Getting to Know Afaria® 6.

6 FP1
Afaria provides comprehensive management and critical security features to ensure that data and devices are up-to-date, reliable and secure. Based on a profile-based model for automating and managing security, work assignments and schedules, IT departments have full control of devices, while frontline workers are free to focus on business objectives. Whether Afaria deployment is over-the-air or wired, all users benefit through simplified workflows and increased productivity. Getting to Know Afaria presents an overview of Afaria architecture, what’s new in Afaria, using the Afaria Administrator and Afaria standalone components, as well as how you can use Afaria to face the challenge of managing devices at the front lines.

Getting to Know Afaria 6.6 FP1 Document version 6.60.01 Copyright © 2010 Sybase, Inc. All rights reserved. This publication pertains to Sybase software and to any subsequent release until otherwise indicated in new editions or technical notes. Information in this document is subject to change without notice. The software described herein is furnished under a license agreement, and it may be used or copied only in accordance with the terms of that agreement. To order additional documents, U.S. and Canadian customers should call Customer Fulfillment at (800) 685-8225, fax (617) 229-9845. Customers in other countries with a U.S. license agreement may contact Customer Fulfillment via the above fax number. All other international customers should contact their Sybase subsidiary or local distributor. Upgrades are provided only at regularly scheduled software release dates. No part of this publication may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical, or otherwise, without the prior written permission of Sybase, Inc. Sybase trademarks can be viewed at the Sybase trademarks page at http://www.sybase.com/detail?id=1011207. Sybase and the marks listed are trademarks of Sybase, Inc. A ® indicates registration in the United States of America. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. Java and all Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Unicode and the Unicode Logo are registered trademarks of Unicode, Inc. All other company and product names used herein may be trademarks or registered trademarks of the respective companies with which they are associated. Use, duplication, or disclosure by the government is subject to the restrictions set forth in subparagraph (c)(1)(ii) of DFARS 52.227-7013 for the DOD and as set forth in FAR 52.227-19(a)-(d) for civilian agencies. Sybase, Inc., One Sybase Drive, Dublin, CA 94568

Getting to Know Afaria 6.6 FP1

Table of Contents

Table of Contents
Introducing Afaria........................................................................................................ 5 Afaria Architecture................................................................................................ 6 Afaria Server ........................................................................................................ 9 Afaria Administrator............................................................................................ 10 Afaria Support Services...................................................................................... 11 Sybase Social Media Channels .......................................................................... 11 What’s New in Afaria 6.6 FP1? ................................................................................. 12 Afaria 6.6 Feature Pack 1 ................................................................................... 12 Afaria 6.6 Platform .............................................................................................. 13 Afaria 6.5 Feature Pack 1 ................................................................................... 15 Afaria 6.5 Feature Pack 2 ................................................................................... 16 Server Access........................................................................................................... 18 Server Status and Reports........................................................................................ 19 Home: Server Status .......................................................................................... 19 Home: Active Sessions ...................................................................................... 20 Home: Alerts....................................................................................................... 21 Home: Reports ................................................................................................... 22 Home: Client Deployment .................................................................................. 23 Server Configuration ................................................................................................. 24 Properties: Communications .............................................................................. 24 Properties: Servers............................................................................................. 25 Properties: Component Configuration ................................................................ 27 Server Configuration: Server Schedules ............................................................ 28 Server Configuration: Client Types .................................................................... 29 Server Configuration: Alert Definitions ............................................................... 30 Server Configuration: License Compliance ........................................................ 31 Server Configuration: Patch Console ................................................................. 32 Client Management with Group Profiles ................................................................... 33 Assignments ....................................................................................................... 34 Client Actions ..................................................................................................... 34 Allowed Channels ............................................................................................... 34 Policies ............................................................................................................... 35 Portal Packages ................................................................................................. 35 Client Groups ............................................................................................................ 36 Monitors .................................................................................................................... 37 Channels................................................................................................................... 38 Backup Manager ................................................................................................ 39 Configuration Manager....................................................................................... 40 Configuration Features ................................................................................ 40
3

.................. 59 Policies.............................................................................................. 53 Features ........... 45 Features .................................................................................................................................................. 66 Clients View . 57 Channel Availability for Servers ................................. 45 Document Manager.................................................................... 42 Features ...........................Getting to Know Afaria 6................ 59 Replication .............................................. 72 Client Patches View ........................................................................ 50 Server Listing ............................ 66 Logs View................................................................................................................................................................... 46 Features .................................... 64 Features ............................................................................................... 69 Package Tracking View............................................ 53 Software Manager ................ 60 Policy Category – Application Control ........................................................................ 55 Channel Availability for Clients................................. 71 License Compliance View ........................................................................................................................................................................................................................................................................................................ 65 Client Data ..................................................................................................................................................... 70 Backup View........................................................................................................................................... 60 Policy Category – Antivirus/Firewall .......................................................................................................................................................................... 63 Tenants and Multitenancy............................................................................................................................................................................................................................ 48 Features ............................................................................................... 48 Patch Manager . 52 Session Manager ........................................................... 73 Client Deployment View ......................................... 75 4 ............................... 74 Remote Control.....................................................................................................................................6 FP1 Table of Contents Configuration and Enforcement Features ............... 61 Policy Category – OMA DM .................................................................................. 59 Import and Export Channels ............................................................................................................................................................................... 67 Inventory View........................................................................................................................................................................................................................................................................................................................................................................................................................................................... 63 Package Category – Application ....................................... 42 Data Security Manager for Windows Clients.......................................... 55 Features ............................................................. 41 Data Security Manager for Handheld Clients .......................... 60 Policy Category – Device Configuration ........................................... 61 Portal Packages........................................................................................................... 64 Clients in Afaria............................................................................ 46 Inventory Manager .....................................................

and at a rate determined by the server. laptops. reducing the volume of data sent. bandwidth demands. Offline installations and processing allows offline processing to minimize connection time and costs. Check point restart picks up an interrupted communication connection where it left off the next time the client connects to the server. Byte-level differencing detects and extracts the difference between two versions of a file or software package and then sends only the byte-level changes or updates to the mobile user. It also provides “device wipe” capabilities for most device types. • • • • • • • Afaria protects your data. allowing you to transmit large volumes of data in time or size increments across several connections until the transfer is complete. and desktops. client agents on mobile devices automatically install software applications and updates and initiate scheduled asset inventories after the connection has ended. Pull capabilities let client users request specific content from a server through subscriptions. Afaria’s bandwidth optimizations provide efficient wireless support: • Push capabilities let you distribute various content to and perform various tasks for your client users in a sequence. Dynamic bandwidth throttling optimizes client connections to take maximum advantage of available bandwidth. and connection time. such as server and client authentication. efficient transmission. Outbound notification lets you notify clients or client groups to connect to the server to perform a specific task.6 FP1 Introducing Afaria Introducing Afaria Afaria is recognized as a leader in the client systems management space by industry analysts and device manufacturers. as well as your computing devices. Afaria enables you manage your remote and mobile computing devices. 5 . while giving way to other applications when their activity levels increase. including handheld devices. Compression optimizes client data traffic for low bandwidth connections by shrinking large files for fast. It includes security features. and user authentication and assignments using enterprise user directories.Getting to Know Afaria 6. While data and software applications are transferred during connections. increasing productivity by allowing the user to work offline more effectively. avoiding redundant data transmission and reducing connection time and user frustration. SSL encryption. Segmented file and package delivery breaks files and software packages into smaller distribution packets.

