SlideShare une entreprise Scribd logo

WSO2Con ASIA 2016: Your Path to IoT & Mobility with WSO2

WSO2
WSO2

Enterprises these days usually provide employees with devices (company owned personally enabled – COPE) or allow employees to use their own devices (bring your own device – BYOD). What many people don’t realize is that enterprise mobility goes beyond developing a few mobile apps, allowing access to emails through mobile devices and browsing web apps on mobile devices. Every organization needs to have a clear strategy when allowing mobility in their enterprise. First and foremost, you need to create a policy around device usage in your organization. A well constructed policy helps in keeping your enterprise information safe and secure. This policy should include Which device platforms can be used (iOS, Android, etc.) Which versions can be used Whether rooted or jailbroken devices can be used Whether to allow BYOD or COPE (or both) Whether to allow access to company resources based on connectivity, location and time Once the policy is created, you need to identify the tools that will help you enforce it. In this session Ruwan and Dilshan will share their expert advice on how to follow a winning path to achieve enterprise mobility.

Technologie
1  sur  55
Télécharger pour lire hors ligne
WSO2 Enterprise Mobility Manager (EMM) 2.0 Dilshan Edirisuriya Senior Software Engineer WSO2
Agenda • Enterprise Mobile Device Management Overview • Key Challenges Faced by Organizations • Need for Mobile Device Management • EMM Architecture and Features • CDMF Architecture and Features • Demo • Platform Features
Enterprise Few Years Back Employees Enterprise Data Device Work • Carried out inside a place • Dependent on specific technology • Resources Within the premise Owned by enterprise Device
Enterprise Now Enterprise Device Data Work • Independent of place • Independent of technology • Resources Within the premise and outside Owned by enterprise and employees Data Employees
Challenges Enterprise Data Employees Device Data Employees working out of the office with mobile devices and cloud services to perform business tasks.
Challenge - Data Security How data can be compromised ? Device being lost or stolen Malicious applications stealing data Data leaks What is data ? Email message or the attachments Documents like pdf, word, excel, ppt, text files Browser accessing HTML pages with cookies Contacts, calendars and notes Application with databases Why data is sensitive ? It can be highly confidential like quotation value, salary details etc. It can have a high impact if it goes to the wrong person Who can compromise ? External Internal
Challenge - Monitor Devices • What to monitor (location, root check, malicious apps, bandwidth usage etc.)? • To what extent? • A threat to employee privacy?
Challenge - Enterprise Application Development & Management
Challenge - Legacy Back End System Integrations • Legacy backends are not mobile friendly. • Adheres to older protocols and standards. • Only compatible with older mobile technologies. Eg: MIDlets.
Why EMM? Applications Documents Emails Browsers Devices
Enterprise Data Employees Devices AndroidiOS Windows 8Blackberry COPE Corporate Owned Personally Enabled BYOD Bring Your Own Device Phones Tablets Laptops CYOD Choose Your Own Device Device Ownership
How EMM addresses Data Security • Device level • Application level
Data Security - Device Level Data Security Enforce Password Policy Encrypt Device Data Remote Device Management Monitor Device (location, battery) Configure device(Email, VPN) Control Device (Enable/Disable Camera) Update OS, Install & Uninstall App
Data Security - Application Level MAM gets you a step closer to managing what you care about MAM brings the perimeter closer to the corporate resources Data is protected Application can be controlled remotely
MAM Controls Application Behavior • Encrypt the data at transmit. Eg: Uses app VPN tunnel or app tunnel. • Encrypt the data at storing & decrypt only when viewing. • Two factor authentication. • Data Loss Prevention - DLP (disable cut, copy and paste). • Policy based data control, where policy can be pushed and updated.
Solution - Enterprise Application Development & Management Data COPE BYOD 1 3 2 4 Data Security Remote Device Management Enterprise Store
Decision for CIOs or IT Managers Allow mobility in my business? Allow employees to use their device ? Allow business partners, distributors to use their device ? Allow them access corporate resources? To what extent?
Risks vs Benefits risks benefits
Drafting a BYOD Policy • What devices are permitted? • Supported features and boundaries for device types. • Ownership and permissions to applications and data. • Policy violation criteria and actions. • Employee exit strategy. • Prompt for approval.
Enterprise Mobility Manager
Key Components • Connected Device Management Framework (CDMF) • Mobile Device Management (MDM) • Mobile Application Management (MAM)
Connected Device Management Framework
Connected Device Management Framework (CDMF) Cont. • Device Management • Operation Management • Application Management • Policy Management • Compliance Monitoring • Configuration Management • License Management
Connected Device Management Framework (CDMF) Cont. • API Management • Certificate Management • Identity Extensions • Web Application Authenticators • Notifications • User Management • Permissions
