Getting to Know Afaria® 6.

6 FP1
Afaria provides comprehensive management and critical security features to ensure that data and devices are up-to-date, reliable and secure. Based on a profile-based model for automating and managing security, work assignments and schedules, IT departments have full control of devices, while frontline workers are free to focus on business objectives. Whether Afaria deployment is over-the-air or wired, all users benefit through simplified workflows and increased productivity. Getting to Know Afaria presents an overview of Afaria architecture, what’s new in Afaria, using the Afaria Administrator and Afaria standalone components, as well as how you can use Afaria to face the challenge of managing devices at the front lines.

Getting to Know Afaria 6.6 FP1 Document version 6.60.01 Copyright © 2010 Sybase, Inc. All rights reserved. This publication pertains to Sybase software and to any subsequent release until otherwise indicated in new editions or technical notes. Information in this document is subject to change without notice. The software described herein is furnished under a license agreement, and it may be used or copied only in accordance with the terms of that agreement. To order additional documents, U.S. and Canadian customers should call Customer Fulfillment at (800) 685-8225, fax (617) 229-9845. Customers in other countries with a U.S. license agreement may contact Customer Fulfillment via the above fax number. All other international customers should contact their Sybase subsidiary or local distributor. Upgrades are provided only at regularly scheduled software release dates. No part of this publication may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical, or otherwise, without the prior written permission of Sybase, Inc. Sybase trademarks can be viewed at the Sybase trademarks page at http://www.sybase.com/detail?id=1011207. Sybase and the marks listed are trademarks of Sybase, Inc. A ® indicates registration in the United States of America. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. Java and all Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Unicode and the Unicode Logo are registered trademarks of Unicode, Inc. All other company and product names used herein may be trademarks or registered trademarks of the respective companies with which they are associated. Use, duplication, or disclosure by the government is subject to the restrictions set forth in subparagraph (c)(1)(ii) of DFARS 52.227-7013 for the DOD and as set forth in FAR 52.227-19(a)-(d) for civilian agencies. Sybase, Inc., One Sybase Drive, Dublin, CA 94568

Getting to Know Afaria 6.6 FP1

Table of Contents

Table of Contents
Introducing Afaria........................................................................................................ 5 Afaria Architecture................................................................................................ 6 Afaria Server ........................................................................................................ 9 Afaria Administrator............................................................................................ 10 Afaria Support Services...................................................................................... 11 Sybase Social Media Channels .......................................................................... 11 What’s New in Afaria 6.6 FP1? ................................................................................. 12 Afaria 6.6 Feature Pack 1 ................................................................................... 12 Afaria 6.6 Platform .............................................................................................. 13 Afaria 6.5 Feature Pack 1 ................................................................................... 15 Afaria 6.5 Feature Pack 2 ................................................................................... 16 Server Access........................................................................................................... 18 Server Status and Reports........................................................................................ 19 Home: Server Status .......................................................................................... 19 Home: Active Sessions ...................................................................................... 20 Home: Alerts....................................................................................................... 21 Home: Reports ................................................................................................... 22 Home: Client Deployment .................................................................................. 23 Server Configuration ................................................................................................. 24 Properties: Communications .............................................................................. 24 Properties: Servers............................................................................................. 25 Properties: Component Configuration ................................................................ 27 Server Configuration: Server Schedules ............................................................ 28 Server Configuration: Client Types .................................................................... 29 Server Configuration: Alert Definitions ............................................................... 30 Server Configuration: License Compliance ........................................................ 31 Server Configuration: Patch Console ................................................................. 32 Client Management with Group Profiles ................................................................... 33 Assignments ....................................................................................................... 34 Client Actions ..................................................................................................... 34 Allowed Channels ............................................................................................... 34 Policies ............................................................................................................... 35 Portal Packages ................................................................................................. 35 Client Groups ............................................................................................................ 36 Monitors .................................................................................................................... 37 Channels................................................................................................................... 38 Backup Manager ................................................................................................ 39 Configuration Manager....................................................................................... 40 Configuration Features ................................................................................ 40
3

............................................. 64 Features .............................................................. 69 Package Tracking View..................................................................... 75 4 ....................... 60 Policy Category – Application Control ............... 72 Client Patches View ......... 73 Client Deployment View ..................................................................................................................................................................................................... 63 Package Category – Application .......................................................................................... 67 Inventory View....................................................................................................... 60 Policy Category – Device Configuration ....................................... 74 Remote Control..................................................................................................................................................................................................... 48 Patch Manager ....................................................................................................Getting to Know Afaria 6.................................................................................................. 59 Replication ..................................... 48 Features ... 46 Features ........................................................................................................................................... 59 Import and Export Channels .. 59 Policies......................... 41 Data Security Manager for Handheld Clients ........................................... 70 Backup View.......................................................................................................................................................................................................................................................................................................................................................................... 65 Client Data ...............................................................6 FP1 Table of Contents Configuration and Enforcement Features ... 45 Features .................................................................................... 42 Data Security Manager for Windows Clients................................................................. 53 Software Manager .................................................................................................................................................................... 64 Clients in Afaria...................................................................... 42 Features .............................. 66 Logs View........................................................ 57 Channel Availability for Servers ............................................................. 55 Features .............................................................................................. 45 Document Manager................................................ 52 Session Manager ..................................... 53 Features . 60 Policy Category – Antivirus/Firewall ............................................................................................................. 61 Portal Packages.................. 71 License Compliance View ................................................... 63 Tenants and Multitenancy........................................................................ 61 Policy Category – OMA DM .......................................................................................................................................................................................................................................................................... 66 Clients View ................................................................................................................................................................................................. 55 Channel Availability for Clients. 50 Server Listing ................................. 46 Inventory Manager ..................................................................................................................................................................................................................................................................................................................................................

such as server and client authentication. reducing the volume of data sent. Segmented file and package delivery breaks files and software packages into smaller distribution packets. as well as your computing devices. Byte-level differencing detects and extracts the difference between two versions of a file or software package and then sends only the byte-level changes or updates to the mobile user. Afaria enables you manage your remote and mobile computing devices. efficient transmission.6 FP1 Introducing Afaria Introducing Afaria Afaria is recognized as a leader in the client systems management space by industry analysts and device manufacturers. and user authentication and assignments using enterprise user directories. Offline installations and processing allows offline processing to minimize connection time and costs. bandwidth demands. Check point restart picks up an interrupted communication connection where it left off the next time the client connects to the server. SSL encryption. including handheld devices. avoiding redundant data transmission and reducing connection time and user frustration. Compression optimizes client data traffic for low bandwidth connections by shrinking large files for fast. client agents on mobile devices automatically install software applications and updates and initiate scheduled asset inventories after the connection has ended. laptops. allowing you to transmit large volumes of data in time or size increments across several connections until the transfer is complete. Dynamic bandwidth throttling optimizes client connections to take maximum advantage of available bandwidth. while giving way to other applications when their activity levels increase. 5 . • • • • • • • Afaria protects your data. Pull capabilities let client users request specific content from a server through subscriptions.Getting to Know Afaria 6. and desktops. and connection time. Afaria’s bandwidth optimizations provide efficient wireless support: • Push capabilities let you distribute various content to and perform various tasks for your client users in a sequence. It includes security features. It also provides “device wipe” capabilities for most device types. increasing productivity by allowing the user to work offline more effectively. and at a rate determined by the server. Outbound notification lets you notify clients or client groups to connect to the server to perform a specific task. While data and software applications are transferred during connections.

such as handheld devices. and laptops that Afaria manages. or direct from headquarters to devices across a WAN. using HTTP or HTTPS protocols. Network connection – connections with clients occur via inbound and outbound connections. smartphones. 1 Clients – user devices. Relay server – Afaria bundles an optional relay server to operate as a proxy for HTTP and HTTPS sessions between the Afaria server and its Afaria clients. clients may also connect using the XNET or XNETS protocols from behind the corporate firewall. Clients either have an Afaria agent installed or have a native capability or thirdparty application that Afaria features use to interact with the hosting device. The external firewall permits inbound Afaria connections.Getting to Know Afaria 6.6 FP1 Introducing Afaria Afaria Architecture Afaria’s tiered architecture provides information distribution from headquarters to computing devices. anytime. External firewall – protects the corporate network from unauthorized access from the Internet. The following diagram illustrates Afaria’s architecture. Afaria lets you define an unlimited number of customized channels to manage your computing devices from anywhere. Using a relay server lets 2 3 4 6 . Although not reflected in the diagram.