Getting to Know Afaria 6. Using a relay server lets 2 3 4 6 . Afaria lets you define an unlimited number of customized channels to manage your computing devices from anywhere. such as handheld devices. The external firewall permits inbound Afaria connections. Clients either have an Afaria agent installed or have a native capability or thirdparty application that Afaria features use to interact with the hosting device. 1 Clients – user devices. clients may also connect using the XNET or XNETS protocols from behind the corporate firewall. smartphones. External firewall – protects the corporate network from unauthorized access from the Internet. Network connection – connections with clients occur via inbound and outbound connections. or direct from headquarters to devices across a WAN.6 FP1 Introducing Afaria Afaria Architecture Afaria’s tiered architecture provides information distribution from headquarters to computing devices. and laptops that Afaria manages. anytime. The following diagram illustrates Afaria’s architecture. using HTTP or HTTPS protocols. Although not reflected in the diagram. Relay server – Afaria bundles an optional relay server to operate as a proxy for HTTP and HTTPS sessions between the Afaria server and its Afaria clients.

standalone server or as multiple servers in a server farm environment. and for content not delivered from another source. The servers have a many-to-one relationship with the Afaria database. The Afaria server establishes an outbound connection to the relay server. The following features. Peer Afaria servers – Afaria servers that operate as separate Afaria installations. Portal Package server – for optional portal package operations. An administrator pushes Afaria client installation packages out to the deployment center and then sends notices to device holders. iOS provisioning server – the iOS provisioning server sends device configuration policies to iOS devices. you can designate your authentication method and the domain to be used by Afaria. It runs sessions • • • 7 .6 FP1 Introducing Afaria you further secure your enterprise network by moving the session connection point from within your firewall to a location outside of your firewall. • • Standalone Afaria server – a single Afaria server operating as the only server in an Afaria installation. and communicate with other Afaria servers. define access policies for Afaria Administrator users. All servers in the farm can access the database and host Afaria client sessions. inbound connections are not permitted from the relay server. Device holders can download the client directly onto their device for installation. OMA DM server – the Open Mobile Alliance (OMA) Device Management (DM) server operates as a proxy between the Afaria server and the OMA DM clients. The Afaria server communicates with the Afaria database and additional components or clients as necessary. the individual – the person that installs and operates the Afaria product. such as Active Directory. the application – the Web application that provides an interface for the Afaria server. 6 • 7 8 Afaria database server – the database server contains your Afaria database. allowing an Afaria implementation without any open ports on your internal firewall. 5 Internal firewall – protects corporate network assets. to your Demilitarized Zone (DMZ). which is a Web server that you establish to provide software deployment services. A server farm includes one main Afaria server and one or more replication servers. When using the optional relay server. Use Afaria Administrator to define the server configuration. Afaria Administrator. The server has a one-to-one relationship with the Afaria database. Peer servers access different Afaria databases and support different sets of Afaria clients. monitor system activity.Getting to Know Afaria 6. such as your Afaria server. are not are illustrated in the architectural diagram: • OTA Deployment Center – Afaria supports using an optional Over-The-Air (OTA) Deployment Center. Afaria server farm – multiple Afaria servers operating together in an Afaria installation. Directory server – if providing authentication using an NT domain or LDAP service. the portal package server hosts and serves Afaria application packages to clients. and can be any database platform supported by Afaria. although part of Afaria. from the DMZ. manage Afaria clients. 9 10 Afaria administrator. Afaria server – Afaria is a server-based solution that can operate as a single.

6 FP1 Introducing Afaria with known OMA DM clients to serve OMA-DM-compliant messages. 8 . • Certificate authority server – for iOS features.Getting to Know Afaria 6. as formatted by an Afaria OMA DM policy editor. the certificate authority is a required server component that issues certificates to iOS devices as part of the process for delivering device configuration policies to devices.

It’s engines process all the Afaria tasks for database communication. and client management. You can also use replication to create a “server farm” scenario. 9 . authentication. Import and export lets you move copies of editable channels from one server to another.Getting to Know Afaria 6. For more information about the server farm environment. see “Replication” on page 59. reporting.6 FP1 Introducing Afaria Afaria Server Afaria server operates without its own user interface. Afaria provides two methods for servers to communicate with other servers: import/export and replication. scheduled basis. channel management. using multiple servers for scalability and fault-tolerance. logging. Replication lets you send or receive read-only copies of channels that exist on your server on an automated. Use Afaria Administrator as the tool that provides a user interface for Afaria server operations. or to create a distributed server scenario.

track software package delivery. see alert notifications you may need to resolve. Use the Data views area to view and manage detailed information about your clients. installation. client type definitions. monitors. It provides tools for managing profiles. Use the Server Configuration area to define system-wide properties for your Afaria server. Global navigation link Description Home Use the Home area of the Afaria Administrator to view the current status of your Afaria server. Server Configuration Administration Data Views 10 . and more. Use the Administration area for day-to-day tasks. policies. hardware and software inventory changes. For example. run reports.6 FP1 Introducing Afaria Afaria Administrator The Server List page displays all of the servers within your environment that you can access. as well as access a wealth of additional information about your Afaria server.When you click a server link in the list. including behavioral settings. that server’s status page appears. and creating OMA DM clients. administering channels and channel replication. and alert definitions. client groups. The table below briefly describes the contents of each global link. you can see message logs. portal packages.Getting to Know Afaria 6.

com/resources/socialmedia. For more information about Sybase Customer Service and Support. Sybase Social Media Channels Visit us online for our social media channels at www.6 FP1 Introducing Afaria Afaria Support Services Sybase provides industry-leading support and a variety of downloads to help you get the most out of your Sybase products and solutions.com/contactus/support. If you have a technical support contract.sybase. 11 .Getting to Know Afaria 6.com/support.sybase.sybase. you can visit www. you can locate your local technical support center at www.

6 installation. • • • • Afaria 6.6 Feature Pack 1 Afaria 6. Android. including removing the MDM payload from the device. Application deployment for iOS devices • • New App Portal component for iOS devices Manage application distribution and installation on iOS devices • • Support for both enterprise applications and "App Store" applications Applications can be required or optional on end-user devices 12 .6 FP1? What’s New in Afaria 6. feature.5 Feature Pack 2 Afaria 6. and Afaria Access Control for Microsoft Exchange features and fixes to your Afaria 6.5 Feature Pack 1 Afaria 6.6 FP1? The Afaria product development team continues to drive the industry with innovative enhancements for the latest server and device platforms. and clear device passcode.6 Platform Afaria 6. You benefit from performance. remote erase (device wipe). and security enhancements.Getting to Know Afaria 6. Support for iOS 4 devices • • Ability to manage iOS 4. locking the device.6 FP1 What’s New in Afaria 6.6 FP1 adds iOS.6 Feature Pack 1 The Afaria 6.0 devices using the new Mobile Device Management (MDM) service and protocol Enhanced device policy controls • • • • • Apply policies to devices without user interaction More granular policy status logging Support for additional policy settings New Inventory Manager component with expanded hardware and software inventory collection Expanded security actions available for device.

6 is integrated into Afaria 6.Getting to Know Afaria 6.6 FP1? • • Assignments and distribution managed using Afaria policy and profile infrastructure. and manage iOS policies from within the policies and profiles infrastructure View client inventory in inventory data views Use system variables in iOS policies 13 . applications are a type of "portal package" Client-side interface for application packages • • Displays applications as grouped by administrator-defined categories User can browse list and launch installation Application deployment for Android devices • • New App Portal component for Android devices Manage application distribution and installation on Android devices • • • • Support for both enterprise applications and "Android Market" applications Applications are optional on end-user devices Assignments and distribution managed using Afaria policy and profile infrastructure. import. iOS Device Management Console Integration • • • • Create and manage iOS devices in client data views Create.6 FP1 What’s New in Afaria 6.6 FP1. It introduced support for new platforms and client management enhancements.6 Platform Afaria 6. applications are a type of "portal package" Client-side interface for application packages • • Displays applications as grouped by administrator-defined categories User can browse list and launch installation Afaria Access Control for Microsoft Exchange The release adds new policy definitions for iOS clients Afaria 6.

2 devices without dependency on a Microsoft Exchange server Server Infrastructure Enhancements • Windows Server 2008 R2 (64-bit) support for these components: • • • • • • • • • • Afaria server Afaria Administrator Browsing workstation Access Control Utility OTA Deployment server OMA DM server SMS gateway iOS provisioning server Microsoft SQL Server 2008 support for the Afaria database Set up menu includes access to install programs for all server components Windows Mobile Device Management Improvements • • Updated user interface and improved navigation for the Afaria client on Windows Mobile Professional devices Windows Mobile Software Manager improvements: • • • Support for silent installations Soft reset after installation controls Control over CAB status after installation 14 .6 FP1 What’s New in Afaria 6.6 FP1? Android Device Management • • • Afaria client to install on Android devices Expanded Configuration Manager support to include WiFi and password settings New Android licensable components: • • • • • Inventory Manager – hardware and software inventory License Manager – tracks software licenses Session Manager – limited event support for file manipulation and client messages Android 2.Getting to Know Afaria 6.2 device support Native device lock and wipe options for 2.