Connected Device Management Framework (CDMF) Cont. Devices Operations Applications Policies Monitoring Configurations Licenses API Management Certificate Management Identity Extensions Authenticators Notifications Permissions
Enterprise Mobility Manager Architecture
Notification Method - MDM Push
Notification Method - Local
Notification Method - App Push & Silent
Mobile Device Management Features • Self-service device enrollment and management with end-user EMM Console for iOS, Android and Windows devices. • Integrates to enterprise identity systems for device ownership: LDAP, Microsoft AD • Policy-driven device and profile management for security, data, and device features (Camera, Password Policy) • Deploy policies over-the-air (OTA).
Mobile Device Management Features • Compliance monitoring for applied policies on devices. • Role-based access control (RBAC) for device management. • Securely wipe enterprise configurations from Enterprise wipe. • Track locations of enrolled devices. • Retrieve device information.
Mobile Device Management Features • Facilitate device-owner operations such as registering and unregistering devices, installing, rating, sorting mobile apps, etc.
Mobile App Management • Supports App management. • App approval process through a lifecycle. • Provision and deprovisioning apps to enrolled devices. • Provision apps to enrolled devices based on roles. • Provision apps to multiple enrolled devices per user.
Mobile App Management • Retrieve list of apps. • Install new apps and update existing apps on iOS devices via REST APIs, enabling automation of application installation/updates for third party systems/vendors. • Install Web Clips on devices. • Enterprise App Store. • Discover mobile apps through an Enterprise App Store.
Mobile App Management • Self-provisioning of mobile apps to devices. • Rating and Sorting Applications.
Device and Data Security • Multi-tenancy to ensure data isolation across all tenants. • Enforce built-in security features of passcode and encryption. • Encryption of data storage. • Device lock and reset. • Managed APIs to perform administrative functions. • Ring and GPS to locate device remotely if lost/stolen.
Demo
Email configurations <EMM_HOME>/repository/conf/axis2/axis2.xml <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender"> <parameter name="mail.smtp.from">cdm.wso2@gmail.com</parameter> <parameter name="mail.smtp.user">cdm.wso2@gmail.com</parameter> <parameter name="mail.smtp.password">wso21234</parameter> <parameter name="mail.smtp.host">smtp.gmail.com</parameter> <parameter name="mail.smtp.port">587</parameter> <parameter name="mail.smtp.starttls.enable">true</parameter> <parameter name="mail.smtp.auth">true</parameter> </transportSender>
Change config.json file • <EMM_HOME>/repository/deployment/server/ jaggeryapps/emm-web-agent/config • <EMM_HOME>/repository/deployment/server/ jaggeryapps/emm/config
Change cdm-config.xml file • Change LBHostPortPrefix in <EMM_HOME>/ repository/conf
Enroll Email Dear Dilshan, You have been registered to WSO2 MDM with following credentials. Domain: Username: dilshan Password: LbmS82 Below is the link to enroll. https://192.168.1.5:9443/emm-web-agent/enrollment Best Regards, WSO2 MDM Team. http://www.wso2.com
Platform Features
iOS Features • Self-service device enrollment and management with end-user EMM Console via iOS Agent or Web interface for versions up to iOS 9 SDK. • Facilitate remote notifications via Apple Push Notification Service (APNS). • Support for iOS 9. • Device Tracking. • Configuring cellular network settings. • Device profile management.
iOS Features • Retrieving device info. • Device lock • Restricting device operations. • Automatic WiFi configuration. • Set up AirPlay • Set up restrictions • Enterprise WIPE • Set up APN
iOS Features • Setup LDAP. • Setup email accounts. • Set up CalDav • Calendar subscription • Passcode policy • Clear passcode • App installation and update • Retrieve app list
iOS Features • Web clip installation • Supports App management • Setup email accounts
Android Features • Self-service device enrollment and management with end-user EMM Console via Android Agent (Android 4.0.3 Ice Cream Sandwich MR1 up to 5.0 Lollipop). • Supports App management. • App policy compliance monitoring. • Device location tracking. • Retrieving device info. • Changing lock code.
Android Features • Restricting Camera. • OTA WiFi configuration. • Enterprise WIPE. • Configuring encryption settings. • Passcode policy configuration and clear passcode policy. • Device master reset • Mute device • Ring device
Android Features • Send messages to the device. • Install/uninstall store and enterprise applications. • Retrieve apps installed on the device. • Install web clips on the device. • Support GCM/LOCAL connectivity modes.
Windows Features • Self-service device enrollment and management with end-user EMM Console via Workplace (Windows 8.1). • Passcode policy • Restriction on camera. • Encryption settings • Retrieve device info. • Device Lock and Lock Reset • Ring device • Data Wipe
GitHub Repositories • Connected Device Management Framework https://github.com/wso2/carbon-device-mgt • Device management plugins https://github.com/wso2/carbon-device-mgt- plugins • Enterprise Mobility Manager https://github.com/wso2/product-mdm
Questions?
Thank You

