Marco Nielsen at myITforum.com

Celio REDFLY now supports Blackberry

After many rumors, videos, announcements and a period of time, the Blackberry support is now publically available. It appears a firmware upgrade is necessary (which requires a Windows Mobile device) and only select Blackberry devices are supported here in beginning. But I think it is great that you can now leverage it across platforms! And can see on the forums that Windows Mobile 6.5 and Android support is not far behind!  Although I’m questioning why the original C8 owners are left sorta out in the dark..

“The REDFLY Mobile Companion is now compatible with select BlackBerry smartphones. REDFLY-supported phones at the time of launch are the Blackberry Bold 9000, BlackBerry Curve 8900, and the BlackBerry Tour 9630. Celio plans to support additional BlackBerry smartphones in the future as new phones are released.

The BlackBerry driver is offered free of charge to both existing and new REDFLY Mobile Companion model C8N and C7 owners.

If you have a REDFLY that was purchased before Nov 1, 2009 and you want to connect it to a supported BlackBerry smartphone, you will first need to update the REDFLY's firmware using a Windows Mobile phone in order for it to become "BlackBerry aware." Once the REDFLY firmware has been updated, it will connect to either a supported BlackBerry or a Windows Mobile phone interchangeably. REDFLY Mobile Companion units purchased after Nov 1, 2009 ship with the latest firmware and can connect directly to a BlackBerry without needing a firmware update.”

Go here for more information..

|\\arco..

Windows Mobile 6.5 Upgrades – October 14, 2009

As I mentioned last week due to the public release of Windows Mobile 6.5, aka Windows Phone, I wanted to pick up where I left off with my previous popular postings on the public Windows Mobile 6.1 upgrades available for devices..

Many of these are not released yet, but due to the 6.5 marketing efforts some approximate release dates are being made public.  As they are released I will attempt to collect the links as I did previously with the Windows Mobile 6.1 upgrades. This time around Microsoft is also helping and providing their own official upgrade list here..

|\\arco..

Step-by-Step Introduction to Microsoft® My Phone

Together with the many announcements this week on the new Windows phone (aka Windows Mobile 6.5) there was also an announcement about the updated public release for the My Phone cloud service for Windows Mobile devices.

I will take a quick step-by-step view on the product and it’s features. I will attempt to use lots of screen shots so you have a good feeling on how the product works and operates. At the end I will state some observations from the corporate and consumer sides on the product.

History and Background

First a little history. Codenamed “SkyBox”, it was first publically announced way back on February 16, 2009 together with Marketplace (codenamed “SkyMarket) and Windows Mobile 6.5 at Mobile World Congress 2009 in Barcelona Spain.

As described by Mary-Jo Foley on February 3, 2009, the current launch release does appear to be “SkyBox v1.5” she described way back then. So the vision and features she described behind “SkyBox v2.0” might indeed show the light of day with the next release of Windows phone (aka Windows Mobile 7.0).

Much of the technology behind My Phone is believed to be from the acquisition in June 2008 that Microsoft made of the Portuguese company called MobiComp. This can also be confirmed by viewing the location field in the product team’s blog. :-)

Also back in 2008, Microsoft Live Mesh, appeared to be the cross-platform synchronization solution that would take data from/to mobile devices. The direction with Microsoft My Phone today appears to make a distinct path away from Live Mesh, at least where the Windows Mobile devices are concerned..

What does it do?

Microsoft My Phone provides a free backup and restore mechanism for Windows phone/Mobile devices.

The default settings will synchronize your contacts, calendar appointments, tasks, photos, videos, text messages, songs, browser favorites and documents between your phone and your My Phone web account.

From the password-protected web site (Windows Live ID driven) you can organize contacts and appointments on your phone, and search through your old text messages. Changes appear on your phone the next time you sync.

Please go here for more details.

New Features

Since the first early limited beta access in February 2009 to the public beta in May 2009 much of the feature set remained the same. With the Windows phone launch announcement on October 6, 2009, several new features where announced (as quoted from the e-mail announcement):

Share photos on popular social networks

“With just a few clicks, you can post photos to Windows Live, Facebook, MySpace and Flickr from the My Phone online portal or directly from your phone.”

Find your missing phone

“My Phone can show you the last known location of your phone on a map.  To activate this feature, select "Send phone location" in your phone's My Phone settings.  Not available in all markets.”

Premium features

“My Phone can help you secure a lost phone using new Premium features.  You can lock or post a message on your phone from the web.  Or, if you know the phone is gone for good, you can use My Phone to erase all your personal information so it doesn't fall into the wrong hands.  For a limited time, you can try these features for free, so be sure to check them out.  Premium features are not available in all markets.”

Important to note from the launch announcement, that several features are currently available only in the United States at this time:

“The My Phone Premium package includes the ability to immediately locate the phone’s current location on a map (in the U.S. only)”

“Windows Mobile 6.0, 6.1 or 6.5 can access the premium package free of charge until Nov. 30, 2009. After that date, seven-day access to the premium package will be available for purchase for $4.99 in the U.S.”

Upgrade

The upgrade process from my previous version was fairly seamless and mandatory if I wished to continue the free service. A reboot of the device was necessary to complete the upgrade installation.

New Installation

If not already present on your device (from your OEM or Mobile Operator) a new application installation on a device can occur in several ways:

- Accessing http://myphone.microsoft.com directly on the device or desktop/notebook, can lead you to the Microsoft site where it can send you a text message with the download link.

- Accessing http://myphone.microsoft.com\install directly on the device, and download it directly onto the device.

- Accessing Windows Marketplace for Mobile and download the free application to your phone.

After the installation when you start up the application for the first time, you will see screens like these to setup and configure your device:

After you hit Finish, a manual synchronization process will take place with the selected data types.

Menu and About

The main menu options, and the version tested is 01.05.2128.0401.

If you hit the “Sync” option to the bottom left you will activate a manual synchronization.

Now some quick screen shots of each of the main menu options.

Sync Details

Show changes made and useful information such as total size and date/time of last synchronization.

Synchronization processes continue in the background (wonderful multitasking features Windows Mobile continues to have isn’t it?).

Sync Options

Please notice that if you have an ActiveSync configuration to an Exchange server or using Windows Live for e-mail the Contacts and Calendar options will not be available for selection.

Please notice the new “Current location” option that can be selected, compared to the previous My Phone release.

Sync Schedule

Share Photos

The new Share menu option lets you select a picture on the device and send it through the configured e-mail or Text messaging.

The Social Networks options supports 4 social services at this time:

The Flickr feature alone could make other 3rd party add-on applications obsolete depending on the features and be another value to using My Phone.

Account Options

Give you a basic fare of account options.

Microsoft My Phone Backend

But the real magic is now on the new backend. After you signing to your account using your Windows Live ID at http://microsoft.com/myphone and click on “Connected phones”, and out for the icon for your phone click on “Locate your phone”. This new screen appears:

Clicking the “Get started” link for the brings up a 2-step process to sign up for the new Premium Features:

After input of the phone number and a few brief seconds of magic (with no new text message announcements on the phone), it appears it was happy and announced i was confirmed:

Please note that the free trial of the Premium Features is available per device you are using with the free service. Going back to the previous page, I now see usage options for the new features. Take note of the limited number of free usages and the short 7 day trial period. Is there a reason why it couldn’t be a tad longer, like 14 days?

Locating your phone

Even in the free My Phone services, locating your phone can be performed. However this is using the last synchronization data, either automated or manual.

As part of the Premium Features you can poll the device location on-demand. It appears this is using text messages. Most likely OMA DM type messages.

Once you do have a GPS coordinate synchronized in My Phone with the back-end server(s) you will see a active link and last known location:

Location Issues

An ongoing problem with many devices today is the reliability of the public available GPS, especially in-doors where it was never designed to function. :-)  Many applications are now using hybrid solutions using Mobile Operator/Carrier tower triangulation, or the currently connected tower location. Battery consumption when having GPS enabled also continues to be a problem with the power usage and battery technology available in the devices on the market. Although that is starting to change with better A-GPS chipsets, LCD/LED screen and CPU designs.