• • • Integration with the Afaria management console Over-the-air provisioning of iOS devices Manage assignments of the following iOS configuration policies to devices: • Password formats 15 .6 FP1? • • • Package tracking & logging improvements Session Manager event to end a process Localization for Japanese language Roaming Controls • Roaming controls for Windows Mobile devices in Configuration Manager channel • • • • • • Disable data connections when roaming Disable email attachments when roaming Disable Afaria scheduled or client-initiated connections when roaming Disable IMAP and POP3 email when roaming Display message on device when entering or exiting roaming state Roaming controls for Symbian devices in Configuration Manager channel • • • Disable data connections when roaming Disable Afaria scheduled or client-initiated connections when roaming Display message on device when entering or exiting roaming state • New roaming monitor available for Windows Mobile and Symbian devices to trigger custom actions when roaming Other Client Management Updates • • OMA DM .5 Feature Pack 1 The Afaria 6.Getting to Know Afaria 6. It introduced support for managing iOS devices.6 FP1 What’s New in Afaria 6.ability to import existing policy files (DDFs). modify them and create OMAformatted XML for deployment to devices Symbian devices – Session Manager set time event support Afaria 6.6 FP1.5 FP1 is integrated into Afaria 6.

providing the ability to block or allow ActiveSync requests with Exchange.6 FP1? • • • • • • • • • • • • • Restrictions on use of specific applications and device features WIFI settings VPN settings Email settings Exchange Server connection settings LDAP settings CalDAV settings Calendar Subscription settings Web clip configurations Credentials/certificates SCEP server location settings APN and proxy server settings Log data that tracks the provisioning of iOS devices and deployment of policies Afaria 6. Enhanced iOS management capabilities • • • New remote wipe for iOS. Additional inventory and tracking data: • • Collect and display device serial number and operating system with device information. Option to display profiles on device after installation.6 FP1 What’s New in Afaria 6. which triggers encrypted backups to the iTunes server. and iPad devices. Support for delivering signed and encrypted configuration policy files. New Exchange Access Control support for iOS devices.6 FP1. 16 .5 Feature Pack 2 The Afaria 6. It introduced fixed issues. as managed using your enterprise Microsoft Exchange environment. Additional configuration policy distribution options: • • • • Support variables for user-specific data in configuration policies. and new and enhanced functionality. iTouch. New report to identify devices missing Exchange identifiers.5 FP2 is integrated into Afaria 6.Getting to Know Afaria 6. hot fix rollups.

Enhanced iOS provisioning server scalable design: • • Support for multiple provisioning servers per farm. each tenant's Exchange environment polls the Afaria server for a list of its devices and policies and keeps the list locally. New Android Device Management • • • Remote wipe for Android devices. providing the ability to block or allow ActiveSync requests with Exchange. Exchange Access Control support for Android devices. Define policies for unknown devices on a per-domain basis. • • • • 17 . Provides the ability to block or allow ActiveSync requests with your enterprise Exchange environment. in addition to the originally supported Windows Mobile devices. Provisioning server installs on own server or Afaria Administrator server. Wizard for importing multiple Android device definitions from a CSV file. as managed using your enterprise Microsoft Exchange environment. See Installing Afaria for Exchange Access Control architectural diagrams and discussion. iOS. For multitenant implementations. Enhanced Exchange Access Control • Support for Android.Getting to Know Afaria 6. Support for Microsoft Exchange Server 2010.6 FP1 What’s New in Afaria 6. and Symbian devices.6 FP1? • • New wizard for importing multiple iOS device definitions from a CSV file.

description. as well as define users and security roles for those servers.Getting to Know Afaria 6. assigned roles. The Server List page displays each server’s name. that server’s home status page opens.6 FP1 Server Access Server Access Afaria Administrator uses the Access Policies link to add and remove servers. 18 . and address. Server List When you click a server in the list.

Home > Server status 19 . and differencing cache.6 FP1 Server Status and Reports Server Status and Reports Use the home links to view the server’s status. current active alerts on your system. as well as view and print reports. client deployment email notification messages and their related address books and distribution lists. active client sessions. or navigate high-use items.Getting to Know Afaria 6. as well as the allocated and used disk space for your server. Additional links let you stop and start the server. Home: Server Status The Server Status page displays all of the client sessions that have occurred in the last 24 hours. compression cache.

It displays all active client sessions in your system with supporting details concerning the client and connection activity.Getting to Know Afaria 6.6 FP1 Server Status and Reports Home: Active Sessions The Active Sessions page provides a real-time monitor and a means for gauging the server’s current workload and performance. Home > Active sessions 20 .

Home > Alerts 21 .6 FP1 Server Status and Reports Home: Alerts The Alerts page lets you view events that trigger alerts on your system so that you can acknowledge and resolve them quickly.Getting to Know Afaria 6. Alerts notify you when some incident arises on your server. server components. or clients.

or exported.6 FP1 Server Status and Reports Home: Reports The Reports page lets you access key system and activity data stored in the server database schema through predefined reports. subtotals and totals. Home > Reports Reports make it easy for you to monitor and analyze your Afaria server and Afaria client base. Each report provides filters. printed. and can be viewed on screen. 22 . graphical data views.Getting to Know Afaria 6.

Getting to Know Afaria 6.6 FP1

Server Status and Reports

Home: Client Deployment
The Client Deployment area allows you to manage tasks related to deploying clients over the air. Use the area to: • • • • Maintain your address book – Use the address book links to manage client addresses and distribution lists for deployment notifications, as well as to send client notifications. Maintain notification message templates – Message templates enable you predefine notification messages to use multiple times. Send notification messages – Send Over-the-Air (OTA) notifications as well as Open Mobile Alliance Client Provisioning (OMA CP) notifications. Configure a self-service portal – Access tools used to support your custom-developed, selfservice portal, as well as to manage network access points used for client deployment.

Home > Client deployment

23

Getting to Know Afaria 6.6 FP1

Server Configuration

Server Configuration
User Server Configuration links to set server properties, define schedules for the server, define client types, define alerts for your system, track corporate software licenses, and prepare Microsoft patches for deployment.

Properties: Communications
Use communication properties to configure parameters for communication sessions with your clients. These parameters include: • Bandwidth throttling – increase or decrease the communication rate throughout the course of a client session, allowing client users to run other network applications more effectively when they communicate with the Afaria server. Compression – add files to or view the cache of compressed files that are frequently sent to clients. This reduces connection time and improves system performance. Client communication – use the Client Communication page to define communicating with your Afaria clients including communication protocol, SSL certificate and key, and server address seed value for creating new clients. Differencing – maintain different versions of files that you frequently send to clients; the server sends only the updated bytes of each file in the differencing cache. Server identification – set or change the server’s friendly name, which is visible to some clients.

• •

• •

24

Getting to Know Afaria 6.6 FP1

Server Configuration

Properties: Servers
Use server properties to configure parameters for server information and behavior. These parameters include: • Contact – provide Channel Viewer users with information regarding the person to contact if they have questions with their client devices or encounter problems during a communication session with the server. Exchange Access Config – for the Afaria Access Control for Microsoft Exchange feature, the Exchange Access Config property page lets you define parameters for operating the ISAPI listener on the Afaria server. Failed session cleanup – control how the system handles failed communication sessions between clients and the server. License – view information about your system, including a list of licensed components and client types, the number of licensed sessions, expiration dates (if any), and a brief description of the license type. Logging policy – determine the global logging policy settings. All logs are enabled by default. Log cleanup – specify the cleanup time for the individual logs. OTA Deployment Center – establish settings for Afaria client and Afaria server communication with the OTA Deployment Center. SMS Gateway – define settings for an Afaria Short Message Service (SMS) gateway. Security – configure settings for security measures, including authentication, domain assignments, and client approval. If you are using LDAP for authentication and assignments, you can also enable and configure SSL for LDAP to increase security when you communicate with your Windows clients. SMTP – establish SMTP server settings for your Afaria-initiated, SMTP-based communications. User-defined fields – create new fields in your database tables related to the A_CLIENTS table and read from/write to these fields using the session worklist variables Set Database Field and Get Database Field used for writing to or reading from the database. Outbound notification – control the volume parameters for outbound notification sessions to keep the Afaria server from being overwhelmed with incoming sessions. Relay server – define settings for using a relay server for your Afaria operations. The relay server operates as a proxy for HTTP and HTTPS sessions between the Afaria server and its Afaria clients.

• •

• • • • •

• •

• •

25

These security features are subject to client type.Getting to Know Afaria 6.6 FP1 Server Configuration Additional Security Features Additional security features include server. Client authentication prevents rogue devices from running sessions with the server. Server authentication prevents a rogue server from intercepting communications between the client and the intended server. SSL encryption and user authentication – User authentication and assignments using LDAP directories include additional SSL security for client sessions. • • 26 . client. Client authentication – The server requests a certificate from the client during the communication handshake to verify that the client is trusted. and user authentication. • Server authentication – The client requests a certificate from the server during the communication handshake to verify that the server is trusted.