Afaria server farm – multiple Afaria servers operating together in an Afaria installation. The Afaria server establishes an outbound connection to the relay server. An administrator pushes Afaria client installation packages out to the deployment center and then sends notices to device holders. Portal Package server – for optional portal package operations. Peer Afaria servers – Afaria servers that operate as separate Afaria installations. define access policies for Afaria Administrator users. to your Demilitarized Zone (DMZ). you can designate your authentication method and the domain to be used by Afaria. such as Active Directory. Directory server – if providing authentication using an NT domain or LDAP service. the application – the Web application that provides an interface for the Afaria server. The server has a one-to-one relationship with the Afaria database. although part of Afaria. The following features. which is a Web server that you establish to provide software deployment services. The servers have a many-to-one relationship with the Afaria database. OMA DM server – the Open Mobile Alliance (OMA) Device Management (DM) server operates as a proxy between the Afaria server and the OMA DM clients.Getting to Know Afaria 6. such as your Afaria server. and for content not delivered from another source. When using the optional relay server. iOS provisioning server – the iOS provisioning server sends device configuration policies to iOS devices. the individual – the person that installs and operates the Afaria product. the portal package server hosts and serves Afaria application packages to clients. • • Standalone Afaria server – a single Afaria server operating as the only server in an Afaria installation. and communicate with other Afaria servers. It runs sessions • • • 7 . allowing an Afaria implementation without any open ports on your internal firewall. All servers in the farm can access the database and host Afaria client sessions. standalone server or as multiple servers in a server farm environment. inbound connections are not permitted from the relay server. The Afaria server communicates with the Afaria database and additional components or clients as necessary. are not are illustrated in the architectural diagram: • OTA Deployment Center – Afaria supports using an optional Over-The-Air (OTA) Deployment Center. Afaria server – Afaria is a server-based solution that can operate as a single. from the DMZ. monitor system activity.6 FP1 Introducing Afaria you further secure your enterprise network by moving the session connection point from within your firewall to a location outside of your firewall. Device holders can download the client directly onto their device for installation. Peer servers access different Afaria databases and support different sets of Afaria clients. 6 • 7 8 Afaria database server – the database server contains your Afaria database. A server farm includes one main Afaria server and one or more replication servers. Afaria Administrator. 5 Internal firewall – protects corporate network assets. Use Afaria Administrator to define the server configuration. and can be any database platform supported by Afaria. manage Afaria clients. 9 10 Afaria administrator.

6 FP1 Introducing Afaria with known OMA DM clients to serve OMA-DM-compliant messages. as formatted by an Afaria OMA DM policy editor.Getting to Know Afaria 6. 8 . • Certificate authority server – for iOS features. the certificate authority is a required server component that issues certificates to iOS devices as part of the process for delivering device configuration policies to devices.

and client management. see “Replication” on page 59. 9 . Afaria provides two methods for servers to communicate with other servers: import/export and replication. authentication. Use Afaria Administrator as the tool that provides a user interface for Afaria server operations. logging. Import and export lets you move copies of editable channels from one server to another. For more information about the server farm environment. using multiple servers for scalability and fault-tolerance. channel management. Replication lets you send or receive read-only copies of channels that exist on your server on an automated.6 FP1 Introducing Afaria Afaria Server Afaria server operates without its own user interface.Getting to Know Afaria 6. reporting. scheduled basis. It’s engines process all the Afaria tasks for database communication. or to create a distributed server scenario. You can also use replication to create a “server farm” scenario.

Use the Data views area to view and manage detailed information about your clients. track software package delivery. client groups. Global navigation link Description Home Use the Home area of the Afaria Administrator to view the current status of your Afaria server.6 FP1 Introducing Afaria Afaria Administrator The Server List page displays all of the servers within your environment that you can access.When you click a server link in the list. portal packages. and alert definitions. monitors.Getting to Know Afaria 6. Use the Administration area for day-to-day tasks. run reports. For example. see alert notifications you may need to resolve. that server’s status page appears. including behavioral settings. The table below briefly describes the contents of each global link. installation. you can see message logs. It provides tools for managing profiles. Use the Server Configuration area to define system-wide properties for your Afaria server. client type definitions. and creating OMA DM clients. and more. hardware and software inventory changes. administering channels and channel replication. policies. as well as access a wealth of additional information about your Afaria server. Server Configuration Administration Data Views 10 .

sybase.6 FP1 Introducing Afaria Afaria Support Services Sybase provides industry-leading support and a variety of downloads to help you get the most out of your Sybase products and solutions.sybase. you can visit www.com/resources/socialmedia. 11 .com/contactus/support.com/support.sybase. If you have a technical support contract. you can locate your local technical support center at www. Sybase Social Media Channels Visit us online for our social media channels at www. For more information about Sybase Customer Service and Support.Getting to Know Afaria 6.

You benefit from performance. Android.6 FP1 adds iOS. remote erase (device wipe).0 devices using the new Mobile Device Management (MDM) service and protocol Enhanced device policy controls • • • • • Apply policies to devices without user interaction More granular policy status logging Support for additional policy settings New Inventory Manager component with expanded hardware and software inventory collection Expanded security actions available for device.6 Feature Pack 1 Afaria 6. including removing the MDM payload from the device. feature. Application deployment for iOS devices • • New App Portal component for iOS devices Manage application distribution and installation on iOS devices • • Support for both enterprise applications and "App Store" applications Applications can be required or optional on end-user devices 12 .Getting to Know Afaria 6. and security enhancements.6 FP1? The Afaria product development team continues to drive the industry with innovative enhancements for the latest server and device platforms.6 FP1 What’s New in Afaria 6. and Afaria Access Control for Microsoft Exchange features and fixes to your Afaria 6. locking the device. Support for iOS 4 devices • • Ability to manage iOS 4.6 Platform Afaria 6. and clear device passcode.6 FP1? What’s New in Afaria 6.5 Feature Pack 1 Afaria 6.5 Feature Pack 2 Afaria 6. • • • • Afaria 6.6 Feature Pack 1 The Afaria 6.6 installation.

6 FP1 What’s New in Afaria 6.6 Platform Afaria 6. applications are a type of "portal package" Client-side interface for application packages • • Displays applications as grouped by administrator-defined categories User can browse list and launch installation Application deployment for Android devices • • New App Portal component for Android devices Manage application distribution and installation on Android devices • • • • Support for both enterprise applications and "Android Market" applications Applications are optional on end-user devices Assignments and distribution managed using Afaria policy and profile infrastructure. It introduced support for new platforms and client management enhancements. import.6 FP1.6 is integrated into Afaria 6. and manage iOS policies from within the policies and profiles infrastructure View client inventory in inventory data views Use system variables in iOS policies 13 . applications are a type of "portal package" Client-side interface for application packages • • Displays applications as grouped by administrator-defined categories User can browse list and launch installation Afaria Access Control for Microsoft Exchange The release adds new policy definitions for iOS clients Afaria 6.Getting to Know Afaria 6.6 FP1? • • Assignments and distribution managed using Afaria policy and profile infrastructure. iOS Device Management Console Integration • • • • Create and manage iOS devices in client data views Create.

2 devices without dependency on a Microsoft Exchange server Server Infrastructure Enhancements • Windows Server 2008 R2 (64-bit) support for these components: • • • • • • • • • • Afaria server Afaria Administrator Browsing workstation Access Control Utility OTA Deployment server OMA DM server SMS gateway iOS provisioning server Microsoft SQL Server 2008 support for the Afaria database Set up menu includes access to install programs for all server components Windows Mobile Device Management Improvements • • Updated user interface and improved navigation for the Afaria client on Windows Mobile Professional devices Windows Mobile Software Manager improvements: • • • Support for silent installations Soft reset after installation controls Control over CAB status after installation 14 .Getting to Know Afaria 6.2 device support Native device lock and wipe options for 2.6 FP1? Android Device Management • • • Afaria client to install on Android devices Expanded Configuration Manager support to include WiFi and password settings New Android licensable components: • • • • • Inventory Manager – hardware and software inventory License Manager – tracks software licenses Session Manager – limited event support for file manipulation and client messages Android 2.6 FP1 What’s New in Afaria 6.

6 FP1? • • • Package tracking & logging improvements Session Manager event to end a process Localization for Japanese language Roaming Controls • Roaming controls for Windows Mobile devices in Configuration Manager channel • • • • • • Disable data connections when roaming Disable email attachments when roaming Disable Afaria scheduled or client-initiated connections when roaming Disable IMAP and POP3 email when roaming Display message on device when entering or exiting roaming state Roaming controls for Symbian devices in Configuration Manager channel • • • Disable data connections when roaming Disable Afaria scheduled or client-initiated connections when roaming Display message on device when entering or exiting roaming state • New roaming monitor available for Windows Mobile and Symbian devices to trigger custom actions when roaming Other Client Management Updates • • OMA DM .6 FP1 What’s New in Afaria 6.6 FP1. • • • Integration with the Afaria management console Over-the-air provisioning of iOS devices Manage assignments of the following iOS configuration policies to devices: • Password formats 15 . modify them and create OMAformatted XML for deployment to devices Symbian devices – Session Manager set time event support Afaria 6.5 Feature Pack 1 The Afaria 6. It introduced support for managing iOS devices.Getting to Know Afaria 6.5 FP1 is integrated into Afaria 6.ability to import existing policy files (DDFs).