It appears that My Phone is dependant on a good GPS signal at the time of the synchronization or the on-demand Premium functionality, so you may have some issues until that falls into place.

I would advise to seek help from the OEM or Mobile Operator where you received your device from if you have general GPS issues or questions.

Microsoft My Phone Limitations

The main basic limitation is the support for down-level Windows Mobile operating systems. So you will need Windows Mobile 6.0 or above to use the device application and cloud service.

For the free services, there is not much to point out limitation wise:

- There is a 200Mb limit of storage per account for all data of any kind (text, docs, pictures, storage card etc).

If you do select to backup the contents of the storage card, or have a large number of pictures, the 200Mb limit may be a bit tight understandably. There is also no flexibility at this time to specify certain folders or file filters.

I can only hope that Microsoft will work on increasing this 200Mb limit as the product matures. Think of Hotmail when it first started, and the high limits we have today. :-)

- As to the maximum number of devices you can “connect” to on your same My Phone account, I’m unsure.

I’m personally currently up to 5 different devices and no complaints. :-)

- Data transfer. No limitation from the application side, your Mobile Operator may think otherwise…

Since there currently is minimal flexibility of the selection of on-device content you wish to synchronize you should be aware of any data plan concerns on your device from the Mobile Operator/Carrier side.

May device/plans may have restrictions of the amount of data you can transfer monthly. And if you are roaming and/or travelling internationally you might to seriously consider to turn off automatic synchronization to save yourself from an enormous bill. 

Microsoft My Phone Paid Features

Apart from the free services currently being offered, the new paid Premium Features is the big news in this round.

Depending on the final pricing structure (USD $4.99/month?) the features currently available may appeal to certain consumers who don’t have corporate e-mail (like Exchange) and want to have similar remote-wipe capabilities. The phone location feature of course could appeal to any parent of children, family or small-sized companies. And the ring and lock features could pay for itself quite rapidly in my mind.

I would also hope that the paid services won’t have any of the advertisement banners that the freebie My Phone web site has after you sign-in.

Microsoft My Phone Paid Features – Ring your phone

I was impressed with this feature, since I validated it even if your ringer is off, once activated it will turn on the ringer!

On the device itself, a visual notification will also appear:

Microsoft My Phone Paid Features – Lock your phone

This Premium feature has some nice additional features to customize the activity with a PIN and custom message which will be used on the phone:

Please note that there is a 52 character limit.

On the phone itself this is what it looks like:

These are the screen shots if you enter in the wrong unlock PIN code:

For a deeper explanation of the custom “unlock screen” My Phone has now enforced on the device, please see Andreas Helland’s article here.

A confirmation on the Lock displays on your account screen:

Once the phone is unlocked with the right code, it appears a reboot was enforced on my test device. Possibly to undo the Unlock screen that was enforced..

Microsoft My Phone Paid Features – Erase your phone

This feature is pretty self explanatory, but one nice feature is that you can mandate a final My Phone synchronization before the remote wipe happens.

Once erased your device will also no longer show up in your “Connected phones” page on your My Phone login.

Enterprise Concerns & Solutions

The Microsoft My Phone service is very consumer oriented and driven towards features consumers would use and like. However many of these features could be very appealing for corporate users and IT administrators alike. 

With ActiveSync enabled on the device, the Contacts and Calendar options are not available for My Phone synchronization and assumed safely stored on the server side. Although the thought of corporate documents and text messages (or even links, if intranet access is available) placed on a 3rd party server with no corporate supervision or access will have most corporate security staff antsy and concerned. So the recommendation there is to have a Device Management solution in place and block the ability to run/install Microsoft My Phone on your corporate assets.

Even with the upcoming Exchange 2010 release and it’s promise of text messaging integration there are still some gaps at this point. Exchange does have the remote wipe feature through ActiveSync, and all the same limitations (device must be connected) apply to either solution (or any for that matter).

Other 3rd party Device Management solutions do have more of the backup features of Microsoft My Phone, of course for a price. However in a corporate setting this additional price could be justifiably due to security, legal and information loss concerns.  One slick new product in particular has many interesting device-backup features (off device AntiVirus and virtualization). Please check out MobileIron if you wish to know more. Sybase iAnywhere Afaria also supplies some enterprise solutions for mobile backup and file transfer.

Regarding location features on the enterprise side, many solutions are out there due to the LBS (Location Based Services) needed by the transportation industry. The Device Management solutions from MobileIron and SOTI MobiControl even have easy to use and powerful mapping features to visual see one or more of your manage devices from a corporate perspective.

The easy to use features of My Phone highlights the needs from the Enterprise side to have similar solutions in the corporate space.

Solutions that compare to My Phone

On the one off, consumer side, there are also some paid utilities with some of the same location and backup features My Phone offers as well.

Sprite Software’s Sprite Backup and Sprite Terminator come to mind. Sprite Terminator actually goes further and provides some additional very cool features. Such as, Remote Lock-Down, SIM Change Alert and Activity Retrieval. Sprite Backup has PC, FTP and SD card backup location features, but no Internet “cloud” storage like Microsoft My Phone..

Apple MobileMe

Of course the similarities to the Apple MobileMe service for the iPhone is there. It has a 60-day free trail and a USD $99/year cost. With that you 20Gb of storage, and a monthly 200Gb transfer limitation. Family Packs are USD $149/year with 4 additional e-mail address and 5Gb of storage each. Additional free for extra 40Gb of space.

The current Apple MobileMe features do appear slightly less flashy however. It covers mainly e-mail, contacts, calendar and pictures and the synchronization of them between the iPhone, Mac/PC and website(s).

Dashwire

The free Dashwire solution has been around since the CTIA conference in 2007 and offers some very mature synchronization features. But it is no longer accepting new users, and appears to shutdown at the end of the year. It provided a great web interface and synchronization of the various data content on your phone. But no location and remote wipe features. I was personally using this before Microsoft My Phone on my Windows Mobile devices.

As recently announce at the CTIA 2009 conference a branded Best Buy Mobile version of the Dashwire technology, now labeled Dashworks Platform was unveiled. It is called mIQ. Here is a promo screenshot:

It appears to provide a similar data content backup/restore functionality, and across several platforms (Windows Mobile, Symbian, Blackberry and soon Android in Q1/2010). But again, no additional features such as remote wipe at this time..

Reference links

Home page:
http://myphone.microsoft.com
Product Team Blog:
http://myphoneteam.spaces.live.com
Forum:
http://social.microsoft.com/Forums/en-US/MyPhone/threads
Twitter:
http://twitter.com/msmyphone

|\\arco..
Oct 11, 2009: Updated with Dashwire information.
Oct 12, 2009: Updated with My Phone map info, and Premium feature details.

Samsung and Enterprise Mobile

This week has the large CTIA Wireless IT show going on in San Diego this year, so of course there is a lot of new information coming out this week on products, services and partnerships. One of which is Samsung who is continuing to announce their commitment to support enterprise mobility in a big way. I believe they remain one of the few handset OEMs going to this extent to bring it all together on their devices and catering directly to the enterprise mobility market space..

• Samsung: Samsung Mobile Announces Comprehensive Commitment to Deliver Support, Innovation and Services to Enterprise Market
• Enterprise Mobile: Samsung Mobile Plans to Work with Enterprise Mobile to Deliver Advanced Mobility Solutions for Enterprise Customers
• Oracle: Samsung to Offer Mobile Access to Oracle, Other Software
• Sybase: Samsung Mobile and Sybase to Deliver Advanced Mobility Solutions for Enterprise Customers
• DiVitas: Samsung, DiVitas Partner to Bring Mobile UC to Windows Mobile Devices
• Agito: Samsung Mobile and Agito Networks Announce Availability of First Server-Based Mobile Unified Communications on Samsung Smart Phones

|\\arco..

Locking down SCMDM servers securely

Just a quick nod to J.C. Hornbeck and Clint Koenig at Microsoft on the great reminder to use the Security Configuration Wizard (SCW) for Windows 2003 templates available in the SCMDM 2008 SP1 Resource Kit – Server Tools download..

