|
Protect your Data with Active Sync Protector - overview
ActiveSync Protector allows you to secure your Exchange mobile ActiveSync.
Access Control - Verify user and phone match-up.
Content filtering - limit the content exiting the network to the minimum
required and to workers truly requiring it by defining rule-based content filtering.
No client installation - easy to deploy and cross-platform support.
Available for ISA \ TMG \ IAG \ UAG
More and more companies encourage their employees to work with their mobile devices
implementing Bring Your Own (BYO) strategy to save money and improve efficiency.
Typically the Exchange is configured to support OTA ActiveSync (Over The Air).
But from a security point of view, mobile smart phones are in fact mini computers
and should be treated from a security aspect as a potential threat.
|
Download ActiveSync Protector documents
|
|
ActiveSync Protector (filter) - Features
Content Filtering
- 1. Configure content publishing rules according to device type and/or
user AD group membership.
- 2. Filtering Exchange content by one or more of the following objects:
Mail messages, Attachments, Contacts, Tasks and calendar events.
- 3. Allowing or blocking synchronization of attachments in mail messages
or events.
- 4. Managing white list of attachment file types.
- 5. Filtering by words in email and calendar events subject line.
- 6. Allowing meeting requests to be published even when mail is blocked.
- 7. Filtering by the sender's domain name.
- 8. Encrypted and signed mail handling.
Access Control
- 1. Verify that user and deviceID match (Two factor authentication-
TFA).
- 2. Managing a white list of allowed users.
- 3. Allowing or blocking by device type and/or by user's active directory
group membership.
- 4. Several enrollment options.
|
ActiveSync Content Filtering
ActiveSync Access Control
|
Active Sync Protector (Filter) - Mobile Access Control
The ActiveSync Protector includes several enrolment options to register the device
for each user. Once the user has registered, the filter can verify during each authentication
process that the user matches the device registered.
For some enrollment process- an additional web site (Mobile Access Control) is used
as part of the solution.
Access control supported enrolment processes:
-
 Automatic Self Enrollment –Device
ID is registered upon first use.
-
Self-Enrollment Registration –
User registers on internal site and then must Sync within a defined time frame to
complete registration.
-
Smart Card Enrollment – User creates
credentials on internal site (using strong login).
-
Admin Manual Enrollment – Admin
management of user list using training mode and rejected auditing list.
In addition, the ActiveSync Protector includes an admin web site for tracking users'
registration process, approving blocked usres, deleting users and more.
|
ActiveSync Protector registration site
ActiveSync Protector Admin Site
|
About the ActiveSync Protector (filter)
Complex networks can find that some requirements are hard or impossible to achieve
using ISA/ TMG / IAG / UAG server out of the box functionality.
AGAT Software solutions have developed a unique set of solutions that enables extending
ISA/ TMG / IAG / UAG functionality to solve complex architectures and requirements,
typically implemented in large, complex and well secured networks.
Understanding the endless complex environments options, Microsoft has enabled to
extend the functionality by developing Web filters and ISAPI filters for products
as ISA / IAG and IIS.
The filters are run-time extensions that can be used for modifying and extending
functionality to solve requirements that are not included in the Microsoft out of
the box solution.