1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier...
Transcript of 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier...
![Page 1: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/1.jpg)
MakeEvery
MomentCount
2016ConnectThe Premier Social Business and Digital Experience Conference
#ibmconnect
1130 – IBM Mobile Connect Real World Usage Scenarios René Winkelmeyer, midpoints GmbH Sun, 31 Jan 2016
![Page 2: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/2.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Agenda
• IBM Mobile Connect at a glance • Scenario “Configuration for IBM Traveler (and others)” • Security considerations – Certificate based authentication • Security considerations – MDM integration
![Page 3: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/3.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
About me
IBM Advanced Business Partner IBM Design Partner (Notes Domino, Mobile, Verse)
Apple Enterprise Developer and MDM Group Member Samsung Enterprise Alliance Partner
Worldwide Service Offerings - Enterprise Mobility - Mobile Device and Application Management - IBM Traveler and IBM Mobile Connect implementation + custom addon products
René Winkelmeyer Head of Development
![Page 4: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/4.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
About me Reach out any time
Skype / Twitter / LinkedIn => muenzpraeger
Web https://blog.winkelmeyer.com http://www.midpoints.de
Mail [email protected] [email protected]
René Winkelmeyer Head of Development
![Page 5: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/5.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
What is this session about? • Enhancements and new configurations of IBM Mobile connect
to make your live easier.
• If you look for a starter guide please check out my slides from Lotusphere 2012 and 2013.
![Page 6: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/6.jpg)
MakeEvery
MomentCount
2016ConnectThe Premier Social Business and Digital Experience Conference
#ibmconnect
IBM Mobile Connect at a glance
Latest version of this slidedeck is available on https://slideshare.net/muenzpraeger
![Page 7: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/7.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Mobile Connect – Specifications • Current version:
§ 6.1.5.2
• Server § Windows - 2003/2008/2012 Server § Linux – Red Hat Enterprise & SuSE Enterprise Server § AIX
![Page 8: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/8.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Mobile Connect – Specifications • Mobility (VPN) Clients
§ Microsoft Windows 2000, XP, Vista, 7 § OS X § Linux (Red Hat, SuSE, Novell) § Windows Mobile inkl. 6.5, Symbian (ausgewählte Devices), Palm § Android
• Browser § IE, Firefox, Safari, Chrome
![Page 9: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/9.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Mobile Connect – Capabilities • VPN gateway
§ Clients are available for Windows, Mac, Linux, Android
• WiFi gateway
• Clientless gateway § HTTP access, like browsers or mobile apps Focus
![Page 10: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/10.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Reverse Proxy – why and how? • A Reverse Proxy acts as a tier between a requester (i. e.
browser) and a backend system.
• In contrast to a Forwarding Proxy a Reverse Proxy acts on behalf of the web server.
• The Reverse Proxy forwards the incoming request to the backend system and sends the response back to the user.
![Page 11: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/11.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Reverse Proxy – why and how?
Backend system Reverse Proxy
![Page 12: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/12.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
What is a Secure Reverse Proxy? • Defined endpoint for encrypted communication between
external clients and internal systems.
• Central authentication and Single-Sign-On for all connected backend systems.
• Access authorisation for the connected backend systems.
![Page 13: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/13.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Mobile Connect as Secure Reverse Proxy • Single-Sign-On using username/password or certificates for
IBM backend systems
• Authentication sources are Domino LDAP or Active Directory
• Single URL access
• Automatic IBM Traveler Pool assignment
![Page 14: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/14.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Infrastructure scenarios
Traveler
Sametime
Connections
HTTPS HTTP(S)
External URL: https://mobile.midpoints.net /traveler
/chat /social Backend
systems
Secure Reverse Proxy
![Page 15: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/15.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Infrastructure scenarios
Domino Mail
Domino Mail
Domino Mail
Traveler 1
Traveler 2
Traveler 3
HTTPS
Notes
HTTP(S)
External URL: https://mobile.midpoints.net/traveler
IBM DB2 / MS SQL
IBM DB2 / MS SQL
DB2/SQL
Traveler HA Service Pool
Secure Reverse Proxywith Load Balancing
and Failover
![Page 16: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/16.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Why IBM Mobile Connect – and not others? • Native integration for all IBM Collaboration products
• Up-to-date TLS stack
• Scaling – one server can handle 10k parallel accesses
• MDM integration
• IBM support
![Page 17: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/17.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Remember Domino and SHA2?