Recommandé

WSO2Con EU 2016: An Effective Device Strategy to Accelerate your Business
WSO2Con EU 2016: An Effective Device Strategy to Accelerate your BusinessWSO2Con EU 2016: An Effective Device Strategy to Accelerate your Business
WSO2Con EU 2016: An Effective Device Strategy to Accelerate your Business
WSO2
 
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2
 
WSO2Con USA 2017: Using WSO2 IoT Server as an Enterprise Mobility Management ...
WSO2Con USA 2017: Using WSO2 IoT Server as an Enterprise Mobility Management ...WSO2Con USA 2017: Using WSO2 IoT Server as an Enterprise Mobility Management ...
WSO2Con USA 2017: Using WSO2 IoT Server as an Enterprise Mobility Management ...
WSO2
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2
 
WSO2Con EU 2016: Integration in the Home (For Less Than $50), Internet of Th...
WSO2Con EU 2016: Integration in the Home (For Less Than $50), Internet of Th...WSO2Con EU 2016: Integration in the Home (For Less Than $50), Internet of Th...
WSO2Con EU 2016: Integration in the Home (For Less Than $50), Internet of Th...
WSO2
 
WSO2Con EU 2016: WSO2 IoT Server: Your Foundation for the Internet of Things
WSO2Con EU 2016: WSO2 IoT Server: Your Foundation for the Internet of ThingsWSO2Con EU 2016: WSO2 IoT Server: Your Foundation for the Internet of Things
WSO2Con EU 2016: WSO2 IoT Server: Your Foundation for the Internet of Things
WSO2
 
WSO2Con USA 2017: IoT in Airline Operations
WSO2Con USA 2017: IoT in Airline OperationsWSO2Con USA 2017: IoT in Airline Operations
WSO2Con USA 2017: IoT in Airline Operations
WSO2
 