Document Manager – apply default location settings for your file selections and settings for alternate media sources. Portal Package Server – use the Portal Package Server page to define configuration properties for the Afaria portal package server. Exchange Access Policy – define a synchronization policy for your enterprise’s devices that use Microsoft Exchange ActiveSync to synchronize with your organization’s Microsoft Exchange server. These parameters include: • • • • AV/Firewall – define the disposition of new client files or pattern files and identifies the date of the last update. iOS Server – define properties for the Afaria iOS provisioning server and the certificate authority (CA) server. Patch Manager – define the location for storing downloaded patches. OMA DM – define the OMA DM server address properties that OMA DM clients need to communicate with the OMA DM server.Getting to Know Afaria 6. Backup Manager – define the physical location for backup storage and define associated log and alert thresholds. • • • • • 27 . and define the user-facing messages for outbound notifications. iOS Notification – use the iOS Notification page to define the Apple Mobile Device Management (MDM) certificate and push notification service used for Afaria MDM control.6 FP1 Server Configuration Properties: Component Configuration Use component configuration properties to configure global settings for installed optional components.

Getting to Know Afaria 6. so that these tasks run automatically at regular intervals. such as updating channel content or distributing software. There are several predefined schedules that you can edit to meet your needs. Server configuration > Server schedules 28 .6 FP1 Server Configuration Server Configuration: Server Schedules Use the Server Schedules page to define a schedule for tasks you perform on a regular basis.

Use the client type attribute when you create channels. channels are specific for one client type.Getting to Know Afaria 6. The server is installed with predefined client types and it allows you to add new definitions. processor.6 FP1 Server Configuration Server Configuration: Client Types Client types group clients that share one or more of the same attributes for operating system. or service pack. Server configuration > Client types 29 . A single client type may contain one or more subtypes.

description. threshold interval. 30 . or clients. threshold. server components. Alerts page. Review alerts that are currently raised on the Home. pager. Alerts notify a contact when some incident arises on your server. A raised alerts count also displays on the Home Server status page. and/or email address.Getting to Know Afaria 6. and state of the alerts you have defined on your system. Server configuration > Alert definitions Alert definitions include these property pages: • • • Defined alerts – Displays the name.6 FP1 Server Configuration Server Configuration: Alert Definitions Use the Alert definitions page to define and manage alerts and the events that trigger them on your server. and the component associated with the event system-defined and user-defined events on your system. contact. so that you can acknowledge and resolve it quickly. Defined events – Displays the name. Defined contacts – Displays each contact’s name. description.

the page displays data for client category. Version. Application. Use the License compliance page to track software licenses. Server configuration > License compliance License Manager supports all versions of client operating systems that are supported by Inventory Manager. as well as print the various license compliance reports. This page appears empty until you define software licenses in your database. set license compliance event thresholds. work with predefined and custom views in Data views. however. installed and purchased. # (number) Purchased. and any Notes you may add. and how often users run specific applications. For instance. software size is tracked on some client types and not others. You can define schedules that control license compliance processes. Manufacturer. 31 . Size. Once you have defined these software licenses. Effective and Expiration dates. all client types do not have exactly the same level of supported data.Getting to Know Afaria 6. License compliance.6 FP1 Server Configuration Server Configuration: License Compliance License compliance is a feature of License Manager.

Select and download patches for deployment at your organization. You can apply properties to individual patches that define installation switches to use when the patch runs on a client and indicate whether to force a reboot after the patch installs. You can also initiate patch downloads on demand from the Patch console or from Data Views > Client Patches page.Getting to Know Afaria 6. A default server schedule runs nightly to synchronize the Patch Console page with Microsoft’s current data and download your selections. 32 . Server configuration > Patch console Patch descriptions include links directly to the Microsoft download site.6 FP1 Server Configuration Server Configuration: Patch Console Use the Patch Console page to view current Microsoft patches. Patches are arranged in a tree hierarchy by product name for quick navigation and patch selection.

or some other supported action.6 FP1 Client Management with Group Profiles Client Management with Group Profiles Use the Policies and Profiles area of Afaria Administrator to manage profiles. In a server farm environment. For example.Getting to Know Afaria 6. only one device type. you must be on the main server to create or edit profiles. you can view profiles from any server. or some combination of multiple device types. However. Create a list of allowed channels to define the work that the group is allowed to perform. Policies – profiles Profiles let you apply policies to groups that are enforced either continuously or according to a schedule. A monitor-action pair is a single schedule or other monitor paired with a single action. Profiles are made up of the following major components: • Client types – a client type filter defines the types of client devices that can use a profile. you can define a profile to be eligible for all Afaria-supported device types. Allowed work – allowed work executes when it is requested by a client and is defined as allowed on the profile. Define monitor-action pairs to automate work. Assignments – assignments define the list of groups that receive a profile. Profiles are the primary mechanism for managing the work performed by groups of clients. The paired action may be to connect to an Afaria server to request a channel. Packages – portal packages let you deliver applications to clients. Automated work – automated work executes without user interaction. The Afaria administrator creates profiles to define the work to be performed. and then to associate that work with client device types or groups of clients. • • • • • Administration > Policies and Profiles 33 . to launch a program.

and affect automation as a result. When monitors or schedules are paired with actions. then by the Assignments properties. Groups are first filtered by the work profile’s client types attribute.6 FP1 Client Management with Group Profiles Assignments The Assignments area lets you assign a work profile to specific groups. Similarly. Eligible action types include: • • • • Log event only Execute program Run channel Run script Allowed Channels Use Allowed Channels tab to manage the channels and channel sets that a profile’s assigned groups are allowed to run.Getting to Know Afaria 6. Each monitor-action pair requires one monitor and one action type. the All Clients group is a dynamic group that includes every known client and its use simplifies assigning a work profile to all clients LDAP groups and organizational units Local user groups Domain user groups Client Actions Use the Client Actions tab to define monitor-action pairs. a client receives monitor-action pair definitions from the client actions list only when the client type supports the monitor type. While groups’ clients may receive a work profile. Afaria supports the following types of client groups: • • • • • Afaria client groups Afaria built-in group “All Clients”. Clients request channels in a variety of ways: • Scheduled connection – A client makes a scheduled connection after its schedule monitor prompts its associated run channel action to execute. you can automate tasks on a client each time the schedule or monitor fires. 34 . Monitors detect specific events at a client or run as schedules. each client must meet any channel-level requirements to be able to run the channels contained in the work profile.

as defined by OMA. The policy’s content—OMA DM objects—is applied at the client according to each device’s OMA DM implementation. OMA DM – Open Mobile Alliance (OMA) Device Management (DM) policies are settings and actions for Afaria OMA DM clients that are based on DM objects. Policy types include: • • • Application Control – Lets you control which applications your device users can execute. Monitor-action pair – A run channel action executes. as defined by a monitor-action pair that used a connection monitor to detect an active connection. Antivirus/Firewall – Lets you provide antivirus and firewall security for your devices. API client – A client runs a session using the channel’s name as the channel parameter. Default channel – A client’s Afaria configuration settings do not define any channel when the client is connecting. and can block incoming phone calls and SMS messages from defined sources. Users can browse the list and select packages. Windows client or handheld client – Client opens the channel’s parameter file (. Portal Packages Use the Portal Packages tab to review and manage the profile’s portal packages. A list of packages is available on the Afaria agent at the client. Packages let you deliver applications to your clients. Policies Use the Policies tab to manage policy deployment. Policies are collections of settings and tasks to define and enforce on your clients.XEC).Getting to Know Afaria 6.6 FP1 Client Management with Group Profiles • • • • • Windows client with Channel Viewer – A user selects the channel’s name in the Channel Viewer application and issues the connect command. 35 .