5 FP2 is integrated into Afaria 6. and iPad devices. It introduced fixed issues. iTouch. Enhanced iOS management capabilities • • • New remote wipe for iOS. 16 . Support for delivering signed and encrypted configuration policy files. hot fix rollups. providing the ability to block or allow ActiveSync requests with Exchange.6 FP1 What’s New in Afaria 6. Additional configuration policy distribution options: • • • • Support variables for user-specific data in configuration policies.6 FP1? • • • • • • • • • • • • • Restrictions on use of specific applications and device features WIFI settings VPN settings Email settings Exchange Server connection settings LDAP settings CalDAV settings Calendar Subscription settings Web clip configurations Credentials/certificates SCEP server location settings APN and proxy server settings Log data that tracks the provisioning of iOS devices and deployment of policies Afaria 6.Getting to Know Afaria 6. which triggers encrypted backups to the iTunes server. as managed using your enterprise Microsoft Exchange environment. Additional inventory and tracking data: • • Collect and display device serial number and operating system with device information. and new and enhanced functionality. New report to identify devices missing Exchange identifiers.6 FP1.5 Feature Pack 2 The Afaria 6. Option to display profiles on device after installation. New Exchange Access Control support for iOS devices.

each tenant's Exchange environment polls the Afaria server for a list of its devices and policies and keeps the list locally. Provisioning server installs on own server or Afaria Administrator server. For multitenant implementations. providing the ability to block or allow ActiveSync requests with Exchange.6 FP1? • • New wizard for importing multiple iOS device definitions from a CSV file. Enhanced Exchange Access Control • Support for Android. • • • • 17 . Provides the ability to block or allow ActiveSync requests with your enterprise Exchange environment. and Symbian devices. See Installing Afaria for Exchange Access Control architectural diagrams and discussion. as managed using your enterprise Microsoft Exchange environment. iOS. Enhanced iOS provisioning server scalable design: • • Support for multiple provisioning servers per farm. New Android Device Management • • • Remote wipe for Android devices. Exchange Access Control support for Android devices.Getting to Know Afaria 6. Wizard for importing multiple Android device definitions from a CSV file. in addition to the originally supported Windows Mobile devices.6 FP1 What’s New in Afaria 6. Define policies for unknown devices on a per-domain basis. Support for Microsoft Exchange Server 2010.

Getting to Know Afaria 6. The Server List page displays each server’s name. Server List When you click a server in the list. 18 . description. assigned roles. that server’s home status page opens.6 FP1 Server Access Server Access Afaria Administrator uses the Access Policies link to add and remove servers. as well as define users and security roles for those servers. and address.

Additional links let you stop and start the server. Home > Server status 19 .6 FP1 Server Status and Reports Server Status and Reports Use the home links to view the server’s status. Home: Server Status The Server Status page displays all of the client sessions that have occurred in the last 24 hours. as well as the allocated and used disk space for your server. current active alerts on your system. or navigate high-use items. compression cache. active client sessions. client deployment email notification messages and their related address books and distribution lists. as well as view and print reports. and differencing cache.Getting to Know Afaria 6.

Getting to Know Afaria 6. It displays all active client sessions in your system with supporting details concerning the client and connection activity. Home > Active sessions 20 .6 FP1 Server Status and Reports Home: Active Sessions The Active Sessions page provides a real-time monitor and a means for gauging the server’s current workload and performance.

Home > Alerts 21 . server components.6 FP1 Server Status and Reports Home: Alerts The Alerts page lets you view events that trigger alerts on your system so that you can acknowledge and resolve them quickly. Alerts notify you when some incident arises on your server.Getting to Know Afaria 6. or clients.

22 .6 FP1 Server Status and Reports Home: Reports The Reports page lets you access key system and activity data stored in the server database schema through predefined reports. or exported.Getting to Know Afaria 6. subtotals and totals. and can be viewed on screen. printed. Home > Reports Reports make it easy for you to monitor and analyze your Afaria server and Afaria client base. Each report provides filters. graphical data views.

Getting to Know Afaria 6.6 FP1

Server Status and Reports

Home: Client Deployment
The Client Deployment area allows you to manage tasks related to deploying clients over the air. Use the area to: • • • • Maintain your address book – Use the address book links to manage client addresses and distribution lists for deployment notifications, as well as to send client notifications. Maintain notification message templates – Message templates enable you predefine notification messages to use multiple times. Send notification messages – Send Over-the-Air (OTA) notifications as well as Open Mobile Alliance Client Provisioning (OMA CP) notifications. Configure a self-service portal – Access tools used to support your custom-developed, selfservice portal, as well as to manage network access points used for client deployment.

Home > Client deployment

23

Getting to Know Afaria 6.6 FP1

Server Configuration

Server Configuration
User Server Configuration links to set server properties, define schedules for the server, define client types, define alerts for your system, track corporate software licenses, and prepare Microsoft patches for deployment.

Properties: Communications
Use communication properties to configure parameters for communication sessions with your clients. These parameters include: • Bandwidth throttling – increase or decrease the communication rate throughout the course of a client session, allowing client users to run other network applications more effectively when they communicate with the Afaria server. Compression – add files to or view the cache of compressed files that are frequently sent to clients. This reduces connection time and improves system performance. Client communication – use the Client Communication page to define communicating with your Afaria clients including communication protocol, SSL certificate and key, and server address seed value for creating new clients. Differencing – maintain different versions of files that you frequently send to clients; the server sends only the updated bytes of each file in the differencing cache. Server identification – set or change the server’s friendly name, which is visible to some clients.

• •

• •

24

Getting to Know Afaria 6.6 FP1

Server Configuration

Properties: Servers
Use server properties to configure parameters for server information and behavior. These parameters include: • Contact – provide Channel Viewer users with information regarding the person to contact if they have questions with their client devices or encounter problems during a communication session with the server. Exchange Access Config – for the Afaria Access Control for Microsoft Exchange feature, the Exchange Access Config property page lets you define parameters for operating the ISAPI listener on the Afaria server. Failed session cleanup – control how the system handles failed communication sessions between clients and the server. License – view information about your system, including a list of licensed components and client types, the number of licensed sessions, expiration dates (if any), and a brief description of the license type. Logging policy – determine the global logging policy settings. All logs are enabled by default. Log cleanup – specify the cleanup time for the individual logs. OTA Deployment Center – establish settings for Afaria client and Afaria server communication with the OTA Deployment Center. SMS Gateway – define settings for an Afaria Short Message Service (SMS) gateway. Security – configure settings for security measures, including authentication, domain assignments, and client approval. If you are using LDAP for authentication and assignments, you can also enable and configure SSL for LDAP to increase security when you communicate with your Windows clients. SMTP – establish SMTP server settings for your Afaria-initiated, SMTP-based communications. User-defined fields – create new fields in your database tables related to the A_CLIENTS table and read from/write to these fields using the session worklist variables Set Database Field and Get Database Field used for writing to or reading from the database. Outbound notification – control the volume parameters for outbound notification sessions to keep the Afaria server from being overwhelmed with incoming sessions. Relay server – define settings for using a relay server for your Afaria operations. The relay server operates as a proxy for HTTP and HTTPS sessions between the Afaria server and its Afaria clients.

• •

• • • • •

• •

• •

25

and user authentication. client. Client authentication prevents rogue devices from running sessions with the server. Server authentication prevents a rogue server from intercepting communications between the client and the intended server. SSL encryption and user authentication – User authentication and assignments using LDAP directories include additional SSL security for client sessions.6 FP1 Server Configuration Additional Security Features Additional security features include server.These security features are subject to client type. • • 26 .Getting to Know Afaria 6. Client authentication – The server requests a certificate from the client during the communication handshake to verify that the client is trusted. • Server authentication – The client requests a certificate from the server during the communication handshake to verify that the server is trusted.

Document Manager – apply default location settings for your file selections and settings for alternate media sources. iOS Server – define properties for the Afaria iOS provisioning server and the certificate authority (CA) server. • • • • • 27 . Patch Manager – define the location for storing downloaded patches.Getting to Know Afaria 6. OMA DM – define the OMA DM server address properties that OMA DM clients need to communicate with the OMA DM server. and define the user-facing messages for outbound notifications. Exchange Access Policy – define a synchronization policy for your enterprise’s devices that use Microsoft Exchange ActiveSync to synchronize with your organization’s Microsoft Exchange server.6 FP1 Server Configuration Properties: Component Configuration Use component configuration properties to configure global settings for installed optional components. These parameters include: • • • • AV/Firewall – define the disposition of new client files or pattern files and identifies the date of the last update. Portal Package Server – use the Portal Package Server page to define configuration properties for the Afaria portal package server. iOS Notification – use the iOS Notification page to define the Apple Mobile Device Management (MDM) certificate and push notification service used for Afaria MDM control. Backup Manager – define the physical location for backup storage and define associated log and alert thresholds.

6 FP1 Server Configuration Server Configuration: Server Schedules Use the Server Schedules page to define a schedule for tasks you perform on a regular basis. such as updating channel content or distributing software. There are several predefined schedules that you can edit to meet your needs. Server configuration > Server schedules 28 .Getting to Know Afaria 6. so that these tasks run automatically at regular intervals.

channels are specific for one client type. processor. Use the client type attribute when you create channels. A single client type may contain one or more subtypes.6 FP1 Server Configuration Server Configuration: Client Types Client types group clients that share one or more of the same attributes for operating system.Getting to Know Afaria 6. Server configuration > Client types 29 . or service pack. The server is installed with predefined client types and it allows you to add new definitions.

6 FP1 Server Configuration Server Configuration: Alert Definitions Use the Alert definitions page to define and manage alerts and the events that trigger them on your server.Getting to Know Afaria 6. contact. threshold. A raised alerts count also displays on the Home Server status page. description. so that you can acknowledge and resolve it quickly. and state of the alerts you have defined on your system. threshold interval. 30 . Review alerts that are currently raised on the Home. or clients. Defined events – Displays the name. description. Alerts page. Defined contacts – Displays each contact’s name. server components. Alerts notify a contact when some incident arises on your server. Server configuration > Alert definitions Alert definitions include these property pages: • • • Defined alerts – Displays the name. and the component associated with the event system-defined and user-defined events on your system. and/or email address. pager.