WSO2Con USA 2017: Is It Time to Update My Open Source Strategy?
WSO2Con USA 2017: Is It Time to Update My Open Source Strategy?WSO2Con USA 2017: Is It Time to Update My Open Source Strategy?
WSO2Con USA 2017: Is It Time to Update My Open Source Strategy?
WSO2
 

Recommandé

WSO2Con EU 2016: An Effective Device Strategy to Accelerate your Business
WSO2Con EU 2016: An Effective Device Strategy to Accelerate your BusinessWSO2Con EU 2016: An Effective Device Strategy to Accelerate your Business
WSO2Con EU 2016: An Effective Device Strategy to Accelerate your Business
WSO2
 
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2
 
WSO2Con USA 2017: Using WSO2 IoT Server as an Enterprise Mobility Management ...
WSO2Con USA 2017: Using WSO2 IoT Server as an Enterprise Mobility Management ...WSO2Con USA 2017: Using WSO2 IoT Server as an Enterprise Mobility Management ...
WSO2Con USA 2017: Using WSO2 IoT Server as an Enterprise Mobility Management ...
WSO2
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2
 
WSO2Con EU 2016: Integration in the Home (For Less Than $50), Internet of Th...
WSO2Con EU 2016: Integration in the Home (For Less Than $50), Internet of Th...WSO2Con EU 2016: Integration in the Home (For Less Than $50), Internet of Th...
WSO2Con EU 2016: Integration in the Home (For Less Than $50), Internet of Th...
WSO2
 
WSO2Con EU 2016: WSO2 IoT Server: Your Foundation for the Internet of Things
WSO2Con EU 2016: WSO2 IoT Server: Your Foundation for the Internet of ThingsWSO2Con EU 2016: WSO2 IoT Server: Your Foundation for the Internet of Things
WSO2Con EU 2016: WSO2 IoT Server: Your Foundation for the Internet of Things
WSO2
 
WSO2Con USA 2017: IoT in Airline Operations
WSO2Con USA 2017: IoT in Airline OperationsWSO2Con USA 2017: IoT in Airline Operations
WSO2Con USA 2017: IoT in Airline Operations
WSO2
 
WSO2Con USA 2017: Is It Time to Update My Open Source Strategy?
WSO2Con USA 2017: Is It Time to Update My Open Source Strategy?WSO2Con USA 2017: Is It Time to Update My Open Source Strategy?
WSO2Con USA 2017: Is It Time to Update My Open Source Strategy?
WSO2
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
WSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
WSO2
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
WSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
WSO2
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2
 
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and ApplicationsWSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2
 
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Contenu connexe

Plus de WSO2

Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 

Plus de WSO2 (20)

Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and ApplicationsWSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Dernier (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