• • Dynamic groups – Membership changes to always reflect the custom views you create in Data views. Instead of containing users as members. The list of members does not change unless you edit it. Administration > Client groups Types of client groups.6 FP1 Client Groups Client Groups The Client Groups page lets you manage groups of clients that function similar to Windows NT and LDAP groups. Static groups – Membership always reflects only the members you select from the list of all client views. 36 . Client groups contain client devices. Clients and Inventory.Getting to Know Afaria 6.

processes starting and stopping. you can create a schedule monitor to detect when the last Friday of the month occurs. You create monitors on the server and deploy them to clients as part of a group profile. and then take some type of predefined action. Although device monitors are not device-specific. battery capacity. 37 .6 FP1 Monitors Monitors Use the Monitors page to manage schedules and device monitors to deploy to your Afaria clients. the predefined action is taken automatically. as well as memory usage.Getting to Know Afaria 6. device monitors may function differently between client types. feature availability depends on client type features and platform support. Select a folder or monitor in the left pane to view it in the right pane. Pair your monitors with an action on a profile to automate work on a client device. When the monitored condition or event occurs. Additional events you can monitor on Afaria clients include changes to files and directories in the file system. For this reason. For example. Administration > Monitors The system-defined folders in the Monitors column—All and By Type—organize your event monitors.

such as Configuration Manager. Use the Channel Administration area to manage channels and channel sets. 38 . Channels types are specialized by component. as well as any number of folders you wish to create beneath the server. pull content from a client.Getting to Know Afaria 6. Document Manager. You can also import and export channels to and from other Afaria servers in your system. and others. Data Security Manager.6 FP1 Channels Channels Channels are sets of tasks and instructions that an Afaria client runs when it connects to an Afaria server. push content out to a client. Administration > Channel Administration The tree structure lets you organize your channels by your Afaria server. or execute other behaviors on a client. Channels may change device settings.

reducing the time required to back up changed files. Supported client types – Palm. or recover files that are different than those from which they were originally restored (Full Restore). Data backup – For Palm. Clean up backed up items – In Data views. Properties. Windows. as well as set thresholds for backed up items space usage. and applications to a specific folder structure on the corporate network. and Windows Mobile clients you can back up data files and databases when these clients connect to the server. It uses Session Manager’s Get Files from Client event to retrieve the designated backup sets. and sends only bytelevel file differences to the server. 39 . • File differencing – For Windows clients. extracts. Symbian. Schedules – For Windows and Windows Mobile clients. Backup Manager you can change the default location for backed up information. folders. Restore – Restore lets you selectively recover files that you specify on a per client basis (Selective Restore). Windows Mobile Standard Create backup and restore channels: • Backup – Backup channels let you specify the folder and file names to back up on the client computer. Backup channels can be scheduled to run on a regular basis. Windows Mobile Professional (including Windows CE).Getting to Know Afaria 6. Change the backup location and set thresholds – In Server Configuration. Backup you can determine the number of days after a specified date when all backed up items are deleted. Symbian. file differencing detects.6 FP1 Channels Backup Manager Use Backup Manager to back up and restore large quantities of data from specified files.

dial up. • • • Connectivity – configure a variety of connectivity settings for WiFi. configured setting cannot be changed by the user. browser controls. Configuration Manager offers features that are: • • Subject to client type. • • Configuration – affect device settings during an Afaria session. WAP proxy. Custom XML provisioning – configuration Manager includes a custom provisioning page for Windows Mobile Professional and Windows Mobile Standard clients. based on the nature of the settings. Bluetooth. proxy. preferences. and encryption options. security time-outs. Configuration and enforcement – affect device settings either during an Afaria session or when a device enters a defined state. This custom provisioning feature provides a method for you to configure even the newest devices as they hit the market. and create restrictions for message and attachment sizes. Device application and feature controls – control the applications and features that your devices support using application settings related to application downloads. login scripts. the device holder may be able to change the settings. Features are subject to client type. Synchronization activity – define the behaviors for synchronization using settings that define synchronization profiles. the device holder may be able to change the settings. SMS messaging. Configuration Features Configuration features affect device settings during an Afaria session. PIM and non-PIM application synchronization behavior. Subsequent to the session. Either for configuration or configuration and enforcement. and resolve synchronization conflicts. and service provider. VPN. provide passwords. APN. email service use. application data storage. • • • 40 . Use the custom feature to configure settings that are not available on the Configuration Manager Channel Editor. Email controls – define settings that route email traffic to defined email servers. You can create channels to specify particular attributes.Getting to Know Afaria 6. access points. Subsequent to the session. and settings. device to device messaging. The custom page allows you to use the Open Mobile Alliance’s (OMA) Client Provisioning standards to compose provisioning XML scripts that you can deliver to your devices. and phone use. Subsequent to the session. identify email.6 FP1 Channels Configuration Manager Use Configuration Manager to remotely configure devices that are deployed to your mobile workforce. Device security – establish and enforce your device security policy using security settings that include password controls.

limit. Roaming controls – define settings to affect when a device enters a roaming state. • • 41 . based on the nature of the settings. data transfer methods. you can enforce the availability of key device features.Getting to Know Afaria 6. • Port Control – enable. Subsequent to the session. configured setting cannot be changed by the user. such as Bluetooth connectivity. Features are subject to client type. Windows Mobile Update – control how software and security updates issued by Microsoft are applied to the device. or disable the usage of hardware ports on devices. and the use of external data cards.6 FP1 Channels Configuration and Enforcement Features Configuration and enforcement features affect device settings either during an Afaria session or when a device enters a defined state. By regulating the use of hardware ports.

This locked state provides protection against unauthorized users attempting to gain access to a device’s applications and data. Palm Features Data Security Manager allows you to manage client security. Windows Mobile Standard. thereby protecting device data and all device applications from unauthorized access. and sizes. which must be answered correctly on the device prior to resetting a forgotten device password. • 42 . orientations. administrator. Password options – Allows you to establish a password policy for locking the device to restrict user access. Device-based recovery – Provides password recovery on the device without the need for Afaria administrator assistance. The password is also used to verify authorization for device state changes such as the insertion of a data card or an attempt to use desktop synchronization tools. You can use the recovery password to access the user interface any time that the device is locked. You can use the administrator password to access the user interface at any time. Security policies for handheld clients can include a policy for protecting against unauthorized user access. Remote-based recovery – Allows you to issue a temporary recovery password for a client user that has control of the device but has forgotten the password.6 FP1 Channels Data Security Manager for Handheld Clients Data Security Manager lets you establish security policies for Afaria clients. Symbian. Data Security Manager offers flexible password criteria so that you can define a device password that meets your enterprise’s password strength requirements. Automatic lock – Data Security Manager locks the device after a defined period of inactivity. Use of this recovery method on the device can be enabled or disabled. • • • • • Manual lock – Allows a device user to force the device into a locked state without waiting for an automatic lock to engage. and for security action against absentee devices. Features are subject to client type and include: • Device support – Supports a diverse set of Windows Mobile Professional. Remote-based recovery requires Afaria administrator assistance. including when the device enters a lock down state with the user password disabled. Data Security Manager’s implementation accommodates many different screen resolutions. Windows Mobile Standard. Administrator password – Allows you to implement an administrator password on the client. security action against excessive password retry attempts. or temporary recovery password to unlock the device. Symbian. encrypting sensitive data. Client users configure secret questions and answers.Getting to Know Afaria 6. and Palm devices. Users must supply a valid user. The password is required to use the device. Supported client types – Windows Mobile Professional (excluding Windows CE). Data Security Manager implements the following password features: • Power-on password – Allows you to enforce password use at the client.

Email and personal information management (PIM) application compatibility – Integration with your iAnywhere Mobile Office client. Custom user interface – Allows you to customize several elements of the user interface that your users encounter when they use Data Security Manager. Password lock down policy – Allows you to establish a password lock down policy for security action against excessive password retry attempts. deleting data. including Federal Information Processing Standards-certified (FIPS) Advanced Encryption Standard (AES) encryption algorithms. including the password prompt text and the password screen graphic. • • • • • • 43 . deleting data. deleting data. Lock down action options include disabling a user password. You may choose your preferred encryption algorithms for Afaria to use for encrypting data. You can define the security policy for the locked state to allow other outgoing phone calls as well. and hard resetting the device to its default state. including notifications received while the device is in a locked state. Emergency call support – Allows users to make emergency phone calls while the device is in a locked state. SIM lock down policy – Allows you to establish a policy for security action against a device with a SIM card that is changed or missing. The device may be in the hands of unintended users attempting to gain access to device applications and data. Afaria supports receiving Short Message Service (SMS) and Hypertext Transfer Protocol (HTTP) notifications. You define an action to take when locking the device in response to a defined number of user password failures. The device may be in the hands of unintended users attempting to gain access to device applications and data. This lock down state is protection against the possibility that a device that does not connect in a timely manner has an unknown status. You can define an action to take when locking the device in response to a SIM card that is changed or missing. You use a channel editor to select personal information management (PIM) and other data to encrypt. or have obsolete data that may put business-critical operations at risk of error. Connection lock down policy – Allows you to establish a connection policy for security action against absentee devices.Getting to Know Afaria 6. or similar solutions. and hard resetting the device to its default state. or who gain control of removable media that contains sensitive data. Microsoft Exchange push email client.6 FP1 Channels • Data encryption – Allows you to establish an encryption policy for encrypting sensitive data located on the device or on any of the device’s external data storage cards. and hard resetting the device to its default state. enables your users to receive ongoing email and PIM update notifications. This lock down state is protection against unintended users attempting to guess the user password to gain access to a device’s applications and data. Data encryption is protection against intruders who use advanced techniques to bypass the user interface and access the data directly. Lock down action options include disabling a user password. You may also allow Windows Mobile Professional and Palm users to select data for encryption on their devices. Lock down action options include disabling a user password. This lock down state is protection against the possibility that a device that does not have a proper SIM card. You define an action to take when locking the device in response to a client device failing to establish a connection within a defined period of time.