31 . Size. software size is tracked on some client types and not others. installed and purchased. Server configuration > License compliance License Manager supports all versions of client operating systems that are supported by Inventory Manager.Getting to Know Afaria 6. For instance. Manufacturer. Application. all client types do not have exactly the same level of supported data. License compliance. however. Once you have defined these software licenses. You can define schedules that control license compliance processes. set license compliance event thresholds. the page displays data for client category. work with predefined and custom views in Data views. as well as print the various license compliance reports. # (number) Purchased. and any Notes you may add. Version. This page appears empty until you define software licenses in your database. Use the License compliance page to track software licenses. and how often users run specific applications.6 FP1 Server Configuration Server Configuration: License Compliance License compliance is a feature of License Manager. Effective and Expiration dates.

Patches are arranged in a tree hierarchy by product name for quick navigation and patch selection. You can also initiate patch downloads on demand from the Patch console or from Data Views > Client Patches page. A default server schedule runs nightly to synchronize the Patch Console page with Microsoft’s current data and download your selections. 32 . Select and download patches for deployment at your organization. Server configuration > Patch console Patch descriptions include links directly to the Microsoft download site.Getting to Know Afaria 6. You can apply properties to individual patches that define installation switches to use when the patch runs on a client and indicate whether to force a reboot after the patch installs.6 FP1 Server Configuration Server Configuration: Patch Console Use the Patch Console page to view current Microsoft patches.

• • • • • Administration > Policies and Profiles 33 . The Afaria administrator creates profiles to define the work to be performed.6 FP1 Client Management with Group Profiles Client Management with Group Profiles Use the Policies and Profiles area of Afaria Administrator to manage profiles. you can view profiles from any server. or some other supported action. Automated work – automated work executes without user interaction. you can define a profile to be eligible for all Afaria-supported device types.Getting to Know Afaria 6. you must be on the main server to create or edit profiles. In a server farm environment. Define monitor-action pairs to automate work. Profiles are made up of the following major components: • Client types – a client type filter defines the types of client devices that can use a profile. Assignments – assignments define the list of groups that receive a profile. The paired action may be to connect to an Afaria server to request a channel. Packages – portal packages let you deliver applications to clients. A monitor-action pair is a single schedule or other monitor paired with a single action. For example. Profiles are the primary mechanism for managing the work performed by groups of clients. However. or some combination of multiple device types. and then to associate that work with client device types or groups of clients. Create a list of allowed channels to define the work that the group is allowed to perform. to launch a program. only one device type. Allowed work – allowed work executes when it is requested by a client and is defined as allowed on the profile. Policies – profiles Profiles let you apply policies to groups that are enforced either continuously or according to a schedule.

the All Clients group is a dynamic group that includes every known client and its use simplifies assigning a work profile to all clients LDAP groups and organizational units Local user groups Domain user groups Client Actions Use the Client Actions tab to define monitor-action pairs. you can automate tasks on a client each time the schedule or monitor fires.Getting to Know Afaria 6. Similarly.6 FP1 Client Management with Group Profiles Assignments The Assignments area lets you assign a work profile to specific groups. 34 . then by the Assignments properties. Monitors detect specific events at a client or run as schedules. When monitors or schedules are paired with actions. each client must meet any channel-level requirements to be able to run the channels contained in the work profile. While groups’ clients may receive a work profile. and affect automation as a result. Afaria supports the following types of client groups: • • • • • Afaria client groups Afaria built-in group “All Clients”. Eligible action types include: • • • • Log event only Execute program Run channel Run script Allowed Channels Use Allowed Channels tab to manage the channels and channel sets that a profile’s assigned groups are allowed to run. Clients request channels in a variety of ways: • Scheduled connection – A client makes a scheduled connection after its schedule monitor prompts its associated run channel action to execute. Each monitor-action pair requires one monitor and one action type. a client receives monitor-action pair definitions from the client actions list only when the client type supports the monitor type. Groups are first filtered by the work profile’s client types attribute.

Policy types include: • • • Application Control – Lets you control which applications your device users can execute. Default channel – A client’s Afaria configuration settings do not define any channel when the client is connecting. Packages let you deliver applications to your clients. OMA DM – Open Mobile Alliance (OMA) Device Management (DM) policies are settings and actions for Afaria OMA DM clients that are based on DM objects. A list of packages is available on the Afaria agent at the client. API client – A client runs a session using the channel’s name as the channel parameter. and can block incoming phone calls and SMS messages from defined sources. Policies are collections of settings and tasks to define and enforce on your clients. Windows client or handheld client – Client opens the channel’s parameter file (. as defined by a monitor-action pair that used a connection monitor to detect an active connection. Antivirus/Firewall – Lets you provide antivirus and firewall security for your devices. Monitor-action pair – A run channel action executes. 35 . The policy’s content—OMA DM objects—is applied at the client according to each device’s OMA DM implementation. Policies Use the Policies tab to manage policy deployment. Users can browse the list and select packages.6 FP1 Client Management with Group Profiles • • • • • Windows client with Channel Viewer – A user selects the channel’s name in the Channel Viewer application and issues the connect command. as defined by OMA.XEC).Getting to Know Afaria 6. Portal Packages Use the Portal Packages tab to review and manage the profile’s portal packages.

36 . The list of members does not change unless you edit it. Static groups – Membership always reflects only the members you select from the list of all client views.6 FP1 Client Groups Client Groups The Client Groups page lets you manage groups of clients that function similar to Windows NT and LDAP groups. Instead of containing users as members. • • Dynamic groups – Membership changes to always reflect the custom views you create in Data views. Administration > Client groups Types of client groups. Client groups contain client devices.Getting to Know Afaria 6. Clients and Inventory.

6 FP1 Monitors Monitors Use the Monitors page to manage schedules and device monitors to deploy to your Afaria clients. Pair your monitors with an action on a profile to automate work on a client device. When the monitored condition or event occurs. battery capacity. For example. as well as memory usage. feature availability depends on client type features and platform support. You create monitors on the server and deploy them to clients as part of a group profile. the predefined action is taken automatically. you can create a schedule monitor to detect when the last Friday of the month occurs. Additional events you can monitor on Afaria clients include changes to files and directories in the file system. device monitors may function differently between client types. 37 . Select a folder or monitor in the left pane to view it in the right pane.Getting to Know Afaria 6. Although device monitors are not device-specific. Administration > Monitors The system-defined folders in the Monitors column—All and By Type—organize your event monitors. processes starting and stopping. and then take some type of predefined action. For this reason.

or execute other behaviors on a client. Channels may change device settings.Getting to Know Afaria 6. 38 . pull content from a client. Administration > Channel Administration The tree structure lets you organize your channels by your Afaria server. Data Security Manager. push content out to a client. Document Manager.6 FP1 Channels Channels Channels are sets of tasks and instructions that an Afaria client runs when it connects to an Afaria server. Channels types are specialized by component. as well as any number of folders you wish to create beneath the server. such as Configuration Manager. You can also import and export channels to and from other Afaria servers in your system. Use the Channel Administration area to manage channels and channel sets. and others.

or recover files that are different than those from which they were originally restored (Full Restore). Backup Manager you can change the default location for backed up information. Restore – Restore lets you selectively recover files that you specify on a per client basis (Selective Restore). folders. reducing the time required to back up changed files.Getting to Know Afaria 6. Backup you can determine the number of days after a specified date when all backed up items are deleted. and Windows Mobile clients you can back up data files and databases when these clients connect to the server. Properties. Windows Mobile Professional (including Windows CE). and applications to a specific folder structure on the corporate network. Symbian. Data backup – For Palm. file differencing detects. Symbian. Clean up backed up items – In Data views. It uses Session Manager’s Get Files from Client event to retrieve the designated backup sets. 39 . Windows. and sends only bytelevel file differences to the server. Change the backup location and set thresholds – In Server Configuration. • File differencing – For Windows clients. as well as set thresholds for backed up items space usage.6 FP1 Channels Backup Manager Use Backup Manager to back up and restore large quantities of data from specified files. Backup channels can be scheduled to run on a regular basis. Schedules – For Windows and Windows Mobile clients. extracts. Supported client types – Palm. Windows Mobile Standard Create backup and restore channels: • Backup – Backup channels let you specify the folder and file names to back up on the client computer.

email service use. APN.6 FP1 Channels Configuration Manager Use Configuration Manager to remotely configure devices that are deployed to your mobile workforce. login scripts. Synchronization activity – define the behaviors for synchronization using settings that define synchronization profiles. Device security – establish and enforce your device security policy using security settings that include password controls. application data storage. SMS messaging. Subsequent to the session. the device holder may be able to change the settings. and encryption options. Subsequent to the session. the device holder may be able to change the settings.Getting to Know Afaria 6. and settings. • • • Connectivity – configure a variety of connectivity settings for WiFi. Features are subject to client type. Subsequent to the session. security time-outs. Configuration and enforcement – affect device settings either during an Afaria session or when a device enters a defined state. and phone use. Device application and feature controls – control the applications and features that your devices support using application settings related to application downloads. device to device messaging. PIM and non-PIM application synchronization behavior. Configuration Manager offers features that are: • • Subject to client type. You can create channels to specify particular attributes. preferences. WAP proxy. browser controls. Email controls – define settings that route email traffic to defined email servers. VPN. and create restrictions for message and attachment sizes. Configuration Features Configuration features affect device settings during an Afaria session. dial up. access points. and resolve synchronization conflicts. Custom XML provisioning – configuration Manager includes a custom provisioning page for Windows Mobile Professional and Windows Mobile Standard clients. and service provider. based on the nature of the settings. provide passwords. • • • 40 . Bluetooth. This custom provisioning feature provides a method for you to configure even the newest devices as they hit the market. proxy. configured setting cannot be changed by the user. Either for configuration or configuration and enforcement. The custom page allows you to use the Open Mobile Alliance’s (OMA) Client Provisioning standards to compose provisioning XML scripts that you can deliver to your devices. • • Configuration – affect device settings during an Afaria session. Use the custom feature to configure settings that are not available on the Configuration Manager Channel Editor. identify email.