This way you can, if required in your production environment, minimize the attack surface of each server role. In particular this could be a good thing to do for the Gateway server sitting on your DMZ.  However, please be aware of any remote server management, backup, or other tools and services that might be required for your environment to function properly..

|\\arco..

Step-by-Step Introduction of Windows® Marketplace for Mobile

As announced way back on February 16, 2009 the new Windows® Marketplace for Mobile was made available to the public today on October 6, 2009 in conjunction with the public availability of Windows® Phone (aka Windows Mobile 6.5).

Likewise the supported devices will be Windows Mobile 6.5 during the launch and later in 2009, Windows Mobile 6.0 and 6.1. On a Windows Mobile 6.5 device (or Device Emulator) I took these screen shots of the upgrade process (due to a down-level 6.5 release I assume) which went quickly and only a relative small download of 686Kb.

With the huge success of the Apple App Store on the iPhone platform and all the other mobile platforms having a similar avenue for the end-user to find, purchase and download software on the device itself. It was all too painful not to have a similar solution on the Windows Mobile platform so I welcome the solution!

Upgrade Process

Upgrade from the http://client.marketplace.windowsmobile.com/ placeholder website:

The version I received was 1.0.2201, and I believe the second update so far:

Application Installation

Purchase and account information is all driven through your Windows Live ID:

A total of 14 different built-in main categories make it easy to find a group of applications you might be interested in. Several sub-categories in most of the main categories as well:

Selecting an application gives you a nice drill down of application information, reviews, and screenshots. Very similar to the Apple App Store.. :-)

Application purchase is easy and provides options for various payment options, either through carrier or credit cards. A Windows Live ID is mandatory:

However, it appears that any purchasing is still unavailable and not ready for prime time.

Choosing “My applications” gives an overview of your apps, and an opportunity to review and rate an application:

An important thing to note is that there is currently no “smarts” behind the application if you already have the application previously installed on your device. Thus currently you can not “manage” your existing applications with the Marketplace for Mobile tool..

Installations are done in the background:

Several installations can be selected and queued up for installation at the same time. However prompts from each application installation may appear as they complete:

However there is no options to select the storage location for each application installation. So by default all installations are taken to the Device memory at this time.

Just like on other mobile platforms Microsoft is granting installation of the purchaser (via their Windows Live ID) on up to 5 devices.

Security

On the developer side there has been some stir on the Anti-Piracy solution Microsoft has announced for developers using the Marketplace for Mobile. Please see the white paper here.  It appears the Advanced protection level will be rolled out in December 2009.

Corporate Impact

So far I’ve been unable to find any corporate angles on the usage of Marketplace for Mobile. To block it completely using your Device Management system of choice the file executable name appears to be" “WMMarketplaceFullClient.exe” in the \Windows directory. There also appears to be a “WMMarketplaceUpdater.exe” that you also might want to block if necessary.

There is also a ClientLog file in the \Windows\Marketplace directory that may be useful in some cases..

I do have some ideas on how the Marketplace for Mobile application could perhaps be made more useful for corporate usage on Windows Mobile devices:

For example:
- Extend Marketplace with a Corporate selection of applications through an .XML file with perhaps pointers to intranet locations of .CAB files. These could be licensed or public links to recommended applications..
- Limit Marketplace to only a Corporate selection as mentioned above.
- Extend functionality, so business applications could be pre-installed and managed with Marketplace ready for end-user usage and updating. Ie. SalesForce.com etc.

Of course I’m not sure how this all would tie into the new Anti-Piracy processes Microsoft has envisioned, but creativity shouldn’t hold us back right?  :-)

Reference Links

Developer Information and Marketplace signup:
http://developer.windowsphone.com/Marketplace.aspx 
FAQ:
http://developer.windowsphone.com/Help.aspx
Support Forum:
http://social.microsoft.com/Forums/en-US/marketplacewindowsmobile/threads 
Developer Forum:
http://social.msdn.microsoft.com/Forums/en/mktplace/threads

|\\arco..

Windows Mobile 6.5 Upgrades – October 6, 2009

On this, the eve of the public release of Windows Mobile 6.5, aka Windows Phone, I wanted to pick up where I left off with my previous popular postings on the public Windows Mobile 6.1 upgrades available for devices..

Many of these are not released yet, but due to the 6.5 marketing efforts some approximate release dates are being made public.  As they are released I will attempt to collect the links as I did previously with the Windows Mobile 6.1 upgrades. This time around Microsoft is also helping and providing their own official upgrade list here.

I welcome comments and feedback to make the list useful for as many as possible. This list is not for the various non-official and non-supported cooked ROMs being made for many devices. My intent is to give assistance to enterprise staff supporting their production environments.

But this could also turn out to be more of an watch list until a confirmed update from a OEM/Carrier. :-)  By no means should this list (until valid links are present) be an official stance of future availability. Most are unconfirmed rumors at this point I’m afraid.. The big CTIA show this week will probably have several announcements and availability statements.

Okay, off we go!

|\\arco..

iPhone 3.1 – Anti-Phishing Feature Non Functional?

I noticed several postings about the failure of the new anti-phishing features supplied in the recent iPhone 3.1 release. What now appears to be known is that it is working as designed, but there is little to no easy avenue for the end-user to confirm that it is working.

An interesting recap of information regarding this ill-understood security feature in OS 3.1 can be found here by Sarah Perez. Referencing the solution as told to Jim Dalrymple by Apple..

The solution is to:

It appears so far that even if you follow the quirky instructions, there is no easy way to confirm that the phishing updates are on the device.

However, after finding some suspected phishing sites over on http://www.phishtank.com, I tried one on my iPhone and I did get the “Warning: Suspected phishing site” warning message. So it would appear that I have mine syncing through iTunes and getting the necessary Safari updates at some point while charging..

As for 3rd party anti-phishing applications for the iPhone, I found one here that looks nifty:
http://quinagh.com/sitecheck/

But all of this begs the question on how you could better manage this in an enterprise environment. Right now this is one security feature that is hit and miss I feel so I hope it will be further updated in future updates..

|\\arco..

Windows Mobile 6.5 Training and Certification

A colleague of mine noticed that Microsoft has updated their public http://www.windowsmobiletraining.com site with new content to support the upcoming launch of Windows Mobile 6.5.

Good be a good resource for support staff to get ramped up before employees start to ask questions about their new Windows Mobile 6.5 devices from their favorite mobile operator or local mobile device store this fall.

Some of the training and certification material is geared towards the retail space for individuals working at mobile stores. Others are geared to Small Business owners. However the content can still be useful to understand many of the new features in Windows Mobile 6.5.

I should also mention that successful completion of each course gives you points that you can use to get various free gifts.

Also the Connection forums over at http://www.windowsmobiletraining.com/Connection/ can be very useful.. Moderator Bill Fisher has setup a dedicated forum for Windows Mobile 6.5 as well here: http://www.windowsmobiletraining.com/Connection/forums/89.aspx.

|\\arco..

Wi-Fi Access above 30,000 Feet

As most people travelling for business you have a desire be to connected as much as possible in this day and age. One place where many are disconnected from the world, and actually refreshing for some, is on aircraft above the skies. Having some down time from the busy schedule of conference calls has kinda been one of the benefits of the jet setting business person.

I just noticed this interesting article link over on John Gormly blog about the comparison of all the current in-flight Wi-Fi solutions on the airplane carriers based in the United States.

Kevin Hall also supplied a nice eye-chart with some of the details:

My interest in learning more was peaked, so I started to dig deeper into the world of in-flight internet connectivity..

Aircell Gogo Services

When I checked the actual Gogo site I noticed some additional new information. In addition to the airlines listed above GoGo also has signed recent contracts with:
United Airlines
Air Canada

The pricing also has a $5.95 for a 1.5 hour flight, $12.95 for a 24 hour pass, and a $49.95 for a 30 day pass.

On the Aircell website it states it has the Gogo service now available on over 500 aircraft.

Row 44

Southwest has 4 planes currently in a trial. It appears federal approval of the technology was just granted on August 6th, 2009. This will put the pressure on Aircell’s Gogo service in North America.