![Page 18: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/18.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Mobile Connect – Components • Connection Manager
§ The IMC Connection Manager is the main component. He forwards the client requests to the backend systems.
• Gatekeeper § A Java-based administration client for IMC. Can be installed on
the same or another system as the Connection Manager.
![Page 19: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/19.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Mobile Connect – Components • Access Manager
§ Gets installed with the Connection Manager on the server. It is responsible for pushing the configuration changes (from the Gatekeeper) to the internal used database. It also updates the Connection Manager dynamically.
![Page 20: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/20.jpg)
MakeEvery
MomentCount
2016ConnectThe Premier Social Business and Digital Experience Conference
#ibmconnect
Scenario “Configuration for IBM Traveler (and others)”
![Page 21: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/21.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Traveler and IBM Mobile Connect • Mobile mail access is a critical component nowadays in every
environment. So is Traveler.
• Different environment setups are possible for Traveler § Standalone setup § High Availability with one or multiple pools
![Page 22: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/22.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Traveler – Pool definition / challenges • A “Traveler pool” is the logical combination of multiple Traveler
servers that share the same backend database. § A single pool can serve up to 10k devices. § The Traveler servers handle load balancing internally.
• Different setups are possible, like splitting pools by device type, user region and more. § Without a centralized proxy all will have different entrypoint
URLs.
![Page 23: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/23.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Traveler – How IBM Mobile Connect helps • IMC has four main features that improve the Traveler
experience. § Defined proxy rules for Traveler access § Session assignment § Single URL support § Automatic Server/Pool assignment
![Page 24: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/24.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
![Page 25: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/25.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IMC workflow (simplified) Authenticated user connects
Check if Pool assignment is active
Validate user LDAP attribute
set not set
assign don‘t assign
![Page 26: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/26.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Automatic Server/Pool assignment configuration • Define within a http-access service which LDAP attribute
should be queried
![Page 27: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/27.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Automatic Server/Pool assignment configuration • An “Application server pool” is a dedicated resource type
![Page 28: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/28.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Automatic Server/Pool assignment configuration • A “Pool configuration” contains one or multiple backend host
names.
![Page 29: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/29.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Automatic Server/Pool assignment configuration • One or multiple strings can be added for the automatic pool
assignment. The value must match the content of the LDAP field.
![Page 30: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/30.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Automatic Server/Pool assignment configuration • Multiple server pools can be defined.
![Page 31: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/31.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Automatic Server/Pool assignment configuration • Activate the application server pool usage in the http-access
service
![Page 32: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/32.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Adding more apps • Besides Traveler all ESS backend systems are supported with
specialized URL and content handling § i. e. URL rewriting of transmitted content
• Delivers perfect integration including SSO capabilities § IBM Connections § IBM Connections Chat § IBM Domino
![Page 33: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/33.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Adding more apps • Simplified by application specific identifier.
![Page 34: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/34.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Summary • The built-in capabilities help to deliver a streamlined
administrative experience.
• Hassle-free connection to IBM ESS backend systems. § LTPA1 and LTPA2
![Page 35: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/35.jpg)
MakeEvery
MomentCount
2016ConnectThe Premier Social Business and Digital Experience Conference
#ibmconnect
Security considerations – Certificate based authentication
![Page 36: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/36.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Certificates? Certificates! • A high level of security can be achieved by using certificates for
authentication.
• Certificates are a common practice for verifying clients and servers. The latter one is mostly known as “SSL hostname authentication”. § Companies are moving more and more to client certificate based
authentication for different services. § Domino companies should be familiar with that… ;-)
![Page 37: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/37.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Why to setup IBM Mobile Connect for this? • Achieve a higher level of security by using certificate based
authentication for your critical data. § Different setup scenarios are available.
• Remove the need of using passwords – make it easier for your users. But only if you want.
![Page 38: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/38.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IMC workflow (simplified)
Client presents certificate
2FA
IMC validates public key and validity
LDAP
Subject string check
SSO
![Page 39: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/39.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Configuring Certificate based authentication • The standard authentication process leverages an username/
password combination.
![Page 40: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/40.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Configuring Certificate based authentication • Add 2-Factor-Authentication by enforcing additional password
usage. § Can be enriched with user id check
![Page 41: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/41.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Configuring Certificate based authentication • Trust your certificates and resolve the username based on
certificate criteria.