Getting to Know Afaria 6. based on the nature of the settings. and the use of external data cards. limit. Windows Mobile Update – control how software and security updates issued by Microsoft are applied to the device. or disable the usage of hardware ports on devices. data transfer methods.6 FP1 Channels Configuration and Enforcement Features Configuration and enforcement features affect device settings either during an Afaria session or when a device enters a defined state. • Port Control – enable. By regulating the use of hardware ports. Features are subject to client type. you can enforce the availability of key device features. such as Bluetooth connectivity. Roaming controls – define settings to affect when a device enters a roaming state. configured setting cannot be changed by the user. • • 41 . Subsequent to the session.

thereby protecting device data and all device applications from unauthorized access. Administrator password – Allows you to implement an administrator password on the client.Getting to Know Afaria 6. Automatic lock – Data Security Manager locks the device after a defined period of inactivity. Client users configure secret questions and answers. Data Security Manager’s implementation accommodates many different screen resolutions. Windows Mobile Standard. Remote-based recovery requires Afaria administrator assistance. The password is required to use the device. Symbian. including when the device enters a lock down state with the user password disabled. Supported client types – Windows Mobile Professional (excluding Windows CE). Symbian. Windows Mobile Standard. You can use the administrator password to access the user interface at any time. security action against excessive password retry attempts. Device-based recovery – Provides password recovery on the device without the need for Afaria administrator assistance. administrator. You can use the recovery password to access the user interface any time that the device is locked. Remote-based recovery – Allows you to issue a temporary recovery password for a client user that has control of the device but has forgotten the password. • 42 .6 FP1 Channels Data Security Manager for Handheld Clients Data Security Manager lets you establish security policies for Afaria clients. Data Security Manager offers flexible password criteria so that you can define a device password that meets your enterprise’s password strength requirements. Use of this recovery method on the device can be enabled or disabled. Users must supply a valid user. encrypting sensitive data. This locked state provides protection against unauthorized users attempting to gain access to a device’s applications and data. Data Security Manager implements the following password features: • Power-on password – Allows you to enforce password use at the client. or temporary recovery password to unlock the device. which must be answered correctly on the device prior to resetting a forgotten device password. The password is also used to verify authorization for device state changes such as the insertion of a data card or an attempt to use desktop synchronization tools. and sizes. • • • • • Manual lock – Allows a device user to force the device into a locked state without waiting for an automatic lock to engage. Features are subject to client type and include: • Device support – Supports a diverse set of Windows Mobile Professional. Password options – Allows you to establish a password policy for locking the device to restrict user access. orientations. and for security action against absentee devices. Palm Features Data Security Manager allows you to manage client security. and Palm devices. Security policies for handheld clients can include a policy for protecting against unauthorized user access.

or have obsolete data that may put business-critical operations at risk of error. You use a channel editor to select personal information management (PIM) and other data to encrypt. and hard resetting the device to its default state. SIM lock down policy – Allows you to establish a policy for security action against a device with a SIM card that is changed or missing. Data encryption is protection against intruders who use advanced techniques to bypass the user interface and access the data directly. This lock down state is protection against the possibility that a device that does not connect in a timely manner has an unknown status. enables your users to receive ongoing email and PIM update notifications. including the password prompt text and the password screen graphic. deleting data. deleting data. or who gain control of removable media that contains sensitive data. Email and personal information management (PIM) application compatibility – Integration with your iAnywhere Mobile Office client. Password lock down policy – Allows you to establish a password lock down policy for security action against excessive password retry attempts. Emergency call support – Allows users to make emergency phone calls while the device is in a locked state. You may choose your preferred encryption algorithms for Afaria to use for encrypting data. Lock down action options include disabling a user password. You define an action to take when locking the device in response to a client device failing to establish a connection within a defined period of time. This lock down state is protection against unintended users attempting to guess the user password to gain access to a device’s applications and data. Connection lock down policy – Allows you to establish a connection policy for security action against absentee devices. • • • • • • 43 . The device may be in the hands of unintended users attempting to gain access to device applications and data. Lock down action options include disabling a user password. and hard resetting the device to its default state. or similar solutions. Lock down action options include disabling a user password. Afaria supports receiving Short Message Service (SMS) and Hypertext Transfer Protocol (HTTP) notifications. This lock down state is protection against the possibility that a device that does not have a proper SIM card. including Federal Information Processing Standards-certified (FIPS) Advanced Encryption Standard (AES) encryption algorithms. The device may be in the hands of unintended users attempting to gain access to device applications and data. You define an action to take when locking the device in response to a defined number of user password failures. and hard resetting the device to its default state. You may also allow Windows Mobile Professional and Palm users to select data for encryption on their devices.Getting to Know Afaria 6. Microsoft Exchange push email client. including notifications received while the device is in a locked state. You can define the security policy for the locked state to allow other outgoing phone calls as well. deleting data. You can define an action to take when locking the device in response to a SIM card that is changed or missing.6 FP1 Channels • Data encryption – Allows you to establish an encryption policy for encrypting sensitive data located on the device or on any of the device’s external data storage cards. Custom user interface – Allows you to customize several elements of the user interface that your users encounter when they use Data Security Manager.

• • • • 44 . Log entries and registered events – Afaria records Data Security Manager events during event logging.Getting to Know Afaria 6. You can examine occurrences of Data Security Manager events in the Messages log. or some other circumstance which prevents the original client from decrypting the files.6 FP1 Channels • Global Positioning System (GPS) service application compatibility – Afaria includes a policy setting for organizations that run GPS applications on their handheld devices. Users have access to the GPS application without the device automatically locking. Server-side decryption utility – Allows you run the File Decryption Utility program on the Afaria server to decrypt external card files encrypted by Afaria Data Security Manager clients. You can also define alerts that monitor specific Data Security Manager events. uninstalling the client. Data Security Manager client uninstall channel – Allows you to uninstall Data Security Manager from your Afaria client. Client Password Unchanged – Identifies any clients that have not had their passwords changed. This is particularly useful if encrypted files become orphaned due to the device experiencing a hard reset. Users may engage the manual lock at any time. Data Security Manager reports – Data Security Manager includes the following predefined reports that you can view and print: • • • • Client Lock Down Detail – Identifies any clients that have entered a lock down state. The uninstall process decrypts any associated data on the device or on an inserted external data card. Client Password Changed – Identifies any clients that have had their passwords changed. Administrator Password Detail – Identifies any clients that have been unlocked using the administrator password. Enabling the feature keeps the user interface on and the device unlocked while the GPS radio is active.

Data is automatically decrypted and reencrypted during subsequent user sessions as required. • • 45 .6 FP1 Channels Data Security Manager for Windows Clients Afaria Data Security Manager clients is an encryption solution that lets you define and implement a security policy for Afaria Windows clients. Boot-time authentication – Boot-time authentication prompts for and authenticates user credentials before the operating system loads and when returning from hibernation. Features The security manager provides layers of security: full-disk encryption. without interrupting normal application operations.Getting to Know Afaria 6. • Full-disk encryption – The full-disk encryption feature uses the AES encryption algorithm to transparently encrypt a computer's hard disks. Challenge-response recovery – The challenge-response recovery process is a secure mechanism that allows for an authorized user to regain control of a computer from a state of denied access after having accidentally entered the wrong password too many times. encounters encrypted data that is unintelligible without the encryption key. and challenge-response recovery. Anyone making direct access to the hard drive. boot-time authentication. without using the authentication process.