Due to this satellite based service letting the airline set their own pricing to consumers it will be up to the airlines to figure out if they are offer the services for free or a price structure for it.  Of course most would like to see free in-flight Wi-Fi service like we are seeing more and more of on the ground. Time will tell if competition in this area will increase the push for the airlines to make their connectivity services a new highlight to differentiate themselves. I think it will over time. :-)

VoIP and Cell Phones

Even though most airlines state currently no VoIP support (the vendors can support it, so it’s up to the airline carriers), they all state that most VPN connections are supported.  So that begs the test to see if you could use VoIP over VPN on the various airlines. Or perhaps use different TCP/IP ports to enable the VoIP usage depending on the solution being used.

On the Flightglobal site has recently several examples of folks using video conferencing and VoIP. Be sure to check out their “channel” devoted to IFE (In-Flight Entertainment) & Connectivity here. Mary Kirby’s Runway Girl blog also provides an interesting view into the industry.

Power

Now with all of these airlines installing the various vendor equipment to provide in-flight Internet connectivity, where do folks get power for their laptops, phones or other devices? Enabling Wi-Fi is currently not the most efficient way to save battery power on most devices today for your consumable batteries.

As I posted previously, the excellent site called SeatGuru can assist you to book and select the correct seats on any airline. You pick the airline and then the aircraft type. Seats with power outlets are marked with little black dots.  Also see the mobile site if you forgot to check beforehand and will try to barter and swap seats with someone on the plane. :-) For additional detail and other tips see their Ultimate Guide to In-Seat Laptop Power Ports.

Features for the Airlines

Another thing that I believe should be mentioned is that these in-flight systems also bring a list of various operational benefits to the airline carrier. Most bring online real-time weather forecasts, and LiveTV has for example Cabin Surveillance options.

International

In other parts of the world other firms have taken up the in-flight mobile connectivity wave as well. But instead of offering Wi-Fi its more about general mobility connectivity. AeroMobile serves Emirates Airline, Malaysian Airlines and australian Qantas and V Australia. AeroMobile provides GSM voice and text messaging in-flight together with GPRS data services.

OnAir provides a simular GSM based service to a list of more than 10 global and regional airlines. Including Air France, popular low cost european RyanAir, British Airways, British Midland, indian Kingfisher Airlines, brazilian TAM Airlines and TAP Portugal, Royal Jordanian, Qatar Airways and Oman Air. Most being deployed in 2009. OnAir is partly owned by european aircraft manufacturer Airbus. OnAir uses Inmarsat’s geo-stationary satellites to-and-from the networks on the ground, as does the AirCell’s Gogo service.

OnAir also provides a nifty interactive page explaining the equipment usage, location and weight used in their solution. For more such information you can also see some WESA (World Airline Entertainment Association) presentations Mary Kirby has gratuitously posted here.

German Lufthansa is supposedly close to re-signing a new deal using the Ku-band services that is previously used with Boeing’s failed Connexion service. Rumored to be in talks with Panasonic.

Boeing is the grandfather of international in-flight connections back in 2001, but failed to get it off the ground after 9/11 and shutdown their consumer services in 2006.

Does it Work?

Some other references to actual experiences with using Wi-Fi on US airplanes:
http://pogue.blogs.nytimes.com/2009/01/05/the-final-frontier-wi-fi-on-airplanes/ 
Video conferencing and VoIP working on American airlines Gogo equipt aircraft:
http://www.flightglobal.com/blogs/runway-girl/2009/08/video-conferencing-voip-alive.html

|\\arco..

Nokia and Microsoft Global Alliance announced

Very interesting events unfolding in the Microsoft landscape these days with the recent announcement of the Nokia and Microsoft Global Alliance. A bold move for both parties, but perhaps the first of many such agreements as the mobile landscape continues to be draw lines in the sand and partners for each platform so the strongest will survive. Of all the other mobile platforms, especially in North America, Nokia probably gives Microsoft the least heartache and your enemy’s enemy is your friend as they say. :-)

Details as posted on the Microsoft PressPass website and the LiveMeeting slides and teleconference:
“This announcement builds on the existing work Nokia is doing by optimizing access to e-mail and other personal information with Exchange ActiveSync. Next year, Nokia intends to start shipping Microsoft Office Communicator Mobile on its smartphones, followed by other Office applications and related software and services in the future. These will include:

• The ability to view, edit, create and share Office documents on more devices in more places with mobile-optimized versions of Microsoft Word, Microsoft PowerPoint, Microsoft Excel and Microsoft OneNote
• Enterprise instant messaging and presence, and optimized conferencing and collaboration experience with Microsoft Office Communicator Mobile
• Mobile access to intranet and extranet portals built on Microsoft SharePoint Server
• Enterprise device management with Microsoft System Center”

So looking at/hearing the details and making some personal comments:
- Renewal of the the Nokia license of Exchange ActiveSync in their products (perhaps in conjunction with Exchange 2010 on the horizon, or just a timing coincidence?).
- Office Communicator Mobile client in 2010 (the only one mentioned with a specific timeframe and perhaps the easiest to port?).
- Office Mobile on Nokia devices, starting with the E-series and then others. (Office Mobile 2010 was stated to be released after the release of Windows Mobile 6.5)
- With a new version of SCCM coming up soon and with the merger of SCMDM, perhaps Nokia/Symbian support will be embedded at RTM or shortly thereafter?

I can’t help to think what the Microsoft Windows Mobile teams think of this new alliance and how it will perhaps dilute their value prop they current have with integration with the other Microsoft product teams. Or I suppose it could make them stronger for the future Windows Mobile 7 release as they need to stand up to the mobile platform competition on their own merits..

Also as the new S60 platform replacement is released by the recently revamped Symbian Foundation, Symbian^2 and it’s follow-ups, Symbian^3 and Symbian^4. I wonder how this could perhaps tie in with Nokia’s new alliance with Microsoft and create the timing for Office Mobile on other devices after the E-series support..

Time will tell if this will benefit the two new alliance partners, but I think most Enterprise customers would only be delighted to see more market co-operation in these days of the all out mobile-platform wars and all the confusion it brings to continue to keep ROI and TCO numbers down..

|\\arco..

4 Real Benefits of iPhone in the Enterprise

Looks like the results of a fairly small survey, but kinda interesting non-the-less. Philippe Winthrop stresses that Apple still needs to make it possible to run a Mobile Device Management agent in the background on the devices. Also shows that companies are seeing more slightly more productivity gains on the iPhones. And that the struggle to develop mobility policies and strategy are the same across the board with or without iPhones. :-)

Please see more details here.

|\\arco..

InfoWorld Enterprise iPhone Report

InfoWorld Magazine has published an interesting “Deep Dive” 28 page report on various iPhone topics for the Enterprise. For some it may not really detail much new, but I think shows a fairly decent overview of the current status and aspects to take into consideration.

You can fill out the form here and get e-mailed a link to download the PDF here: http://www.infoworld.com/iphone-deep-dive

Sections include:
- How to Manage an iPhone
- iPhone OS 3.0 is Better, but..
- 8 Easy Steps to iPhone Security
- Development Tools
- Palm Pre versus iPhone
- BlackBerry versus iPhone 3.0

The report also references these older previously published slide decks that could be handy on their own:
Best iPhone apps: Office and personal productivity (Jan 5, 2009)
Best iPhone apps: SFA, CRM, and BI (Jan 5, 2009)
Best iPhone apps: Communication and collaboration (Jan 5, 2009)
InfoWorld's 10 commandments of iPhone etiquette (Oct 22, 2008)
21 apps Apple doesn't want on your iPhone (Apr 13, 2009)
Mobile deathmatch rematch: BlackBerry vs. iPhone 3.0, side by side (Jul 3, 2009)
Mobile deathmatch: Palm Pre vs. iPhone, side by side (Jul 6, 2009)

|\\arco..

New White Paper: Value of Outsourcing Mobility Initiatives during an Economic Downturn

Just to plug something that could be of value to others. My company, Enterprise Mobile, has a new white paper to share to help customers understand how mobility outsourcing can help them meet their organizations’ mobility requirements— despite budget and personnel cuts and other challenges they are facing. “The Value of Outsourcing during an Economic Downturn” describes how a services firm that specializes in mobility can help enterprises:

· Streamline their mobility initiatives
· Apply best practices to every phase of those projects
· Hold down mobility costs
· Achieve their mobility goals

The paper is available for download on our website, at http://www.enterprisemobile.com/resources/white-papers.htm.