You can examine occurrences of Data Security Manager events in the Messages log. This is particularly useful if encrypted files become orphaned due to the device experiencing a hard reset. Client Password Unchanged – Identifies any clients that have not had their passwords changed. Administrator Password Detail – Identifies any clients that have been unlocked using the administrator password.Getting to Know Afaria 6. or some other circumstance which prevents the original client from decrypting the files. Enabling the feature keeps the user interface on and the device unlocked while the GPS radio is active. Data Security Manager reports – Data Security Manager includes the following predefined reports that you can view and print: • • • • Client Lock Down Detail – Identifies any clients that have entered a lock down state. Server-side decryption utility – Allows you run the File Decryption Utility program on the Afaria server to decrypt external card files encrypted by Afaria Data Security Manager clients. • • • • 44 . uninstalling the client. Users have access to the GPS application without the device automatically locking.6 FP1 Channels • Global Positioning System (GPS) service application compatibility – Afaria includes a policy setting for organizations that run GPS applications on their handheld devices. Data Security Manager client uninstall channel – Allows you to uninstall Data Security Manager from your Afaria client. The uninstall process decrypts any associated data on the device or on an inserted external data card. You can also define alerts that monitor specific Data Security Manager events. Log entries and registered events – Afaria records Data Security Manager events during event logging. Users may engage the manual lock at any time. Client Password Changed – Identifies any clients that have had their passwords changed.

Features The security manager provides layers of security: full-disk encryption. boot-time authentication.6 FP1 Channels Data Security Manager for Windows Clients Afaria Data Security Manager clients is an encryption solution that lets you define and implement a security policy for Afaria Windows clients.Getting to Know Afaria 6. Data is automatically decrypted and reencrypted during subsequent user sessions as required. • • 45 . Boot-time authentication – Boot-time authentication prompts for and authenticates user credentials before the operating system loads and when returning from hibernation. without interrupting normal application operations. Challenge-response recovery – The challenge-response recovery process is a secure mechanism that allows for an authorized user to regain control of a computer from a state of denied access after having accidentally entered the wrong password too many times. • Full-disk encryption – The full-disk encryption feature uses the AES encryption algorithm to transparently encrypt a computer's hard disks. encounters encrypted data that is unintelligible without the encryption key. and challenge-response recovery. Anyone making direct access to the hard drive. without using the authentication process.

Getting to Know Afaria 6. an HTML page (main file) may include graphics (dependent files) the user does not need to view separately. you can create channels using external media sources such as CD-ROMs. External media support – For Windows client Channel Viewer users. In Document Manager. The. Windows Mobile Standard Document Manager lets you: • • • • Cost-effectively deliver and automatically update important documents Ensure end-users have access to the most up-to-date information and are automatically notified of updates Decrease the time users spend navigating through the LAN. You can define channels to “push” content to connected client users. You can initially distribute • • • 46 . but show only the main file in the list of documents. you may want to distribute an HTML page that includes. For example. By making the graphic files dependent upon the main HTML file.6 FP1 Channels Document Manager Document Manager lets you publish groups of documents for client users to access. Afaria automatically runs channel refresh using the settings you specify through global settings. Afaria makes a copy of the file and places the copy in the temporary area. you can quickly refresh channel data at any time with the click of a button.jpg files are required to display the HTML file correctly. you permit the user to access the main document but not individual graphic files. Internet. bitmaps. or you can allow users to decide whether they want to subscribe. Windows Mobile Professional. For example. The dependent files are delivered to the client when the user subscribes to the document. When Afaria refreshes channel data. By hiding the dependent files. When you first add a file to a Document Manager channel. These features include: • Dependent file support – Document Manager channels can include dependent files associated with a main file. you can send a group of dependent files. or intranet for pertinent information Reduce the total cost of ownership associated with managing content Features Document Manager has several features that help manage documents for client use.jpg graphic files. Using hidden file support. and more. Supported client types – Palm. Document Manager channels can include text files. Channel refresh – You can use channel refresh to ensure your channel files are consistent with original source files.jpg files automatically when receiving the subscribed HTML file. the user receives the dependent . it copies the current version of the file from the source and updates the temporary area. Hidden file support – You can hide selected files included in a Document Manager channel. Windows. HTML files.

47 . resulting in reduced connection times and improved system performance. • • Channel export – You can export a selected Document Manager channel to a single designated file. The Document Manager channels you create can contain both server-based files and external files.6 FP1 Channels information to your users on a CD or disk and then periodically deliver updated files via “normal” Document Manager channels. Afaria detects the differences between the file at the client and the source file on the server and sends only the differences. Byte-level file differencing – When Afaria clients request a file that already exists on their system.Getting to Know Afaria 6.

Inventory Manager can collect more detailed client information. or other administrative tasks. Delta scans – Windows clients only. These features are subject to client type. If a DMI Agent is enabled at the client. The DMI Agent—provided by the computer manufacturer—is a system-specific executable file that scans inventory information. Inventory Manager silently detects installed hardware and software on the client during the connection or while the client is disconnected. Features include: • Automatic scanning and reporting – Inventory Manager automatically scans and retrieves detailed hardware and software inventory data from remote computing devices. Network Adapters. OS Drivers and Services. but includes commercial software usage. immediately after the connection with the server. 48 . rather than from the beginning. Checkpoint restart is used to resume failed transfers at the point of failure. Supported client types – BlackBerry. troubleshooting. System. Windows Mobile Standard Features Inventory Manager offers several features that help you manage your hardware and software. During client inventory scans. Keyboard. Data retrieved is dependent upon the client type. File compression ensures inventory collection sessions are efficient and quick. Windows. Built-in error checking ensures that data is always complete.Getting to Know Afaria 6. or on specific dates and times. Windows Mobile Professional (including Windows CE). Support for DMI standards – Inventory Manager supports Desktop Management Interface (DMI) 2. lowering communications time and cost. Inventory Manager reduces the amount of data that is transferred from Windows client devices to the Afaria server by transmitting only data that has changed from a previous inventory scan. Motherboard. such as additional data about the BIOS. You’ll find this information beneficial prior to performing hardware and software updates. battery amount remaining. Efficient inventory scanning and collection – Inventory Manager is specifically designed to work efficiently in the remote and mobile environment where connections are intermittent and unreliable. which is the Distributed Management Task Force (DMTF) industry standard specifications supported by major hardware and software manufacturers. Symbian. operating system installed. and more.0. or Video. processor type. Palm. amount of memory. • • • • Inventory scheduling options for Windows clients – You can schedule inventory scanning to take place offline. Inventory Manager collects and reports DMI-compliant hardware or software inventory located on the system.6 FP1 Channels Inventory Manager The Inventory Manager lets you centralize the monitoring and reporting of hardware and software resources installed on your clients. Scans can run at the client during a connection with the server. language that displays on the device.

query. you can view those clients that have detected inventory changes.6 FP1 Channels • Data storage in the Afaria database – Inventory scan results are maintained in the Afaria database.Getting to Know Afaria 6. Client change detection – Using the Change detection views folder in Data views. all inventory-scanning results are automatically transferred to the database server. • • 49 . Inventory allows you to view configuration files on a per-client basis. and report on client inventory data. Once set. Configuration information for Windows clients – During sessions. Inventory. allowing you to use existing database infrastructure and tools to access. you can choose inventory attributes to monitor on a selected client type. and acknowledge that you’ve seen those changes. Data views. You can view clients with inventory changes in the right pane of Inventory view and via the clients view right pane shortcut menu.