For example. but show only the main file in the list of documents. When you first add a file to a Document Manager channel. You can define channels to “push” content to connected client users. you can create channels using external media sources such as CD-ROMs. By making the graphic files dependent upon the main HTML file. The. Supported client types – Palm. Afaria automatically runs channel refresh using the settings you specify through global settings. Windows Mobile Standard Document Manager lets you: • • • • Cost-effectively deliver and automatically update important documents Ensure end-users have access to the most up-to-date information and are automatically notified of updates Decrease the time users spend navigating through the LAN.Getting to Know Afaria 6. You can initially distribute • • • 46 . By hiding the dependent files.jpg files are required to display the HTML file correctly. you can quickly refresh channel data at any time with the click of a button.jpg files automatically when receiving the subscribed HTML file. Internet.6 FP1 Channels Document Manager Document Manager lets you publish groups of documents for client users to access. Windows Mobile Professional. Windows. you can send a group of dependent files. Using hidden file support. Hidden file support – You can hide selected files included in a Document Manager channel. bitmaps. Document Manager channels can include text files. you may want to distribute an HTML page that includes. For example. or you can allow users to decide whether they want to subscribe. External media support – For Windows client Channel Viewer users. you permit the user to access the main document but not individual graphic files. it copies the current version of the file from the source and updates the temporary area. Channel refresh – You can use channel refresh to ensure your channel files are consistent with original source files. The dependent files are delivered to the client when the user subscribes to the document. or intranet for pertinent information Reduce the total cost of ownership associated with managing content Features Document Manager has several features that help manage documents for client use. HTML files. an HTML page (main file) may include graphics (dependent files) the user does not need to view separately. These features include: • Dependent file support – Document Manager channels can include dependent files associated with a main file. When Afaria refreshes channel data. and more. Afaria makes a copy of the file and places the copy in the temporary area.jpg graphic files. In Document Manager. the user receives the dependent .

6 FP1 Channels information to your users on a CD or disk and then periodically deliver updated files via “normal” Document Manager channels. 47 . Byte-level file differencing – When Afaria clients request a file that already exists on their system.Getting to Know Afaria 6. The Document Manager channels you create can contain both server-based files and external files. resulting in reduced connection times and improved system performance. • • Channel export – You can export a selected Document Manager channel to a single designated file. Afaria detects the differences between the file at the client and the source file on the server and sends only the differences.

6 FP1 Channels Inventory Manager The Inventory Manager lets you centralize the monitoring and reporting of hardware and software resources installed on your clients. If a DMI Agent is enabled at the client. During client inventory scans. Network Adapters. Palm. or Video. and more. 48 . Scans can run at the client during a connection with the server. Supported client types – BlackBerry. Built-in error checking ensures that data is always complete. OS Drivers and Services. Symbian. or other administrative tasks. rather than from the beginning. immediately after the connection with the server. Keyboard. such as additional data about the BIOS. Inventory Manager silently detects installed hardware and software on the client during the connection or while the client is disconnected. Inventory Manager reduces the amount of data that is transferred from Windows client devices to the Afaria server by transmitting only data that has changed from a previous inventory scan.0. language that displays on the device. Inventory Manager collects and reports DMI-compliant hardware or software inventory located on the system. processor type. Windows Mobile Professional (including Windows CE). System. operating system installed. or on specific dates and times. Efficient inventory scanning and collection – Inventory Manager is specifically designed to work efficiently in the remote and mobile environment where connections are intermittent and unreliable. Support for DMI standards – Inventory Manager supports Desktop Management Interface (DMI) 2.Getting to Know Afaria 6. Checkpoint restart is used to resume failed transfers at the point of failure. Windows. which is the Distributed Management Task Force (DMTF) industry standard specifications supported by major hardware and software manufacturers. Windows Mobile Standard Features Inventory Manager offers several features that help you manage your hardware and software. troubleshooting. File compression ensures inventory collection sessions are efficient and quick. Features include: • Automatic scanning and reporting – Inventory Manager automatically scans and retrieves detailed hardware and software inventory data from remote computing devices. Inventory Manager can collect more detailed client information. The DMI Agent—provided by the computer manufacturer—is a system-specific executable file that scans inventory information. battery amount remaining. These features are subject to client type. but includes commercial software usage. • • • • Inventory scheduling options for Windows clients – You can schedule inventory scanning to take place offline. Delta scans – Windows clients only. Data retrieved is dependent upon the client type. You’ll find this information beneficial prior to performing hardware and software updates. lowering communications time and cost. amount of memory. Motherboard.

Getting to Know Afaria 6. Inventory allows you to view configuration files on a per-client basis. query. Once set. You can view clients with inventory changes in the right pane of Inventory view and via the clients view right pane shortcut menu.6 FP1 Channels • Data storage in the Afaria database – Inventory scan results are maintained in the Afaria database. Data views. Configuration information for Windows clients – During sessions. and report on client inventory data. Inventory. all inventory-scanning results are automatically transferred to the database server. you can view those clients that have detected inventory changes. and acknowledge that you’ve seen those changes. Client change detection – Using the Change detection views folder in Data views. you can choose inventory attributes to monitor on a selected client type. allowing you to use existing database infrastructure and tools to access. • • 49 .

Impersonation – Supply impersonation credentials for an account with local administration privileges. When you select a product in the left pane. Install properties include the following items: • • Reboot mode – Choose the reboot behavior for the client computer after the patch installs. Delivery properties include the following items: 50 .Getting to Know Afaria 6. Supported client types – Windows Administration > Channel Administration > Patch Manager channel > Edit The channel editor provides access to channels you to set and control for installing the patches and delivering patch content. the patches associated with that product appear in the top half of the right pane. A new Patch Manager channel launches the channel editor with the same view as the Server Configuration Patch console page. Supplying these credentials allows you to ensure that the channel's patches can run with local administrator rights. Use the list’s check boxes to change an selections.6 FP1 Channels Patch Manager Use the Patch Manager Channel Editor to view and edit channel properties. except it is filtered to include only those patches you have selected and saved in the Patch Console page.

51 . Bandwidth throttle – Override the bandwidth configuration settings that you defined on the Bandwidth Throttling page.Getting to Know Afaria 6.6 FP1 Channels • • Segment delivery – Apply segment delivery time allowance or segment file size criteria to channel content delivery to ensure that patch delivery does not overload your network.

6 FP1 Channels Server Listing Server Listing uses the client Channel Viewer to define the name. Supported client types – Windows 52 . allowing the user to receive content without subscribing to the channel. When the client connects to your server. address. and description of each server in the channel list.Getting to Know Afaria 6. the Server Listing channel content is automatically sent to the client.

while the other channels are contained within a separate folder. you can specify event-specific information in a referenced file rather • 53 . Worklists and sendlists are the fundamental units of activity for all work on and between the server and clients. These features include: • Simple session channel editing – The Session Manager Channel Editor displays all of your Session Manager channels.6 FP1 Channels Session Manager Use Session Manager to automate electronic file distribution. Get File from Client. Send File to Client. and system registry management tasks. file and directory management. Supported client types – All Afaria clients Object’s event list Complete event list Current worklist or sendlist object Features The Session Manager offers several features that help distribute and manage files. You can position the moveable Session variables selector box where it’s most convenient for you. Session Manager channels are composed of worklists and sendlists that you create to meet your specific needs. Session Manager channels include properties for fault tolerance. Using indirect file support.Getting to Know Afaria 6. Use Data Views. Logs to view client session activity and file transfer information. notifications. The selected channel appears at the top of the structure. worklists. and sendlists in a tree structure so you can visually organize your channels and their components. Indirect file support – Session Manager supports indirect files for Message. and Set Variable events. Notify Program. Insert Worklist.

Use variables in events – Variables in events are placeholders for different event parameters. Optimize event execution – You can fine-tune worklists and sendlists to increase resource efficiency and decrease session completion time by pre-processing tasks that can be performed on the client by the client before a session begins. • Worklist. a wildcard references files or directories as a group. Assign objects to your channel – When you create a new worklist or sendlist. environment variables. Variables available include predefined variables. Use wildcards in events – Wildcards are reserved characters that perform a task on multiple files with similar names or extensions. sendlist. Instead of individually selecting many files and directories. • • • • • 54 . You may want to disable items and keep them disabled until they’re fully defined and ready to be executed. or event is available for execution. userdefined variables. Control object display – Assignments for object view lets you control the display of worklist and sendlist objects that reside in the channel by selecting the respective option from the View drop-down list.Getting to Know Afaria 6. sendlists only. Display items from which you can choose include all worklist and sendlist objects. or worklists only. Session Manager automatically assigns it to your channel. and event availability – You can specify when a worklist.6 FP1 Channels than directly embedding it in an event. sendlist. and variable modifiers. which lets you update the indirect file without having to update the actual event. Session Manager replaces the variable placeholders with the appropriate information when the event executes. but you can also assign it to any worklist and sendlist object that resides in any other channel.

Depending upon the client type. start installations automatically. and more. installation runs from a temporary location on the client. instruct Software Manager to send only differences of a specific file or a collection of files. include a guidance file for Windows client setup-based installations. include file shortcuts for Windows client non-setup-based installations. choose how the installation makes programs available. Installation process – Software Manager includes specific options for controlling installations so that you can give as little or as much control as needed to your client users. Deliver package files to the client—“local-based” installation—is used for users wishing to install offline. Package tracking to see client software package information. Supported client types – Palm. These features include: • Installation type – Software Manager provides two types of installations at the Windows client. provide command line arguments to add parameters to the channel installation settings. you can specify what to install. You can push software packages to your clients after they initiate a connection to ensure that users have the latest software. Use Data Views. Non-Setup based installations are used for applications that have no installation program and are distributed as a custom application or a collection of files. Windows Mobile Standard Features Software Manager offers several features that help you distribute and install application on Afaria clients. • • • 55 . view file properties. This option sends the package files to the client machine.6 FP1 Channels Software Manager Use Software Manager to distribute and install commercial or custom-built software applications on Afaria clients. force an installation target directory. Run installation from a LAN location—“LAN-based” installations—is used for networked users. Software Manager channels include properties for fault tolerance and incremental changes. Setup based installations are used for applications that provide their own installation program to perform file copy and system update operations. Windows.Getting to Know Afaria 6. and more. Software Manager provides the installation services to the client. Symbian. Channel file/folder – You can add and remove installation/non-installation files. define filelevel target destinations. or you can let client users subscribe to channels so that they install only the software they need. This option runs the installation using channel contents that reside on a LAN location. Windows Mobile Professional (including Windows CE). In these channels. determine how much of the installation the client should display. Deployment method – Software Manager provides two methods of channel deployment at the Windows client.