![Page 42: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/42.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Configuring Certificate based authentication • Additional security/alternatives can be added using a custom
string match.
![Page 43: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/43.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Summary • Certificate based authentication enhances your backend
applications security.
• Different setups allow to leverage it as you need it.
• Certificate deployment options need to be revisited. § Not all IBM ESS apps support certificate based authentication
(yet).
![Page 44: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/44.jpg)
MakeEvery
MomentCount
2016ConnectThe Premier Social Business and Digital Experience Conference
#ibmconnect
Security considerations – MDM integration
![Page 45: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/45.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
What is MDM? • Mobile Device Management (MDM) is used to manage devices
and applications in your mobile workforce § Lots of companies still don’t use a MDM. And you?
• Allows remote device configuration, data and device deletion, app deployment and much more.
![Page 46: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/46.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Why MDM integration for IBM Mobile Connect? • A Reverse Proxy authenticates only the user – not the device.
So no control if “unmanaged” devices can access internal resources. § Jailbroken/rooted devices § Data Loss Prevention
![Page 47: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/47.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IMC / MDM integration infrastructure
Domino Mail
Domino Mail
Domino Mail
IBM Notes Traveler MDM
HTTPS
Notes
HTTP(S)
External URL: https://mobile.midpoints.net/traveler https://mobile.midpoints.net/connections
Services
IBM Mobile Connect IBM Connections
![Page 48: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/48.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
How does the MDM integration work? • Depending on the incoming request different values are
evaluated. § Traveler identification is determined by the submitted sync device
id in the URL call. § IBM ESS apps are sending custom headers with their
authorization requests. Those headers are set via MDM.
• Custom access definitions, like “allow” or “deny”, are then applied.
![Page 49: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/49.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IMC workflow (simplified)
User is authenticated
allowed
Device information is extracted
not allowed
Device is validated via MDM interface
access no access
![Page 50: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/50.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Configuring MDM integration • “MDM Integration” is a separate resource type
![Page 51: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/51.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Configuring MDM integration • Validation results (and outcome) are configurable.
![Page 52: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/52.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Configuring MDM integration • Enhanced checks are available like compliance re-validation
and user mapping.
![Page 53: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/53.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Configuring MDM integration • Custom “tokens” can be used for different setups on the same
vendor.
![Page 54: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/54.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
IBM Mobile Connect configuration • Besided tight security you can also go a little bit loose.
§ Great for migration scenarios.
![Page 55: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/55.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Available MDM integrations
![Page 56: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/56.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Summary • MDM integration enhances the security by adding an additional
layer of security.
• Different setup scenarios are available to fit your organizations needs.
![Page 57: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/57.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
57
![Page 58: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/58.jpg)
MakeEvery
MomentCount
2016ConnectThe Premier Social Business and Digital Experience Conference
#ibmconnect
![Page 59: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/59.jpg)
MakeEvery
MomentCount
2016ConnectThe Premier Social Business and Digital Experience Conference
#ibmconnect
![Page 60: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/60.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Acknowledgements and Disclaimers Availability. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates.
The workshops, sessions and materials have been prepared by IBM or the session speakers and reflect their own views. They are provided for informational purposes only, and are neither intended to, nor shall have the effect of being, legal or other guidance or advice to any participant. While efforts were made to verify the completeness and accuracy of the information contained in this presentation, it is provided AS-IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this presentation or any other materials. Nothing contained in this presentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results.
![Page 61: 1130 – IBM Mobile Connect Real World Usage …...Make Every Moment Count Connect2016 The Premier Social Business and Digital Experience Conference #ibmconnect 1130 – IBM Mobile](https://reader033.fdocuments.in/reader033/viewer/2022041704/5e4362edecae5260ff4b705f/html5/thumbnails/61.jpg)
2016ConnectThe Premier Social Business and Digital Experience Conference
Ma
ke Every Mom
ent Coun
t
Acknowledgements and Disclaimers cont. © Copyright IBM Corporation 2015. All rights reserved.
• U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
• IBM, the IBM logo, ibm.com, IBM Domino, IBM Sametime, IBM Connections are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml
“Maas360” is a trademark of Fiberlink Communications Corporation.
Other company, product, or service names may be trademarks or service marks of others.