Supplying these credentials allows you to ensure that the channel's patches can run with local administrator rights.6 FP1 Channels Patch Manager Use the Patch Manager Channel Editor to view and edit channel properties. Delivery properties include the following items: 50 . Impersonation – Supply impersonation credentials for an account with local administration privileges. Supported client types – Windows Administration > Channel Administration > Patch Manager channel > Edit The channel editor provides access to channels you to set and control for installing the patches and delivering patch content. Install properties include the following items: • • Reboot mode – Choose the reboot behavior for the client computer after the patch installs. A new Patch Manager channel launches the channel editor with the same view as the Server Configuration Patch console page.Getting to Know Afaria 6. Use the list’s check boxes to change an selections. the patches associated with that product appear in the top half of the right pane. except it is filtered to include only those patches you have selected and saved in the Patch Console page. When you select a product in the left pane.

Getting to Know Afaria 6. Bandwidth throttle – Override the bandwidth configuration settings that you defined on the Bandwidth Throttling page. 51 .6 FP1 Channels • • Segment delivery – Apply segment delivery time allowance or segment file size criteria to channel content delivery to ensure that patch delivery does not overload your network.

Getting to Know Afaria 6. allowing the user to receive content without subscribing to the channel. Supported client types – Windows 52 . When the client connects to your server.6 FP1 Channels Server Listing Server Listing uses the client Channel Viewer to define the name. address. the Server Listing channel content is automatically sent to the client. and description of each server in the channel list.

Session Manager channels are composed of worklists and sendlists that you create to meet your specific needs. Notify Program. The selected channel appears at the top of the structure. Supported client types – All Afaria clients Object’s event list Complete event list Current worklist or sendlist object Features The Session Manager offers several features that help distribute and manage files. These features include: • Simple session channel editing – The Session Manager Channel Editor displays all of your Session Manager channels. You can position the moveable Session variables selector box where it’s most convenient for you. Logs to view client session activity and file transfer information. you can specify event-specific information in a referenced file rather • 53 . and Set Variable events. and sendlists in a tree structure so you can visually organize your channels and their components. Use Data Views. Indirect file support – Session Manager supports indirect files for Message. Worklists and sendlists are the fundamental units of activity for all work on and between the server and clients. Using indirect file support. while the other channels are contained within a separate folder. Insert Worklist.6 FP1 Channels Session Manager Use Session Manager to automate electronic file distribution. Get File from Client. and system registry management tasks. Session Manager channels include properties for fault tolerance. Send File to Client. notifications.Getting to Know Afaria 6. worklists. file and directory management.

or event is available for execution. which lets you update the indirect file without having to update the actual event. or worklists only. Use variables in events – Variables in events are placeholders for different event parameters. environment variables. a wildcard references files or directories as a group. • Worklist. Display items from which you can choose include all worklist and sendlist objects. sendlists only.Getting to Know Afaria 6. You may want to disable items and keep them disabled until they’re fully defined and ready to be executed.6 FP1 Channels than directly embedding it in an event. userdefined variables. Session Manager replaces the variable placeholders with the appropriate information when the event executes. Use wildcards in events – Wildcards are reserved characters that perform a task on multiple files with similar names or extensions. Session Manager automatically assigns it to your channel. Variables available include predefined variables. sendlist. • • • • • 54 . Assign objects to your channel – When you create a new worklist or sendlist. sendlist. Control object display – Assignments for object view lets you control the display of worklist and sendlist objects that reside in the channel by selecting the respective option from the View drop-down list. but you can also assign it to any worklist and sendlist object that resides in any other channel. Optimize event execution – You can fine-tune worklists and sendlists to increase resource efficiency and decrease session completion time by pre-processing tasks that can be performed on the client by the client before a session begins. and variable modifiers. Instead of individually selecting many files and directories. and event availability – You can specify when a worklist.

Deliver package files to the client—“local-based” installation—is used for users wishing to install offline. you can specify what to install. Windows Mobile Professional (including Windows CE). Setup based installations are used for applications that provide their own installation program to perform file copy and system update operations. instruct Software Manager to send only differences of a specific file or a collection of files. determine how much of the installation the client should display.6 FP1 Channels Software Manager Use Software Manager to distribute and install commercial or custom-built software applications on Afaria clients. Run installation from a LAN location—“LAN-based” installations—is used for networked users. Deployment method – Software Manager provides two methods of channel deployment at the Windows client. Depending upon the client type. start installations automatically. You can push software packages to your clients after they initiate a connection to ensure that users have the latest software.Getting to Know Afaria 6. Symbian. Non-Setup based installations are used for applications that have no installation program and are distributed as a custom application or a collection of files. In these channels. Use Data Views. and more. Software Manager provides the installation services to the client. Channel file/folder – You can add and remove installation/non-installation files. Software Manager channels include properties for fault tolerance and incremental changes. and more. Package tracking to see client software package information. include a guidance file for Windows client setup-based installations. Windows. Supported client types – Palm. These features include: • Installation type – Software Manager provides two types of installations at the Windows client. force an installation target directory. view file properties. • • • 55 . include file shortcuts for Windows client non-setup-based installations. Windows Mobile Standard Features Software Manager offers several features that help you distribute and install application on Afaria clients. This option runs the installation using channel contents that reside on a LAN location. This option sends the package files to the client machine. define filelevel target destinations. Installation process – Software Manager includes specific options for controlling installations so that you can give as little or as much control as needed to your client users. provide command line arguments to add parameters to the channel installation settings. installation runs from a temporary location on the client. choose how the installation makes programs available. or you can let client users subscribe to channels so that they install only the software they need.

clean up. operating system/service pack. after which criteria are no longer met. and include pre/post delivery/installation options. You can also activate a Channel Viewer icon or a link on a Web page to let client users uninstall channels. • • • • • • 56 . execute published Session Manager channels. Successful installation – Software Manager reports the success/failure of the distribution and installation of Setup based software applications back to the server.Getting to Know Afaria 6.6 FP1 Channels • Delivery and installation time frame – Software Manager lets you determine the daily time period during which channels can be delivered to clients. as well as valid install dates and time frames for Windows client channels. and uninstall from a Web browser by including the channel in a channel set and incorporating the automatically-generated HTML code onto a Web page. Criteria are checked twice at the client: before software delivery so that the channel is sent only to clients that meet or exceed the criteria. Software Manager also lets you define special administrator user rights to elevated privileges in order to complete tasks on Windows clients. When the limit that you define is met. Uninstall – You can uninstall a software channel at the Windows client if it was initially delivered and installed using Software Manager. file/registry key. and more for your Windows and Windows Mobile clients. check for minimum device RAM. Browser delivery – Software Manager lets you create channels that your Windows client users can install. Advanced features – Depending upon the client type. Software Manager lets you create user defined fields. Criteria checking – Software Manager supports channel criteria requirements such as hard disk space. Subsequent sessions with the client transmit remaining sections. and prior to installation to cover situations in which software is received but not immediately installed. channel transmission stops. map source share points to target share points for Windows client remote LAN based channels. Segmented channel transfer – Software Manager lets you transmit large Windows client channels efficiently by splitting channel content into sections based on delivery time or size.

When clients connect. For example. you can also associate a channel with a monitor. Set Automatic Channel Actions Set options for automatic actions. 57 . • Encrypt channel for all clients – encrypts all information in transit so that it can’t be viewed by unauthorized users. as well as restricting channels to authorized users.6 FP1 Channels Channel Availability for Clients Afaria provides several channel-level features that enable you to control how channels run at the Afaria client. you control how and in what order channels execute at the client. Channel sets don’t appear at the client. create channel sets. and define security settings for individual channels. The channel set executes the collection of channels automatically in a set order when clients connect. instead. human resources documents.Getting to Know Afaria 6. through the profile. You can create a channel ahead of time and set it to publish automatically. Channel publication is the first step toward making a channel available to clients. and new audit software you need clients to use. all of the channels in the set execute automatically in the set order. Publish Channels Publish individual channels when they are ready to be used by clients. Create Channel Sets Assemble multiple channels in a channel set. You can create a schedule in the work profile to run at the end of each quarter a channel set containing accounting updates. associate them with work profiles. or you can set a time for a channel to unpublish itself automatically after the information is no longer valid. Secure Channels and Channel Information Enhance the security of your channels and channel content. For Afaria clients to have access to channels or channel sets. Group profiles are the vehicles for distributing channel and channel set tasks to client devices. You can also automatically delete a channel when a project is over or set a channel to update itself automatically. which lets you base channel execution on a schedule and/or a monitored event or condition. You can publish channels. you may have several clients who need both accounting and human resources information updated every quarter.

channels and channel sets are components in the profile’s definition. Password required – requires Windows client users to enter the correct password before accessing the channel or folder in the Channel Viewer application. either via a profile’s Client actions list. See “Client Management with Group Profiles” on page 33.6 FP1 Channels • • Authenticate user – verities the identity of clients attempting to connect to the channel before making channel contents available to the user. Group Profiles and Channels Profiles are the vehicles for distributing channel and channel set tasks to client devices. Include channels and channel sets with profiles.Getting to Know Afaria 6. or its allowed channels list. 58 . or both in some cases in order to associate them with Afaria Clients.