It can also show how complex and demanding a mobile initiative can be and why companies would be wise to outsource to a services provider that can streamline mobility processes in a way that makes the most of valuable enterprise resources (time, money, and people).

|\\arco..

SCMDM Future Roadmap

Since the release of SCMDM SP1 back in December 2008 there has been very little information on the roadmap. One of my colleagues let me know that updated information on this topic was recently posted to the System Center Mobile Device Manager blog: http://blogs.technet.com/mdm/archive/2009/06/25/scmdm-roadmap.aspx

This confirms what was told to the audience at the recent MMS 2009 and Tech Ed North America 2009 conferences the last few months. It was similarly posted to the SCMDM Forum as an answer to a question about the future of the product.

I don’t think it will come as a big surprise and having a strong combined System Center Configuration Manager (SCCM) product should only be a good thing. Especially if you are a Microsoft shop that already is using SCCM.

It will be very interesting to see what features the SCCM team will unveil at the upcoming Tech Ed Europe 2009 in November 2009 on their vNext product that will be released in CY2010.

Some good links to get your feet wet with SCCM:
http://www.microsoft.com/systemcenter/configurationmanager
http://technet.microsoft.com/configmgr
http://blogs.technet.com/configmgrteam
http://myitforum.com/articles/42/section.asp

|\\arco..

MobileMonday – MoMo Chicago

For those local in the Chicago area I will be at the next Mobile Monday Chicago chapter meeting on Monday June 29th. I will give a brief overview of Enterprise Mobile and what we do in the mobile supply chain. Please see the details below.

Date: Monday, June 29, 2009
Time: 6:00 pm – 8:00 pm
Topic: Start-Up Showcase 
Location: Acquity Group, 500 W Madison St, Suite 2200, Chicago, IL 60661
Location Notes: Participants can sign-in at the reception desk on the 3rd floor (picture ID required)

Please see the press-release here:
http://www.pr.com/press-release/160634

Sign-up to attend here:
http://www.eventbrite.com/event/345245639

Look forward to meeting folks there!

|\\arco..

Apple iPhone OS 3.0 For The Enterprise

Due to the recent announcement on the new iPhone 3G S model and the updated 3.0 OS upgrade there has been a lot of buzz about the software and new hardware features. Some say that the iPhone with these upgrades is now ready for the corporate enterprise. That may be true, but I was still concerned about the lack of security features I knew from the previous release so I had to dig a little deeper into this after the release material is now available..

Hardware Encryption

One of the few new security features mentioned is the hardware encryption and instant wipe feature that appears to be included on the iPhone 3G S model and not the older models. This is highlighted on the more features page and also in the iPhone Security Overview on the Enterprise page:

“iPhone 3G S hardware encryption uses AES 256 bit encoding to protect all data on the device. Encryption is always enabled, and cannot be disabled by users.“.  The key phrase is: always enabled. So it is active out of the box!

I think this is probably the single most interesting new feature for iPhone in the Enterprise by a long shot. Mostly in due to the previous security risks that I have mentioned previously.

Anthony Vance has an excellent recap on current thoughts around this new feature and the previous gaps here. Also some interesting comments from the author of the iPhone Forensics book, Jonathan Zdziarski, at the bottom of the entry!

Security Updates

Any large enterprise customer will also want to know what specific security fixes are included in a major OS upgrade. Apple comes through at this point, and has posted a support article with the known CVE security issues patched in the iPhone OS 3.0 software update here.

Enterprise Support on iPhone 3G

Apple has a new Enterprise Deployment Guide updated for the OS 3.0 upgrade. But I was unable to find any mention of the new hardware encryption feature in it.

But if the hardware encryption is enabled out of the box on all the 3G S devices, what can be done for the older 3G devices? There is no mention of software based encryption in the OS 3.0 upgrade. So it could be tricky to authorize and permit e-mail/VPN access towards the users of the newer 3G S devices, and not the older 3G devices.

There are some 3rd party solutions that may fit this security void and also provide some device management features. I think this area will only grow but today I believe there are still some gaps that need to be weighed against your corporate requirements, security risks and TCO..

|\\arco..

SCMDM 2008 SP1 Support for Windows 2008 CA

Just noticed that Michael Jimenez recently blogged and announced official Microsoft support for Windows 2008 Enterprise Edition Certificate Authority with SCMDM 2008 SP1.

I have successfully used the KB951840 patch on down-level devices to remove the error message that otherwise will appear. On the device it will complain that the Root certificate is not installed, even though the certificate chain locally shows it is there. :-) This will also prohibit the IPSec VPN from coming up.

Also as a recap of the different Windows Mobile build numbers and AKUs as I posted previously, you should also be aware of the Password Reset Client on the down-level devices. The important difference being that you could deploy the Password Reset .CAB file out to the devices once enrolled in SCMDM, but the Windows 2008 CA patch you are unable to since the VPN won’t come up without it..

Windows 2008 CA Patch (KB951840) installable on:
Windows Mobile 6.1 devices, Build 19202.1.0.0 and higher. Un-necessary to install on Windows Mobile 6.1.4 devices (Build 20757.1.4.0) or higher.

Password Reset Client installable on:
Windows Mobile 6.1.1 devices, Build 19559.1.1.0 and higher. But stated supported for only for Windows Mobile 6.1.4 devices and higher. So I assume un-necessary to install on Windows Mobile 6.5 devices but I shall test on the newly released emulator. :-)

|\\arco..

Windows Mobile 6.5 Device Emulators and more 6.5 Information

With the Windows Mobile 6.5 device emulator images now finally released we can probably start to see much more information about Windows Mobile 6.5 being made available to the public.

Grab the 6.5 Professional or Standard emulators here:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=20686a1d-97a8-4f80-bc6a-ae010e085a6e

I already had the Windows Mobile 6.1.4 Professional images and Device Emulator 3.0 installed and the 6.5 images appeared to work straight away:

Please click on any of the pictures below to enlarge them for better viewing. My main purpose for using the emulator is for additional device testing, and not so much on the development side..

Connectivity on Windows Mobile 6.5

To get network connectivity you can follow the same steps as with previous emulators. Please see this blog posting for additional information. 

The emulator network properties:

Walkthrough in a WM 6.5 emulator image: 

MyPhone on Windows Mobile 6.5

Another tip in using the emulator is using the built-in MyPhone client to get more “live” data easily into the emulator for testing and usage. I did get a upgrade prompt to install the latest and greatest MyPhone client in my emulator.  You can now install the open beta MyPhone client on any of your existing Windows Mobile 6.0 or 6.1 devices, back-up the data and then restore it within the emulator.

MyPhone walk-through on the WM 6.5 emulator:

Windows Mobile 6.5 Widgets

Jorge Peraza has posted some quick information on how to get your feet wet with widgets on Windows Mobile 6.5: http://blogs.msdn.com/windowsmobile/archive/2009/06/04/getting-started-with-widgets-on-windows-mobile-6-5.aspx.

What’s Hot about Windows Mobile 6.5

At the recent TechEd this TechTalk was recorded with Dale Coffing and Chris De Herrera to discuss the new user interface, MyPhone and Windows Marketplace for Mobile services:
http://www.msteched.com/online/view.aspx?tid=5471dd4c-9d1f-47c8-85df-c3bf5bfe678c

Network Utility on Windows Mobile 6.5

I did a quick test of the Enterprise Mobile IP Utility and it works under the Windows Mobile 6.5 emulator just fine and could be a very useful tool for troubleshooting:

System Center Mobile Device Manager (SCMDM) 2008 Support in WM 6.5

Of course testing out the SCMDM client embedded in Windows Mobile 6.5 is something I had to test out as well. :-) It didn’t disappoint and the VPN came up fine against a SCMDM 2008 SP1 instance over the Internet. I did notice a new option and error messages provided in the client:

|\\arco..