WSO2Con ASIA 2016: Your Path to IoT & Mobility with WSO2

  • 1. WSO2 Enterprise Mobility Manager (EMM) 2.0 Dilshan Edirisuriya Senior Software Engineer WSO2
  • 2. Agenda • Enterprise Mobile Device Management Overview • Key Challenges Faced by Organizations • Need for Mobile Device Management • EMM Architecture and Features • CDMF Architecture and Features • Demo • Platform Features
  • 3. Enterprise Few Years Back Employees Enterprise Data Device Work • Carried out inside a place • Dependent on specific technology • Resources Within the premise Owned by enterprise Device
  • 4. Enterprise Now Enterprise Device Data Work • Independent of place • Independent of technology • Resources Within the premise and outside Owned by enterprise and employees Data Employees
  • 5. Challenges Enterprise Data Employees Device Data Employees working out of the office with mobile devices and cloud services to perform business tasks.
  • 6. Challenge - Data Security How data can be compromised ? Device being lost or stolen Malicious applications stealing data Data leaks What is data ? Email message or the attachments Documents like pdf, word, excel, ppt, text files Browser accessing HTML pages with cookies Contacts, calendars and notes Application with databases Why data is sensitive ? It can be highly confidential like quotation value, salary details etc. It can have a high impact if it goes to the wrong person Who can compromise ? External Internal
  • 7. Challenge - Monitor Devices • What to monitor (location, root check, malicious apps, bandwidth usage etc.)? • To what extent? • A threat to employee privacy?
  • 8. Challenge - Enterprise Application Development & Management
  • 9. Challenge - Legacy Back End System Integrations • Legacy backends are not mobile friendly. • Adheres to older protocols and standards. • Only compatible with older mobile technologies. Eg: MIDlets.
  • 11. Enterprise Data Employees Devices AndroidiOS Windows 8Blackberry COPE Corporate Owned Personally Enabled BYOD Bring Your Own Device Phones Tablets Laptops CYOD Choose Your Own Device Device Ownership
  • 12. How EMM addresses Data Security • Device level • Application level
  • 13. Data Security - Device Level Data Security Enforce Password Policy Encrypt Device Data Remote Device Management Monitor Device (location, battery) Configure device(Email, VPN) Control Device (Enable/Disable Camera) Update OS, Install & Uninstall App
  • 14. Data Security - Application Level MAM gets you a step closer to managing what you care about MAM brings the perimeter closer to the corporate resources Data is protected Application can be controlled remotely
  • 15. MAM Controls Application Behavior • Encrypt the data at transmit. Eg: Uses app VPN tunnel or app tunnel. • Encrypt the data at storing & decrypt only when viewing. • Two factor authentication. • Data Loss Prevention - DLP (disable cut, copy and paste). • Policy based data control, where policy can be pushed and updated.
  • 16. Solution - Enterprise Application Development & Management Data COPE BYOD 1 3 2 4 Data Security Remote Device Management Enterprise Store
  • 17. Decision for CIOs or IT Managers Allow mobility in my business? Allow employees to use their device ? Allow business partners, distributors to use their device ? Allow them access corporate resources? To what extent?
  • 19. Drafting a BYOD Policy • What devices are permitted? • Supported features and boundaries for device types. • Ownership and permissions to applications and data. • Policy violation criteria and actions. • Employee exit strategy. • Prompt for approval.
  • 21. Key Components • Connected Device Management Framework (CDMF) • Mobile Device Management (MDM) • Mobile Application Management (MAM)
  • 23. Connected Device Management Framework (CDMF) Cont. • Device Management • Operation Management • Application Management • Policy Management • Compliance Monitoring • Configuration Management • License Management
  • 24. Connected Device Management Framework (CDMF) Cont. • API Management • Certificate Management • Identity Extensions • Web Application Authenticators • Notifications • User Management • Permissions
  • 25. Connected Device Management Framework (CDMF) Cont. Devices Operations Applications Policies Monitoring Configurations Licenses API Management Certificate Management Identity Extensions Authenticators Notifications Permissions
  • 27.
  • 28.
  • 31. Notification Method - App Push & Silent
  • 32. Mobile Device Management Features • Self-service device enrollment and management with end-user EMM Console for iOS, Android and Windows devices. • Integrates to enterprise identity systems for device ownership: LDAP, Microsoft AD • Policy-driven device and profile management for security, data, and device features (Camera, Password Policy) • Deploy policies over-the-air (OTA).
