Eric Geier shows how to give Apple iOS devices access to an 802.1X-protected Wi-Fi network, Microsoft Exchange services, VPN access, and more.
If you find more and more users with iPhones, iPod Touches, or iPads, you might consider officially deploying and supporting them on your network. They might already be an essential tool to the users, offering an email client, calendar and scheduler, contacts manager, web browser, and endless other features and functions with third-party apps. They can be even more useful if you support them on your network, instead of leaving it up to the users to try to connect to the Wi-Fi and other network resources.
Apple’s iOS platform—featured on the iPhone, iPod touch, and iPad—is designed to easily integrate within an organization’s network. This can give users easier access to any Microsoft Exchange services (such as email and calendar), VPN servers, or connection to an 802.1X-protected wireless network (WPA/WPA2-Enterprise). It can also help you better control the mobile devices with polices and gives you remote wiping capabilities. Plus, in the long run this can make it easier to set up the Apple iOS devices and reduce support calls.
In this article, we’ll review the deployment steps and see what’s involved in getting Apple iOS devices on a network.
Preparing the Network Services You Want to Support
If you have Microsoft Exchange setup for the users and want to offer access via Apple iOS devices, ensure you support Exchange ActiveSync (EAS) on Exchange Server 2003 or 2007. This is what connects the devices and the Exchange server together, via the cellular or Wi-Fi connection of the device. For Exchange Server 2007, also make sure the Client Access Role is installed. For Exchange Server 2003, make sure you’ve enabled Outlook Mobile Access (OMA).
If you don’t use Microsoft Exchange, you can still configure the devices for email using IMAP, which also could be Lotus Notes/Domino or Novell GroupWise. Make sure the email server supports both user authentication and SSL. You can also provide a global address directory via a LDAP directory and a global calendar via a calendar server that supports the CalDAV standard.
If you have a wireless network, all the Apple iOS devices can connect. All the Wi-Fi encryption methods (WEP, WPA/WPA2 Personal and Enterprise) are supported. If your network uses 802.1X authentication with WPA/WPA2-Enteprise encryption, ensure you’re using one of the supported EAP types: EAP-TLS, EAP-TTLS, EAP-FAST, PEAPv0, PEAPv1, or LEAP. Also make sure the RADIUS server is up and working and you have any client certificates ready if you want to use a protocol like EAP-TLS.
If you want to offer VPN access, ensure you use one of the supported protocols: Cisco IPSec, L2TP over IPSec, or PPTP protocol. No additional configuration should be needed in order to connect the Apple iOS devices.
If you want to distribute enterprise applications to the devices, you can do so with the iPhone Configuration Utility or iTunes. Keep in mind, updating the applications is easier if users have iTunes installed on their own Mac or PC.
0 comments:
Post a Comment