Exchange 2010 and Mobility

I’m an old Exchange administrator since the 5.0 days and a new version of Microsoft Exchange server is coming near you very soon. It brings a long list of new and enhanced features. This also carries over to mobility and is important for any enterprise Exchange administrator to understand in today’s very mobile world..

I will attempt to highlight some of the important mobile features I feel it brings to the enterprise table and reference places to find additional details and information. Please comment if you may have updated or additional interesting information!

Windows Mobile client Enhancements

Adam Glick has a great recap here:
http://edge.technet.com/Media/Exchange-2010-updates-for-Windows-Mobile/

Enterprise Mobile Security Interview

As I have blogged about previously, there was some interesting webcast  sessions on Windows Mobile, Security and Device Management on TechNet recently.

If you were unable to attend you can also catch a glimpse of one of the speakers I know, David Field here on TechNet Edge:
http://edge.technet.com/Media/Enterprise-Mobile-Security-Interview/

Dave Field spoke at TechEd on mobile security and gives us some insight into mobile phone security on topics such as:

• Areas where Windows Mobile security is strong against the competition
• Scenarios where companies will want to look to 3rd party solutions for mobile security
• Recommended ways to implement 2 factor authentication for phones

The Windows Mobile security whitepaper Dave mentions is something I also blogged about back in February, and available here: http://www.enterprisemobile.com/resources/white-papers.htm

|\\arco..

AT&T Samsung Epix (SGH-i907) ID1 Multipatch

For those of you who might have an AT&T branded Epix which is the Samsung SGH-i907 you probably will want to install this patch as soon as possible. It is now available from Samsung. It includes several patches, including a fix for the critical “Slog Dump” that has been dreaded by many users:

You can obtain it from here:
http://www.samsung.com/us/i907/multipatch

I think with the “Slog Dump” problem now fixed this will continue to be a great Windows Mobile 6.1 device for everyone!

|\\arco..

How to setup Proxy and Work Exceptions on Windows Mobile 6.1 with SCMDM 2008

There appears to be a lack of public information regarding the inner secrets of successfully navigating and configuring the proxy and work exceptions on the Windows Mobile platform. My fellow Enterprise Mobile colleague, Patrick Salmon, has broken through and made some very interesting observations and facts about how to get it all configured correctly. This article contains all of the material and information Patrick has researched.

Most of this boils down to how the Windows Mobile Connection Manager is handling the connections and the decisions it makes to route the traffic. The Connection Manager is well aware of the native L2TP and PPTP connection methods in Windows Mobile, but appears to lack direct support for the Windows Mobile 6.1 Mobile VPN that is used by SCMDM 2008. See more information here: http://msdn.microsoft.com/en-us/library/ms879581.aspx.

This article assumes you are already well familiar with the SCMDM network routing requirements and how to configure Group Policies.

Proxy Issues Today

1. If you set the proxy via the SCMDM 2008 Group Policy you may observe that the necessary connectivity to the SCMDM Device Management server and WSUS services break.

2. Trying to use the Work/Internet capabilities as currently documented breaks the SCMDM VPN.
Although http://technet.microsoft.com/en-us/library/dd261930.aspx does explain some of the necessary steps. Also on http://technet.microsoft.com/en-us/library/dd261921.aspx it also states to make sure that the SCMDM Gateway server is listed.

3. No visibility on the client of what is configured.
The Windows Mobile Connection Manager internally uses something called a URL Mapping Table to decide if a specific URL is destined for the Internet or the corporate network connection. It can use a URL pattern which we will go into in more detail below. Please see http://msdn.microsoft.com/en-us/library/aa455992.aspx.

Where to set the Proxy server setting in the SCMDM 2008 Group Policies:

The solution is to correctly configure the Internet proxy setting and also specify the routing of which URLs go to the “Internet” and through the configured proxy, and which are internal or go through “Work” back through the VPN connection.

Overall best practices

Keeping things as simply as possible will go a long way. The basics are:

1. “Internet” bound traffic = Route via proxy if defined, otherwise use Default Gateway on SCMDM Gateway Server.

2. “Work” bound traffic = Route traffic directly to internal network using local routing tables on SCMDM Gateway Server.

3. If the FQDN of the Proxy is part of an internal domain do not put the FQDN in the Proxy configuration!
This will not work, as it will be detected as an Internet domain, due to the dotted name and you won’t see it working as you think. The solution is to use the direct IP address. Example: instead of “proxy_host.company.com:8080” use “172.16.1.1:8080”.

Where to configure the specific Internet/Work routing is done through a “hidden” existing Group Policy setting:

The dialog window has two areas. One for the Internet domains (which will be routed to a proxy if configured so) and at the bottom for Work domains (not routed to the proxy if configured). This is what the default values are:

Next we will go into how to configure these entries in more detail.

Connection Manager URL Mapping Pattern

The Windows Mobile Connection Manager uses a general *://*.*/* URL type format. This can be further broken down into these examples:

• "*" & "?" can be used anywhere.:
  • “*” = Zero or more of any type of characters.
  • “?” = Can take the place for any single character.
• *:// = Any protocol (usually http or https).
• /*.*/ = Any FQDN namespace
• /*/ = Any NetBIOS/WINS name
• *://servername/* = specific NetBIOS server name
• *://*.company.com/* = Any host in a FQDN domain called company.com.
• *://host1.company.com/* = Only host1, any protocol, any website on target.
• *://host?.company.com/* = All traffic to host[a-z, 0-9], any website.
• https://host1.company.com/home = Only https requests to host1's "home' directory.

Some things to think about when defining you own URL Mapping table:

- Obey classic firewall rules – most granular is processed first
- Define your targets and know your internal name space
- Put in sequence (most specific first, least specific last)
- Decide whether traffic goes via the “internet” or “work” network routing from your SCMDM Gateway Server

Example and Outcome

Here is what a working example of URL Mapping Filter entries could look like:

Please note the above setting details:
- *://www.company.com/* - Externally hosted Internet site
- *://mdmvpn.company.com/* - Route SCMDM Gateway Server access through Internet
- *://*.company.com/* - Internal work namespace
- *://*.*/* - Catch all for all other Internet requests
- *://*/* - Catch all for all other internal NetBIOS/WINS requests – However, not found to work in testing, and removed so Internet requests are not caught by it!

Outcome with the above setting details:
- SCMDM VPN will connect correctly through the Carrier/MO/ISP on the device
- SCMDM Device Management and WSUS traffic will require no further invention.
- Internal Line-Of-Business application traffic will go direct.
- Internet bound traffic will go to the corporate proxy (if defined in separate Group Policy).

Internal namespace sans WINS

Since most companies are well on their way to totally get rid of WINS and have put in place DNS suffix search order standards. Another solution is to push a default DNS suffix to your Windows Mobile. Brian Puhl from Microsoft IT blogged about this last year here:

http://imav8n.wordpress.com/2008/08/21/getting-single-label-name-resolution-on-mdm-enrolled-phones/.

So this could ensure proper name resolution to a FQDN for internal names used on the Windows Mobile device. In the example above this could be routed to the “work” side of things by the *://*.company.com/* URL Mapping.

For more information on creating custom ADM templates for use in SCMDM 2008 please see: http://blog.enterprisemobile.com/2008/10/writing-custom-gpos-for-scmdm-2008/.

SCMDM 2008 SP1 Source-based Routing

Another feature that can be used to better assist with the complex nature of network routing, proxies and Internet access is the source-based routing feature present in SCMDM 2008 SP1. Some details can be found here: http://technet.microsoft.com/en-us/library/dd252779.aspx

The source-based routing option on the Gateway Wizard:

One example of how this could work is instead of having the default gateway on the External NIC of the Gateway Server, you place one on the Internal NIC. You can then configure the source-based routing option to an IP address of an external firewall that is accessible from the Internal NIC. Now Internet IPSec traffic will come in and terminate on the external NIC, but return back to the device through the Internal NIC and the IP address of the source-based routing, back to the Internet. Now any traffic from the Windows Mobile devices not configured to the proxy will default out to the Internal NIC gateway. This could be useful for applications that are not proxy aware, or if you won’t want to use any proxy but direct all traffic to the internal side and to be taken care of there for either internal or external Internet routing..