You can also activate a Channel Viewer icon or a link on a Web page to let client users uninstall channels. Criteria are checked twice at the client: before software delivery so that the channel is sent only to clients that meet or exceed the criteria. Advanced features – Depending upon the client type.Getting to Know Afaria 6. execute published Session Manager channels. and more for your Windows and Windows Mobile clients. Successful installation – Software Manager reports the success/failure of the distribution and installation of Setup based software applications back to the server. after which criteria are no longer met. and prior to installation to cover situations in which software is received but not immediately installed. Uninstall – You can uninstall a software channel at the Windows client if it was initially delivered and installed using Software Manager. • • • • • • 56 . and uninstall from a Web browser by including the channel in a channel set and incorporating the automatically-generated HTML code onto a Web page. Segmented channel transfer – Software Manager lets you transmit large Windows client channels efficiently by splitting channel content into sections based on delivery time or size. Subsequent sessions with the client transmit remaining sections. as well as valid install dates and time frames for Windows client channels. file/registry key. channel transmission stops. Criteria checking – Software Manager supports channel criteria requirements such as hard disk space. When the limit that you define is met. clean up. Browser delivery – Software Manager lets you create channels that your Windows client users can install. check for minimum device RAM. Software Manager lets you create user defined fields. map source share points to target share points for Windows client remote LAN based channels.6 FP1 Channels • Delivery and installation time frame – Software Manager lets you determine the daily time period during which channels can be delivered to clients. Software Manager also lets you define special administrator user rights to elevated privileges in order to complete tasks on Windows clients. and include pre/post delivery/installation options. operating system/service pack.

through the profile.6 FP1 Channels Channel Availability for Clients Afaria provides several channel-level features that enable you to control how channels run at the Afaria client. human resources documents. you can also associate a channel with a monitor. Secure Channels and Channel Information Enhance the security of your channels and channel content. Create Channel Sets Assemble multiple channels in a channel set. instead. Group profiles are the vehicles for distributing channel and channel set tasks to client devices. You can also automatically delete a channel when a project is over or set a channel to update itself automatically. When clients connect. 57 . associate them with work profiles. Publish Channels Publish individual channels when they are ready to be used by clients. You can publish channels. and define security settings for individual channels. For Afaria clients to have access to channels or channel sets. Channel publication is the first step toward making a channel available to clients. which lets you base channel execution on a schedule and/or a monitored event or condition. • Encrypt channel for all clients – encrypts all information in transit so that it can’t be viewed by unauthorized users. You can create a schedule in the work profile to run at the end of each quarter a channel set containing accounting updates. you control how and in what order channels execute at the client. as well as restricting channels to authorized users.Getting to Know Afaria 6. create channel sets. all of the channels in the set execute automatically in the set order. Channel sets don’t appear at the client. For example. and new audit software you need clients to use. Set Automatic Channel Actions Set options for automatic actions. you may have several clients who need both accounting and human resources information updated every quarter. The channel set executes the collection of channels automatically in a set order when clients connect. or you can set a time for a channel to unpublish itself automatically after the information is no longer valid. You can create a channel ahead of time and set it to publish automatically.

58 . channels and channel sets are components in the profile’s definition.Getting to Know Afaria 6. Include channels and channel sets with profiles. either via a profile’s Client actions list. or both in some cases in order to associate them with Afaria Clients. or its allowed channels list. Password required – requires Windows client users to enter the correct password before accessing the channel or folder in the Channel Viewer application. See “Client Management with Group Profiles” on page 33.6 FP1 Channels • • Authenticate user – verities the identity of clients attempting to connect to the channel before making channel contents available to the user. Group Profiles and Channels Profiles are the vehicles for distributing channel and channel set tasks to client devices.

Exported channels are independent from their source server. sharing a single Afaria database. and a command line utility. the target server may create and manage channels additional to those replicated from the source server. Import and Export Channels You can import and export channels from one server to another server that are not in a server farm relationship with each other. In the farm relationship. The product includes an import/export wizard. to import and export using the user interface. the server retains no further control over the channels. A main-to-farm relationship is one in which the source and target servers operate as a single Afaria entity.Getting to Know Afaria 6. Channels are replicated from the source server to the target servers in a read-only state. Once an Afaria Server exports channels. In the context of replication.6 FP1 Channels Channel Availability for Servers Afaria provides two features that let you make channels available to other servers within your Afaria system: import/export and replication. Replication differs from importing and exporting channels. the server takes complete ownership of the channels and is able to exercise any channel management tasks over them. the target servers are not able to create any channels on their own. This differs from replication. After exported channels are imported into another server. managing server is referred to as the source server and the other servers are referred to as the target servers. in that replicated channels are read-only channels that you can edit only at the source server. When an Afaria Server imports channels. A peer-to-peer relationship is one in which the source and target servers operate as separate Afaria entities. the single. In the peer-to-peer relationship. they are subject to any editing tasks the administrator wants to exercise. to import and export from a command line. Replication Replication lets you use a single Afaria server to manage channels for one or more other Afaria servers. 59 . each using their own Afaria database. The source server may be in a main-to-farm relationship or a peer-to-peer relationship with the target servers.

Policy Category – Antivirus/Firewall Antivirus Firewall (AV/F) policies allow you to control and provide security for your device. Controlling these settings is often critical to device management. or both. Policies are placed on the document server as part of a group profile and are passed to connected clients. Symbian. It is a reference for your use when defining policies. Policies let you create focused collections of tasks and actions to define and enforce on your clients. and restrict calls and SMS messages to a device. as they may control sensitive areas of device functionality.Getting to Know Afaria 6. Supported client types – Windows Mobile Professional and Windows Mobile Standard The policies manage different types of applications: • • • Embedded applications – Applications that come preinstalled on the device. 60 . Installed applications – Applications that are installed on your device after purchase. Windows Mobile Standard Antivirus Firewall policies include the following policy types: • • • Antivirus policy – Protect and safeguard devices from viruses. block incoming SMS messages.6 FP1 Policies Policies Use the Policies area of Afaria Administrator to define and manage policies. as queried by a client-side agent and reported back to the server. Supported client types – Windows Mobile Professional. Settings menu applications – Applications that are available on the device’s Settings menu. Policy Category – Application Control Application control policies let you control which applications your device users can execute. The library is a list of applications that are on your client devices. Firewall policy – Establish a firewall for each device to guarantee its integrity. Call Filtering policy – Block incoming calls. Policy management compiles a client application library.

MfE is also used to create an MfE profile if one does not exist. • • • • 61 .openmobilealliance. Trusted relationships let you initiate a client connection to the OMA DM server without prompting for user interaction. and branching to out-of-sequence tasks. www. model. passwords. OMA DM policies may include one or more of the following OMA DM tasks: • Trust – Establish a trusted relationship between the client and the OMA DM server. Policy definitions are consistent with the Apple iPhone Configuration Utility definitions. Policies include these and additional types: • • • • • • Passcode Restrictions WiFi Credentials Simple Certificate Enrollment Protocol (SCEP) Exchange ActiveSync Policy Category – OMA DM Open Mobile Alliance (OMA) Device Management (DM) policies are settings and actions for Afaria OMA DM Clients that are based on DM objects. Objects – create a set of object operations based on a set of Device Description Files (DDF) for a single manufacturer. Session Control – Allow the user to control subsequent tasks in the same policy by setting and interrogating variables. Mail for Exchange (MfE) – Initialize or change the settings for the Mail for Exchange client. and email. Device configuration policies are supported on iOS client types.org and search for the Device Management workgroup. or version. The policy’s content—OMA DM objects—is applied at the client according to each device’s OMA DM implementation. To learn more about OMA DM. The settings and actions that you define using the Afaria OMA DM policy editor are formulated into OMA-DM-compliant message that the Afaria OMA DM server delivers to the client during connections with the client.6 FP1 Policies Policy Category – Device Configuration Afaria device configuration policies let you manage device settings for items such as WiFi. Access Point (AP) – Configure an access point for network connectivity. as defined by OMA. visit the Open Mobile Alliance’s Web site.Getting to Know Afaria 6.

Terminal Security – Allow a trusted OMA DM server to perform additional terminal security activities. update. or remove software applications at the client.Getting to Know Afaria 6. Lock. Unlock. Session Initiation Protocol (SIP) – Configure profiles for multimedia communication sessions. VoiceOverIP – Configure clients to use Internet telephony. 62 . such as Wipe. on a device. Free-form – Use custom XML to define actions on a device-supported OMA DM object. such as Internet calls with one or more participants.6 FP1 Policies • • • • • • Skinny Client Control Protocol (SCCP) – Configure clients to use the Intellisync Call Connect application with the Cisco Unified Communications Manager product. Software Configuration Management (SCM) – Install. and Reboot.

