training or server costs. The Windows Mobile
Operating System and the Windows Server platform elements all work together to drive a security-
enhanced, seamless, cost effective, and scalable solution that addresses all major issues in mobile
enterprise environment.
Additional Resources:
Mobile Messaging at Microsoft: Improving Security, Manageability, and User Experience
Mobile Strategy White Papers Site
Exchange 2007 Support for mobile Devices