Split DNS

Another idea that could perhaps assist in some architectures is the use of split-DNS. In the Gateway Wizard you can specify the DNS server the Windows Mobile clients will use to resolve hostnames. Many simply use the existing DNS server present internally and make sure connectivity on TCP port 53 is open to it. Another idea could be to use a separate DNS server that contains hostname zone entries that could be similar but resolve to different IP addresses to better resolve network routing or DMZ issues at hand. DNS forwarding could still be used to forward remaining requests to the primary internal DNS servers.

Tethering Devices

Another Enterprise Mobile colleague, Dave Field, also points out:

“Please note that if you have a proxy setup on the device and you partner the device to a desktop that has “automatic” setup for the Connection setting, it will auto-configure the device proxy and overwrite whatever you have. It will configure it for port 80 automatically too.”.

At this of this writing I’m not sure if the Group Policies will automatically refresh the settings again down to the device. A work around may be to disable the tethering functionality all together if this is a big concern.

Wrap up

The final best advice is to have patience in troubleshooting and testing the proxy and network routing. It can be complex and quite difficult to get setup correctly in a large organization. Logic flow, re-verifying settings, and looking at logs could be your best friends.

Thanks again to Patrick Salmon for getting the answers together. Also a thanks to Wayne Phillips and David Creedy from Airloom for their feedback and corrections!

Please leave a comment or contact me directly if you have additional findings or feedback on how these settings work and act for you!

Reference links - for additional information:
Default URL Mapping values in Connection Manager:
http://msdn.microsoft.com/en-us/library/aa456095.aspx
How Connection Manager works:
http://blogs.msdn.com/fzandona/archive/2005/10/10/ConnectionManager02.aspx 
How the Mapping Index works and what are some of the high-end catch all values:
http://msdn.microsoft.com/en-us/library/aa455850.aspx
http://msdn.microsoft.com/en-us/library/aa456095.aspx
Using Connection Manager URL Mapping:
http://msdn.microsoft.com/en-us/library/aa455992.aspx
SCMDM Forum thread discussion on these settings:
http://social.technet.microsoft.com/Forums/en-US/SCMDM/thread/9a295dc0-55a6-4783-b43e-132748e8e7b5

|\\arco..

Updated on May 12, 2009 with some corrections.

Using Exchange Server Remote Connectivity Analyzer (ExRCA) for Windows Mobile ActiveSync testing

Don’t believe this is that recent news, but just learned about it and thought I would share as I think it could be quite useful for many enterprise scenarios..

This is a public website that can be used to troubleshoot Exchange server connectivity issues. Originally written by a Microsoft Escalation Engineer and continually updated.

You can test such things Exchange ActiveSync (EAS) issues, including Windows Mobile 5 and Windows Mobile 5 w/MSFP, Windows Mobile 6.1 clients with AutoDiscover, Outlook RPC over HTTP (Outlook Anywhere), Outlook 2007 and AutoDiscover and even inbound SMTP. The tool will give you a nice detailed report that you can drill down into and research where any failure might be.

It is accessed from here: https://www.TestExchangeConnectivity.com.

This could be very useful in testing your Exchange configuration and setup before you have Windows Mobile clients to access your environment. Validation of certificates and which Windows Mobile versions are supported is also included!

Main menu:

Apply test credentials:

Example report:

Reference Links:
Blog: http://msexchangeteam.com/archive/2009/03/25/450908.aspx
Video: http://edge.technet.com/Media/The-Remote-Connectivity-Analyzer-for-Exchange-Server/
Facebook Group: http://www.facebook.com/group.php?gid=58417140899
Twitter: http://twitter.com/ExRCA 

|\\arco..

The history of text messaging, the 160 character limit and Tweet messages

I love the History and Discovery channels on TV, and history in general. So as the rapid computer and telecommunications technology involves, things in the 1980s are now already historical and have shaped our everyday lives today. SMS text messaging is a good example of that.

The Los Angeles Times has a great little article about Friedhelm Hillebrand who in Germany in mid-1980s wrote up the SMS 160 character text message as a standard in the GSM implementation. Still in place today and now actively used on billions of phones:
http://latimesblogs.latimes.com/technology/2009/05/invented-text-messaging.html

Using a 7-bit character set instead of 8-bit, the 160 characters also only takes up 140 bytes of transmission data. I won’t dare to go into how much revenue this now common technology is making on the Mobile Operator side worldwide.. :-)

Today, Twitter, is also using the same 160 text message limitation. It has a 140 character limit per tweet with the remaining 20 characters reserved for the user name..

|\\arco..

Microsoft Webcast on SCMDM 2008 Deployment

If you missed any of the recent past Device Management and Security sessions, feel free to click on the links from my previous posts and view the recordings.

I also have another session to make you aware of for this coming Friday being done by one of my Enterprise Mobile colleagues (rescheduled from April 17th):

· Webcast: TechNet Webcast: Deploying Mobile Device Manager 2008 is easier (and cheaper) than you think (Level 300)
Friday, April 24, 2009
11:30 A.M.–1:00 P.M. Pacific Time
Attendee Registration URL: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032410692
Description: “System Center Mobile Device Manager (SCMDM) is a complex product with a lot of dependencies which must all be in place in order for it to work correctly. This session, which takes almost 2 years of hands-on experience of deploying implementing SCMDM in the field, steps through how to successfully (and cost effectively) implement this product in the enterprise. The objective of this session is to address the misconception that SCMDM is hard to implement while showing how MDM eliminates almost all of the overhead associated with Blackberrys while retaining and elevating both manageability and security.”

Highly recommended to attend if you are interested in learning more about the deployment of SCMDM 2008 in your production environment.

|\\arco..

Celio REDFLY Mobile Viewer Beta – What it does and how it can be useful

One of my colleagues at Enterprise Mobile noticed the press release from Celio on a new piece of software from Celio, the makers of the REDFLY Companion hardware add-on for Windows Mobile devices. This new PC based software was announced at the CES 2009 in January with a delivery date in March.

This peaked my interest and wanted to figure out what this piece of software could do. Specifically how does it assist with using the REDFLY devices if it is running on my Windows XP or Vista machine??  So I went to Celio site and downloaded the public beta.

How it works

The installation was painless and quick on my Vista machine.

When I first ran the application it brought up this screen with the familiar logo and graphics, just like on the hardware REDFLY devices. Please notice the bottoms at the top, which mimic the traditional buttons on a Windows Mobile device.

I did have to allow my Vista firewall permissions for the application to access the network:
 

Once I connected a device through USB and the Vista based Windows Mobile Device Center (ActiveSync on Windows XP) came up, I clicked on the Connect button. The REDFLY Mobile Viewer application then promptly attempted a connection through the USB connection to the device:

..and brought up my device screen right away:

Findings

Through my quick testing I found that the beta software appeared to be very stable and didn’t feel beta to me what so ever. Simple to use and easy to install.  I didn’t try my Bluetooth connection from my laptop to see if that wireless connection method works as well..

Usage Scenarios

What many are now asking is why would Celio release such a piece of software and what is the reasoning behind it. I don’t know the official answer, but can come up with several scenarios where I feel the REDFLY Mobile Viewer could be very valuable:

Demoing – Through the use of the “Auto hide toolbar” option and a webinar session, you could quickly discuss and display the same experience as you would have on a real hardware based REDFLY device.  This is something that has been lacking when working in our virtual “less-travel-is-better” business world.

Application Development/Testing – One of the frequent questions when evaluating the hardware REDFLY units is how will my business applications running on the Windows Mobile device work and look like on the REDFLY unit? I believe with the REDFLY Mobile Viewer this support could be better tested and tried, without the need to have the actual REDFLY hardware.  This could potentially broaden the number of software vendors who support the REDFLY and the larger screen size formats.

Wrap up

Bottom line, think of the REDFLY Mobile Viewer as your virtual REDFLY emulator that can come in handy when trying to explain what a REDFLY device is, how it works, and what it can do for your business. I can only hope Celio will provide it free of charge after the beta period.  :-)

Also wondering if the current or newer Celio drivers could work on a Windows Mobile Device Emulator, then you could emulate the entire experience without hardware.