Users can browse the list and install packages. Package Category – Application Application packages let you manage applications for your iOS and Android clients. Users can browse the list and install applications. Packages let you manage applications for your iOS and Android clients. Packages can include these types of applications: • • • • iOS enterprise – as developed by your organization and delivered from the Afaria Portal Package server iOS App Store – as delivered from the Apple App Store Android enterprise – as developed by your organization and delivered from the Afaria Portal Package server Android Market – as delivered from the Google Android Market 63 .6 FP1 Portal Packages Portal Packages Use the Portal Packages area of Afaria Administrator to define and manage packages. Application management creates a list of applications on the Afaria agent installed on the device and categories to group the applications.Getting to Know Afaria 6. A list of packages is available on the Afaria agent at the client.

Filter Afaria Administrator pages to contain results only for a specific tenant. Manage operations and assets. Features Tenant features let you take actions to maintain clients and assets for multiple tenants. Monitor operations and review data across all tenants. Multitenancy is the state of an Afaria installation that has the tenant features enabled.6 FP1 Tenants and Multitenancy Tenants and Multitenancy Multitenancy is a separately licensed product feature that allows hosting providers to manage multiple enterprises from a single Afaria implementation. Assets include nonclient items that support operations and profiles. Use product APIs and Web services to create your own Web portal for tenant administrators or tenant users to provide access to tenant-specific information. with each customer or division assigned to a different tenant identity. For example. Assign Afaria Administrator users to roles that define which tenants they can administer. for a specific tenant. Tenant features let you maintain clients and assets for multiple tenants. 64 . such as policies and channels. you may want to operate your Afaria installation as a hosting environment to multiple customers or multiple enterprise divisions. Add new clients for a tenant. A tenant is an entity defined within the Afaria environment that is associated with a subset of the client base and its related operations and assets. These actions include: • • • • • • • • • Add tenants.Getting to Know Afaria 6. and review data. Move a client from one tenant to another. Use the system tenant as an entity for creating assets to share with all tenants.

Based on client type and your environment. a network. 65 .6 FP1 Clients in Afaria Clients in Afaria The Create Client Installation program is a wizard that guides you through creating a client setup file. Start > Programs > Afaria > Afaria Create Client Install This wizard guides you through creating an Afaria agent installation package. A client setup is then used to install the Afaria Client software on a supported computing device. or the OTA Deployment Center. you can choose different options that allow you to deploy the agent via a companion PC.Getting to Know Afaria 6.

You can view client data by client type.Getting to Know Afaria 6. You can examine client data. log. and log data. Clients View The Data Views Clients view presents client-specific data. and inventory. and take some actions on all clients. You’ll find this feature convenient because you can open the same mini-views for several clients and/or different mini-views for the same client and keep them all open at the same time without leaving clients view. views. work with deployed corporate software licenses. You can also view the status of software channels in different delivery/installation positions at the client. create iOS clients. 66 .6 FP1 Client Data Client Data Data views provides a variety of ways for you to view and manage client information. view the status of deployed client patches. smaller views of software package tracking. and SQL views to collect client data. You can also create folders. and view client deployment notification status information. Data views > Clients You can also open multiple. groups. inventory change detection and data. restore backed up data to individual clients.

but you can also create custom views. Windows Security – Displays all messages related to Data Security Manager for Windows clients. server that originated the transfer. Afaria installs with several pre-defined logs. The Afaria client collects Data Security Manager events and Bluetooth connection activity events as they occur. Data views > Logs The view includes the following pre-defined logs: • Alerts – Displays a view of events that were raised. completion status or error type. acknowledged. Client triggered actions – Displays log views for event monitors that record successes or failures for associated trigger action-pairs that occur on a client. completion status or error type. The right pane displays the date and time the event stopped transferring the file.Getting to Know Afaria 6.6 FP1 Client Data Logs View Logs view presents client data logs. Sessions – Displays views that record information about past sessions. time it occurred and the time it was received at the server. and seconds. Replication – Displays log views that record messages specific to replication. session length in hours. and more. The right pane displays the date and time when the session with the client ended. and then delivers the collection to the Afaria server during Afaria sessions. server on which the message was recorded. Messages – Displays views that record messages specific to the server and to OMA DM session processing. path from which the server downloads information to the client. or closed. and more. Closed Alerts view displays the name of the alert. Raised Events view displays the name of the event and the machine on which it occurred. and more. The Afaria client collects all Data Security Manager events as they occur on the client. and then delivers the collection to the Afaria server during Afaria sessions. Handheld Security – Displays all messages related to Data Security Manager for handheld clients. as well as a view of the alerts that were closed. minutes. • • • • • • • 67 . The right pane displays the date and time when replication occurred with the most recent entry at the top. File transfers – Displays views that record every instance when the server sends or receives a file. time the alert was raised. and more. and more.

or deleted the policy. Logs record the nature and status of a policy and whether updates succeeded. 68 . failed. iOS Connection – The iOS Connection log captures the timing and sequence of actions occurring between the Afaria iOS provisioning server and the iOS devices.Getting to Know Afaria 6.6 FP1 Client Data • • Policy Delivery – Displays views related to policy delivery and updates.

Inventory Views – View detailed inventory data for clients. Use the right pane to view inventory data for a specific client. You can also create groups with views. as well as creates custom folders and views for storing inventory data. • • 69 . and delete these folders and views.Getting to Know Afaria 6. rename. including a full directory scan and subsequent delta scans of data (Windows clients only) and configuration files. Data views > Inventory Inventory data is organized by client type for the following categories: • Change Detection Views —Choose inventory attributes to monitor on clients. you can edit. Custom Views – Create custom folders and views of inventory information within the parent folder.6 FP1 Client Data Inventory View Inventory view lets you monitor specific data that changes. Once created. You can use the right pane to view and acknowledge receipt of changes for those clients that have detected inventory changes.

Windows. Supported client types – Android.Getting to Know Afaria 6. Palm. Windows Mobile Professional (including Windows CE). 70 . the right pane displays a summary of the following client status information specific to that item.6 FP1 Client Data Package Tracking View Package tracking view lets you examine the delivery and installation status of Software Manager channels and portal application packages on your clients. Windows Mobile Standard Data views > Package tracking When you select a channel or package to track in the left pane. Symbian. iOS.

Getting to Know Afaria 6.6 FP1 Client Data Backup View Backup view displays backup content from Backup Manager channels. Data views > Backup You can also use the page to delete all backed up items older than a defined number of days. and if copy items from one client to another of the same client type. Use it to restore items to those clients. 71 .

Data views > License compliance You can use the predefined views to collect data.Getting to Know Afaria 6. or you can define your own folders and views within the Custom Views folder.6 FP1 Client Data License Compliance View License compliance view lets you examine software license compliance and usage data collected from Inventory Manager scans. 72 . The License Compliance Views folder contains predefined views for most client types.

or have not. The view is based on the current patch selection you have in the Server Configuration Patch console page.Getting to Know Afaria 6. You can use a page-level filter to query which patches have. Data views > Client patches The following context menu query and action items are available when you multi-select patches from the top right pane: • • • • Query – View all the clients that are missing a selection of patches. Action – Create a dynamic client group for all clients that are missing a selection of patches. been applied to clients or client groups. rather than all possible Microsoft patches identified in the Patch console page. Use the view for several queries and actions. Action – Create an unpublished Patch Manager channel for all clients that are missing a selection of patches. Action – Download a selection of patches.6 FP1 Client Data Client Patches View The Client Patches view provides powerful query and action tools. The client list appears in the bottom right pane. 73 .

6 FP1 Client Data Client Deployment View Client deployment view allows you to view information about client deployment notification messages processed from the client deployment center.Getting to Know Afaria 6. Notifications – Displays all client notifications sent from the deployment center for all clients in your database. Data views > Client deployment 74 . as well as OMA CP network provisioning notifications sent to provision a device for the download and installation of the Afaria client. Uncompleted notifications – Displays all client notifications in your database for which the client installation has not been downloaded to a specific client. Notifications include OTA deployment center messages. you see the client deployment folder views tree structure with the following predefined views: • • • Notification batches – Displays all the client deployment notifications batches sent from the client deployment center for a specific set of clients in your database. which include a download path for downloading the client to the device. When the Client Deployment page opens.

Remote Control supports Windows and Windows Mobile clients. Remote Control helps you manage frontline devices by allowing you to view and manipulate a client’s environment in real time.netop. It uses role-based administration so you can carefully define the nature of changes that you allow different administrators to make. Additional features include audio chat and client-initiated requests. 75 .Getting to Know Afaria 6. saving time and expense. Use this capability for problem resolution or application training. Visit Danware’s product site at www.6 FP1 Remote Control Remote Control Afaria uses Danware’s NetOp Remote Control for the Afaria Remote Control solution.com for more NetOp Remote Control information and product documentation. All Remote Control communication is AES encrypted and authenticated against your centralized authentication system.

Sign up to vote on this title
UsefulNot useful