Advanced Administration: Kaseya BYOD Suite

Advanced Administration: BYOD

Jonathan Foulkes VP of Mobile Product Management

Copyright ©2014 Kaseya 1

The information in this presentation is confidential and proprietary to Kaseya and may not be disclosed or distributed without the prior written permission of Kaseya. This document, and any related presentation, as well as Kaseya's strategy, possible future developments, products, platforms, directions and/or functionality are all subject to change without notice at Kaseya’s sole discretion. The information in this document does not constitute a commitment, contract, promise or legal obligation to deliver any material, code or functionality. This document is provided without warranty of any kind, either express or implied, including but not limited to, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. This document is for informational purposes only and may not be incorporated into a contract. All forward-looking statements, including those set forth in this presentation, are subject to various assumptions, risks and uncertainties that could cause actual results to differ materially from projections. Readers are cautioned not to place undue reliance on such forward-looking statements, and specifically, not to rely upon such in making purchasing decisions.


BYOD Recap

Add-on enabling secure mobile access to enterprise resources

Secure containers

On-prem Gateway & Cloud Services


Browser Docs Mail

BYOD Elements


Setting up data sources

Define the sources users may reach

– For web-based systems

– For document sources

– For mail

Segment based on AD groups


Site Menu


Tunneled Site Setup


Segmenting with AD groups


Mobile View


Browser-related Tips

Want to let them type their own URL?

– Add a page that shows a text field

– Redirect page to that URL on submit

Leverage single-sign-on

– Set target sites to use NTLM auth as an option

– Reduce creds exposure, as not typed on mobile


Working With The Proxy List

Proxy list – white list of targets the Gateway will route mobile requests to

– Enforced at both mobile and Gateway

Auto-built via Site tab, but admin can edit

– Why?

• Site A (in proxy list) links site B (not there) – Fail

• Use wildcards (CIDR)

– Route locked-down public addresses


Document Sources

What sources?

– Most WebDAV-capable systems

• IIS, SharePoint

• Network Attached Storage systems

• Cloud CMS

Ideally, NTLM auth set

– Single-sign-on


Doc Source list


Mobile View


Defining A Doc Source


Permissions


Docs-related Tips

Leverage IIS as WebDAV server to publish shared folders

– Test access and config via Explorer

KISS - Let the server do trimming

Leverage single-sign-on

– Set target servers to use NTLM auth as an option

– Reduce creds exposure, as not typed on mobile


Direct vs. Relay

What is ‘Direct’ for?

– Typical DMZ-style deployment

– Bypass the relay

How:

– Network tab - check direct

– Set external name and port

– Turn OFF relay


Logs Are Your Friend

Four primary logs

– Gateway – start, stop, auth, comms

– Panel– Local UI, not really interesting

– Portal – Siteinfo, policy, locally served content

– Proxy – proxied requests


Log Content

Standard Apache log format

– Consume in your favorite log-munger

Determine who is accessing what

– Or if they are getting errors, rejections (auth?)

Gateway log is a pretty good network line monitor ;-)


Log Levels

Set in byodgateway.ini

– Only use Debug on test systems with limited access – very verbose

# Logging level for gateway error log - CRITICAL/ERROR/WARNING/INFO/DEBUG

service_loglevel = INFO


Summary

Connect the right users to the right sources

Integrate with AD for security and simplicity

Leverage logs for insight and troubleshooting



Questions and Answers Thanks for Attending Kaseya Connect

#KaseyaConnect Let's Share!

Advanced Administration: Kaseya BYOD Suite

Technology

Transcript of Advanced Administration: Kaseya BYOD Suite