BTW, Celio also released updated REDFLY drivers to a bunch of devices today as well. Please see more information here and here.

|\\arco..

Upcoming Microsoft sessions on Device Management & Security – If you are at TechEd 2009 or not!

An quick updated post from the one I posted previously on this.. One of these sessions is live at TechEd and the rest are being broadcasted live on TechNet starting next week. All are being presented by colleagues of mine here at Enterprise Mobile. :-)

· Webcast: TechNet Webcast: Windows Mobile 6.1 and Mobile Device Manager 2008: The Gateway to Your Corporate Network (Level 200)
Tuesday, April 7, 2009
10:00 A.M.–11:00 A.M. Pacific Time
Attendee Registration URL: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032407362&culture=en-US
Description: “So, you are using Microsoft System Center Mobile Device Manager 2008 and Windows Mobile 6.1. Now what? You probably know that Mobile Device Manager can manage, secure, and install software on your phones. But did you know Mobile Device Manager also gives your users the potential to control the PC at their desk and access everything they need on the corporate network, including file shares, Microsoft Office SharePoint Server, instant messaging, and internal Web pages. In this webcast, we present the best practices for a Mobile Device Manager installation that provides users with access to everything they need in the corporate network through their phone and (just as important) denies access to resources mobile users don't need. We review the basics of Mobile Device Manager and IP security (IPsec) virtual private networks (VPNs), and we discuss the tools that users can take advantage of so they can work wherever they would like using their phone. Discover how Mobile Device Manager eliminates the need to expose your organization's Microsoft Exchange Server to the Internet.”

· Webcast: TechNet Webcast: Windows Mobile Digital Certificate Management (Level 300) 
Thursday, April 9, 2009
11:00 A.M.–12:00 P.M. Pacific Time
Attendee Registration URL: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032409997&Culture=en-US
Description:  “Digital Certificates and public/private key technology is core to Windows Mobile platform security.  In this session, you’ll learn about how certificates are used to provide authentication, access control and encryption for the OS, applications and networking..  You’ll also learn best practices and “gotchas” for managing certificates on the device.   The speaker is an expert on Windows Mobile Certificate management and certificate-related features in the OS.  Therefore, come ready to ask any questions you may have:  enrollment, import, SSL, root certificates, email security, application security, etc.”

· Webcast: TechNet Webcast: Deploying Mobile Device Manager 2008 is easier (and cheaper) than you think (Level 300)
Tuesday, April 17, 2009
11:30 A.M.–1:00 P.M. Pacific Time
Attendee Registration URL: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032410692&culture=en-US
Description: “System Center Mobile Device Manager (SCMDM) is a complex product with a lot of dependencies which must all be in place in order for it to work correctly. This session, which takes almost 2 years of hands-on experience of deploying implementing SCMDM in the field, steps through how to successfully (and cost effectively) implement this product in the enterprise. The objective of this session is to address the misconception that SCMDM is hard to implement while showing how MDM eliminates almost all of the overhead associated with Blackberrys while retaining and elevating both manageability and security.”

· TechEd 2009 “Chalk Talk” in the WM area:  Management Lockdown of Windows Mobile Devices
Tuesday, May 12, 2009
10:15 A.M.-11:30 A.M. Pacific Time
Description:  “You can completely secure a Windows Mobile device without deploying expensive third party applications. In this session we'll show you how bar viruses, malicious and unsupported code from installing and running on the device. In addition, we'll look at various out-of-the-box devices and analyze their threat surface. Last, we'll describe all Windows mobile application security threat surfaces and how to manage all of them.”

Register them now and get it on your calendar! :-)

|\\arco..

Widgets for Windows Mobile 6.5

There appears to be a common theme going on for many platforms these days.. Web “Widgets”. Windows Vista, Internet Explorer 8, etc..  I didn’t even know that there is now a W3C standard for widgets as well!

It looks like it if also coming to the Windows Mobile platform in the upcoming 6.5 release:
http://blogs.msdn.com/windowsmobile/archive/2009/03/18/windows-mobile-6-5-what-s-in-for-developers.aspx

I think this could have interesting tie-ins for the corporate enterprise world, if the user interface functions nicely..

I’m thinking of:
- Business Intelligence reporting widgets – see KPIs and other key information at your finger tips through VPN
- ActiveX, (no Silverlight?) or Adobe Flash enabled training content
But probably the most important:
- Extending current web application functionality to your external customers on Windows Mobile devices – public web site widgets to make them easy to use on Windows Mobile devices..

The Widgets will also be available on the new Windows Marketplace and centrally downloaded from there. See all the details here: http://j2i.net/blogs/home/pages/more-windows-mobile-6-5-and-market-place-details-from-mix09.aspx

BTW, It also appears that feedback is still being pumped into the Windows Mobile 6.5 platform under development, so we can all still still make an impact.. :-)http://arstechnica.com/microsoft/news/2009/03/feedback-causes-changes-to-windows-mobile-65-honeycomb-ui.ars

|\\arco..

Security in the Mobile Device Enterprise

This of course is brought up all the time by the security software manufactures and always definitely something we should be aware of. As more and more devices are being used in daily life for all of our personal and corporate task, the risks will just get greater and greater, no doubt about it.  As it stands today, there are some vulnerabilities and malware out there, but not a whole lot.. Yet.. 

Mobile Security Looming As New Hacker Frontier:
http://www.informationweek.com/blog/main/archives/2009/03/mobile_security_1.html
$10,000 Mobile Hacking Competition to find new vulnerabilities: (so far no hits!)
http://dvlabs.tippingpoint.com/blog/2009/02/25/pwn2own-2009

But the single largest threat could be lost devices with no passwords being used. Some estimates are that up to 40% of all mobile devices have no password!

Windows Mobile Security

In the corporate environment Windows Mobile brings a lot to the table. Security wise there are several great options and mechanisms you can use to protect your corporate assets. Think certificates, not AntiVirus. I think historically there was just not a big push to prioritize this security realm and the necessary information was somewhat hard to find. I believe this has all changed, and most companies take this very seriously now.  If they do not yet have a strategy I believe they are long overdue to have one and execute on it!

Some great recent Windows Mobile security resources are mentioned here:
http://blog.enterprisemobile.com/2009/03/mobile-security-resources/
Vik also has a good round up of the current Windows Mobile encryption and security certifications:
http://blogs.technet.com/vik/archive/2009/03/03/windows-mobile-encryption-and-security-certifications.aspx

iPhone Security

The iPhone is a great consumer device, no doubt about it. But regarding iPhone security, there are well published and documented aspects you should be aware of if you are using and allowing the iPhone in your enterprise and giving permission for corporate data and e-mail to be stored, or even viewed!, on the devices.

Keystrokes, screen shots, GPS coordinates, and all data can all easily be retrieved if you have physical access to a device. Anyone can take an iPhone and connect it to a machine running iTunes and make a complete backup of it’s contents. For the causal consumer this is probably not a big deal, unless you are using it for all our online banking, personal e-mails (that you don’t want someone else to see), or any other online site you might be using on the device. But think identity theft. Think work related web sites and passwords!

A scenario: You are using a key corporate enterprise application or web site, where critical or sensitive information is shown on the iPhone screen. But when the user moves away from the application, unbeknownst to them, a screen shot of this critical or sensitive information is being cached on the iPhone.. Highly recommended reading:

iPhone hacking: Lessons from the front line:
http://searchmobilecomputing.techtarget.com/news/article/0,289142,sid40_gci1349572,00.html  iPhone Forensics: Recovering Evidence, Personal Data, and Corporate Assets:
http://www.amazon.com/gp/product/0596153589

Also, looking at the newly announced iPhone 3.0 features, I didn’t see anything at all about security or enterprise usage improvements to combat the security issues mentioned above..

Update June 22, 2009: Please see new post on the hardware encryption in the iPhone 3G S model here, and also the actual slide deck from the great forensics presentation Jonathan Zdziarski had from the Gartner Mobile Summit.

|\\arco..