  • 33. Mobile Device Management Features • Compliance monitoring for applied policies on devices. • Role-based access control (RBAC) for device management. • Securely wipe enterprise configurations from Enterprise wipe. • Track locations of enrolled devices. • Retrieve device information.
  • 34. Mobile Device Management Features • Facilitate device-owner operations such as registering and unregistering devices, installing, rating, sorting mobile apps, etc.
  • 35. Mobile App Management • Supports App management. • App approval process through a lifecycle. • Provision and deprovisioning apps to enrolled devices. • Provision apps to enrolled devices based on roles. • Provision apps to multiple enrolled devices per user.
  • 36. Mobile App Management • Retrieve list of apps. • Install new apps and update existing apps on iOS devices via REST APIs, enabling automation of application installation/updates for third party systems/vendors. • Install Web Clips on devices. • Enterprise App Store. • Discover mobile apps through an Enterprise App Store.
  • 37. Mobile App Management • Self-provisioning of mobile apps to devices. • Rating and Sorting Applications.
  • 38. Device and Data Security • Multi-tenancy to ensure data isolation across all tenants. • Enforce built-in security features of passcode and encryption. • Encryption of data storage. • Device lock and reset. • Managed APIs to perform administrative functions. • Ring and GPS to locate device remotely if lost/stolen.
  • 39. Demo
  • 40. Email configurations <EMM_HOME>/repository/conf/axis2/axis2.xml <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender"> <parameter name="mail.smtp.from">cdm.wso2@gmail.com</parameter> <parameter name="mail.smtp.user">cdm.wso2@gmail.com</parameter> <parameter name="mail.smtp.password">wso21234</parameter> <parameter name="mail.smtp.host">smtp.gmail.com</parameter> <parameter name="mail.smtp.port">587</parameter> <parameter name="mail.smtp.starttls.enable">true</parameter> <parameter name="mail.smtp.auth">true</parameter> </transportSender>
  • 41. Change config.json file • <EMM_HOME>/repository/deployment/server/ jaggeryapps/emm-web-agent/config • <EMM_HOME>/repository/deployment/server/ jaggeryapps/emm/config
  • 42. Change cdm-config.xml file • Change LBHostPortPrefix in <EMM_HOME>/ repository/conf
  • 43. Enroll Email Dear Dilshan, You have been registered to WSO2 MDM with following credentials. Domain: Username: dilshan Password: LbmS82 Below is the link to enroll. https://192.168.1.5:9443/emm-web-agent/enrollment Best Regards, WSO2 MDM Team. http://www.wso2.com
  • 45. iOS Features • Self-service device enrollment and management with end-user EMM Console via iOS Agent or Web interface for versions up to iOS 9 SDK. • Facilitate remote notifications via Apple Push Notification Service (APNS). • Support for iOS 9. • Device Tracking. • Configuring cellular network settings. • Device profile management.
  • 46. iOS Features • Retrieving device info. • Device lock • Restricting device operations. • Automatic WiFi configuration. • Set up AirPlay • Set up restrictions • Enterprise WIPE • Set up APN
  • 47. iOS Features • Setup LDAP. • Setup email accounts. • Set up CalDav • Calendar subscription • Passcode policy • Clear passcode • App installation and update • Retrieve app list
  • 48. iOS Features • Web clip installation • Supports App management • Setup email accounts
  • 49. Android Features • Self-service device enrollment and management with end-user EMM Console via Android Agent (Android 4.0.3 Ice Cream Sandwich MR1 up to 5.0 Lollipop). • Supports App management. • App policy compliance monitoring. • Device location tracking. • Retrieving device info. • Changing lock code.
  • 50. Android Features • Restricting Camera. • OTA WiFi configuration. • Enterprise WIPE. • Configuring encryption settings. • Passcode policy configuration and clear passcode policy. • Device master reset • Mute device • Ring device
  • 51. Android Features • Send messages to the device. • Install/uninstall store and enterprise applications. • Retrieve apps installed on the device. • Install web clips on the device. • Support GCM/LOCAL connectivity modes.
  • 52. Windows Features • Self-service device enrollment and management with end-user EMM Console via Workplace (Windows 8.1). • Passcode policy • Restriction on camera. • Encryption settings • Retrieve device info. • Device Lock and Lock Reset • Ring device • Data Wipe
  • 53. GitHub Repositories • Connected Device Management Framework https://github.com/wso2/carbon-device-mgt • Device management plugins https://github.com/wso2/carbon-device-mgt- plugins • Enterprise Mobility Manager https://github.com/wso2/product-mdm