WSO2 Enterprise Mobility Manager (WSO2 EMM) is a 100% open source comprehensive platform that addresses mobile computing challenges faced by enterprises today. Supporting iOS, Android and Windows devices, WSO2 EMM helps organizations deal with both corporate owned, personally enabled (COPE) devices and employee owned devices with the bring your own device (BYOD) program.

1. WSO2 Enterprise Mobility Manager 2.0.1
Overview

2. Agenda
o Background
o Introduction
o Mobile Device Management
o Mobile App Management
o Deployment

3. Background
Challenges in Enterprise Mobility

4. Evolution of Enterprise
Few years back Now

5. Work from Anywhere at Anytime
o Employees are working out of office with
mobile devices and cloud services to perform
business tasks

6. Security Concerns
o Who is logging in?
o Which device is being used ?
o When do they log-in?
o From where do they log-in?
o What tasks they perform after logging in?

7. Devices and Apps
Apps

8. Device and App Management
o How to restrict certain device configurations?
o How to restrict certain applications?
o How to assign permission to access data
based on the organizational hierarchy?

9. Concern of CIOs and IT Managers
o How to allow mobility in my business ?
How to allow mobility
in my business ?

10. Introduction
WSO2 Enterprise Mobility Manager (WSO2 EMM)

11. Overview
o A secure, platform-independent, open source
mobility solution with a lean-footprint to
manage apps and connected devices
Enterprise Mobility Manager
Mobile App Manager Mobile Device Manager
WSO2 Carbon Platform

12. Value Proposition
o Ensures data security in adopting BYOD and
COPE
o Remote device and application management
o First ever Unified App Store in an enterprise
mobility manager

13. Value Proposition cont.
COPE
BYOD
Data Security
Remote Device Management
Enterprise Store
Enterprise App
Development & Management

14. Architecture

15. Core Features
o User, device, policy, operation, configuration and
license management
o Self service enrollment for user
o BYOD & COPE separation
o Identity management
o Multitenancy
o Dashboards
o Platform enrollment protocols and MDM capability

16. Benefits of WSO2 Platform
o The only open source enterprise mobility
manager
o Licensed under Apache 2
o Lean-footprint with the most comprehensive
modular platform
o On-premise or cloud deployments
o App store – mobile app catalog with SSO

17. Case Study
o A fictitious organization eMax is using WSO2
EMM
o eMax employees are allowed to bring their own
devices, but inside the organization,
o The device must get connected to a specific
network
o The camera of the device should be disabled
o Need to install an employee directory application
on the device to access official contact details of
all the employees

18. Mobile Device Management

19. New Employee Arrives..
o Jim joins eMax as a Marketing Officer in the
Marketing Team
o He wants to access eMax corporate network
with his phone

20. Role-based Permission
o Admin creates a
Marketing Officer role
with permissions
o These permissions
define what a marketing
officer can do with EMM
console

21. Policy-based Authorization
o Admin creates a policy named Marketing
Officer Policy with warning type compliance
monitoring
o Marketing Officer Policy,
o Provides a password policy
o Connects with corporate network
o Installs relevant Apps
o Disables the camera
o Admin assigns the Marketing Officer policy to
the Marketing Officer role

22. Policy-based Administration cont.
o Policies can be applied at user, role or platform
level
o Policy hierarchy defines the precedence of the
policies to be enforced
o Facilitates compliance monitoring

23. Device Enrollment
o Admin adds Jim as a user in WSO2 EMM and
assigns him the Marketing Officer role
o Jim is sent an email to his official email with
o A URL to download the Agent to the device
o An auto-generated password to login through the
Agent
o Jim self-enrolls his device with the details
provided in the email, accepting the policy

24. Security for Employees
o Jim can log into WSO2 EMM console from his
desktop/laptop following the steps in the email
o Then he can
o Control his device remotely
o Wipe off data if the phone would get stolen

25. User Store Integration
o eMax which is a startup, adopts LDAP as its
user store after Jim arrives
o eMax integrates their LDAP with WSO2 EMM
o Now Jim can login to WSO2 EMM using his
LDAP credentials
o New employees joining hereafter, needs only
the URLs to download the agent and login to
WOS2 EMM
o WSO2 EMM also supports JDBC and Microsoft
AD user stores

26. Security for Admins
o Can see all the employees’ enrolled devices
o Can wipe off enterprise data in those devices
when employees leave the organization
o Compliance monitoring of policies

27. Device Operations
Operation Description Android iOS Windows
Device
Lock
Ability to lock your own device
via the EMM server.
√ √ √
Location Ability to receive the location of
the device.
√ √ X
Mute
Device
Ability to enable the silent
profile on your own device via
the EMM server.
√ √ X
Enterprise
Wipe
When this operation is
executed, the device will be
unregistered from EMM.
√ √ X
Disenroll When this operation is
executed, the device will be
unregistered from EMM.
X X √

28. Device Operations cont.
Operation Description Android iOS Windows
Clear
Passcode
Ability to remove your own
device lock via the EMM server.
√ √ √
Change
Lock-
Code
Ability to change the provided
passcode or lock-code.
√ √ X
LockRest Ability to change the provided
passcode or lock-code.
Icon
This operation is specific for
Windows devices and is similar
to Change Lock-Code.
X X √
Ring Ability to ring the device via the
EMM server.
√ √ √

29. Device Operations cont.
Operation Description Android iOS Windows
Message Ability to send a message to the
device via the EMM server.
√ √ X
Wipe Data Ability to carryout a factory reset
on your own device via the EMM
server.
√ X √
APN
Configura
tions
Ability to set APN configurations
on a user's device.
X √ X
Google
calendar
Ability to set Google calendar
configurations on user's device.
X √ X
LDAP Ability to set the LDAP account
configurations on the user's
device.
X √ X

30. Mobile App Management

31. App Management
o Centralized application management solution
for mobile apps
o Provisioning your app to right users
o Provisioning your apps without mobile device
agents installed in devices
o Protect your apps from unauthorized users
o App store to provide information about your
apps
o Manage app lifecycle

32. Supported Mobile Apps
o Android Enterprise Apps (APK)
o Android Public Apps (Apps from Google Play)
o iOS Enterprise Apps (IPA)
o iOS Public Apps (Apps From iTunes)

33. App Publisher
o Supports Android, iOS and Windows apps
o Mobile app developers of eMax who are
assigned the app publisher role can upload
applications and submit for review
o Lead mobile app developers are assigned the
reviewer role, thus they review and approve
o Once approved, developers can publish the
apps
o Helps manage the application life-cycle

34. App Publisher cont.

35. App Store
o A universal mobile app store
o Can host Android, iOS and Windows platforms
o Advanced search options
o Jim can install any allowed application he
needs in his multiple enrolled devices
o Admins execute bulk app push through MAM
console when a new corporate app arrives the
store

36. App Store Cont.

37. Security
o Admins can
o Monitor policy compliance
o Track installed apps

38. Deployment

39. WSO2 Platform Deployment Options
o Stand-alone servers
o Private clouds:
e.g. Stratos, Kubernetes
o Public Clouds:
e.g. AWS
o Hybrid deployments
o Dedicated hosting of any WSO2-
based solutions
o WSO2 operations team is
managing the deployment and
keeps it running
o 99.99% uptime SLA
o Any AWS region of choice
o Can be VPNed to local network
o Includes monitoring, backups,
patching, updates
o Shared public cloud,
o Currently available for application
and API hosting (hosted API
Manager and App Factory),
o Preset multitenant deployment in
AWS US East run by WSO2,
o Month-to-month credit card
payment

40. CONTACT US !