59 . Channels are replicated from the source server to the target servers in a read-only state. to import and export using the user interface. The product includes an import/export wizard. A main-to-farm relationship is one in which the source and target servers operate as a single Afaria entity. In the farm relationship. In the peer-to-peer relationship.6 FP1 Channels Channel Availability for Servers Afaria provides two features that let you make channels available to other servers within your Afaria system: import/export and replication. in that replicated channels are read-only channels that you can edit only at the source server. After exported channels are imported into another server.Getting to Know Afaria 6. the server takes complete ownership of the channels and is able to exercise any channel management tasks over them. Exported channels are independent from their source server. to import and export from a command line. When an Afaria Server imports channels. managing server is referred to as the source server and the other servers are referred to as the target servers. each using their own Afaria database. This differs from replication. the server retains no further control over the channels. Replication Replication lets you use a single Afaria server to manage channels for one or more other Afaria servers. Once an Afaria Server exports channels. A peer-to-peer relationship is one in which the source and target servers operate as separate Afaria entities. they are subject to any editing tasks the administrator wants to exercise. Replication differs from importing and exporting channels. sharing a single Afaria database. Import and Export Channels You can import and export channels from one server to another server that are not in a server farm relationship with each other. The source server may be in a main-to-farm relationship or a peer-to-peer relationship with the target servers. the single. and a command line utility. In the context of replication. the target server may create and manage channels additional to those replicated from the source server. the target servers are not able to create any channels on their own.

6 FP1 Policies Policies Use the Policies area of Afaria Administrator to define and manage policies. or both. Policies let you create focused collections of tasks and actions to define and enforce on your clients. 60 . Call Filtering policy – Block incoming calls. Installed applications – Applications that are installed on your device after purchase.Getting to Know Afaria 6. and restrict calls and SMS messages to a device. block incoming SMS messages. Policy Category – Application Control Application control policies let you control which applications your device users can execute. Policy management compiles a client application library. Symbian. Windows Mobile Standard Antivirus Firewall policies include the following policy types: • • • Antivirus policy – Protect and safeguard devices from viruses. Policy Category – Antivirus/Firewall Antivirus Firewall (AV/F) policies allow you to control and provide security for your device. It is a reference for your use when defining policies. Controlling these settings is often critical to device management. Policies are placed on the document server as part of a group profile and are passed to connected clients. Settings menu applications – Applications that are available on the device’s Settings menu. as queried by a client-side agent and reported back to the server. as they may control sensitive areas of device functionality. Firewall policy – Establish a firewall for each device to guarantee its integrity. Supported client types – Windows Mobile Professional. Supported client types – Windows Mobile Professional and Windows Mobile Standard The policies manage different types of applications: • • • Embedded applications – Applications that come preinstalled on the device. The library is a list of applications that are on your client devices.

Trusted relationships let you initiate a client connection to the OMA DM server without prompting for user interaction. Session Control – Allow the user to control subsequent tasks in the same policy by setting and interrogating variables. www. Access Point (AP) – Configure an access point for network connectivity. To learn more about OMA DM. and branching to out-of-sequence tasks. Policy definitions are consistent with the Apple iPhone Configuration Utility definitions. passwords. visit the Open Mobile Alliance’s Web site. Device configuration policies are supported on iOS client types. Mail for Exchange (MfE) – Initialize or change the settings for the Mail for Exchange client. Policies include these and additional types: • • • • • • Passcode Restrictions WiFi Credentials Simple Certificate Enrollment Protocol (SCEP) Exchange ActiveSync Policy Category – OMA DM Open Mobile Alliance (OMA) Device Management (DM) policies are settings and actions for Afaria OMA DM Clients that are based on DM objects.6 FP1 Policies Policy Category – Device Configuration Afaria device configuration policies let you manage device settings for items such as WiFi.Getting to Know Afaria 6. or version. • • • • 61 . OMA DM policies may include one or more of the following OMA DM tasks: • Trust – Establish a trusted relationship between the client and the OMA DM server. model. MfE is also used to create an MfE profile if one does not exist. The policy’s content—OMA DM objects—is applied at the client according to each device’s OMA DM implementation. and email. as defined by OMA.openmobilealliance. Objects – create a set of object operations based on a set of Device Description Files (DDF) for a single manufacturer.org and search for the Device Management workgroup. The settings and actions that you define using the Afaria OMA DM policy editor are formulated into OMA-DM-compliant message that the Afaria OMA DM server delivers to the client during connections with the client.

Software Configuration Management (SCM) – Install. Free-form – Use custom XML to define actions on a device-supported OMA DM object. Terminal Security – Allow a trusted OMA DM server to perform additional terminal security activities.6 FP1 Policies • • • • • • Skinny Client Control Protocol (SCCP) – Configure clients to use the Intellisync Call Connect application with the Cisco Unified Communications Manager product. and Reboot. or remove software applications at the client. Lock. Unlock. such as Internet calls with one or more participants. on a device. such as Wipe. update.Getting to Know Afaria 6. 62 . VoiceOverIP – Configure clients to use Internet telephony. Session Initiation Protocol (SIP) – Configure profiles for multimedia communication sessions.

Application management creates a list of applications on the Afaria agent installed on the device and categories to group the applications. Users can browse the list and install packages.6 FP1 Portal Packages Portal Packages Use the Portal Packages area of Afaria Administrator to define and manage packages. Users can browse the list and install applications. A list of packages is available on the Afaria agent at the client. Packages can include these types of applications: • • • • iOS enterprise – as developed by your organization and delivered from the Afaria Portal Package server iOS App Store – as delivered from the Apple App Store Android enterprise – as developed by your organization and delivered from the Afaria Portal Package server Android Market – as delivered from the Google Android Market 63 . Packages let you manage applications for your iOS and Android clients. Package Category – Application Application packages let you manage applications for your iOS and Android clients.Getting to Know Afaria 6.

64 . Multitenancy is the state of an Afaria installation that has the tenant features enabled. Tenant features let you maintain clients and assets for multiple tenants. A tenant is an entity defined within the Afaria environment that is associated with a subset of the client base and its related operations and assets. Features Tenant features let you take actions to maintain clients and assets for multiple tenants.Getting to Know Afaria 6. Filter Afaria Administrator pages to contain results only for a specific tenant. for a specific tenant. Add new clients for a tenant. you may want to operate your Afaria installation as a hosting environment to multiple customers or multiple enterprise divisions. Monitor operations and review data across all tenants. Manage operations and assets. Assets include nonclient items that support operations and profiles. These actions include: • • • • • • • • • Add tenants. Assign Afaria Administrator users to roles that define which tenants they can administer. such as policies and channels. and review data.6 FP1 Tenants and Multitenancy Tenants and Multitenancy Multitenancy is a separately licensed product feature that allows hosting providers to manage multiple enterprises from a single Afaria implementation. For example. Move a client from one tenant to another. Use the system tenant as an entity for creating assets to share with all tenants. Use product APIs and Web services to create your own Web portal for tenant administrators or tenant users to provide access to tenant-specific information. with each customer or division assigned to a different tenant identity.

65 . you can choose different options that allow you to deploy the agent via a companion PC. Based on client type and your environment. or the OTA Deployment Center.Getting to Know Afaria 6. A client setup is then used to install the Afaria Client software on a supported computing device. Start > Programs > Afaria > Afaria Create Client Install This wizard guides you through creating an Afaria agent installation package.6 FP1 Clients in Afaria Clients in Afaria The Create Client Installation program is a wizard that guides you through creating a client setup file. a network.

restore backed up data to individual clients. and inventory. views.Getting to Know Afaria 6. 66 . You can also view the status of software channels in different delivery/installation positions at the client. You can examine client data. groups. and log data. inventory change detection and data. You can view client data by client type. create iOS clients. Clients View The Data Views Clients view presents client-specific data. and view client deployment notification status information. You can also create folders. and take some actions on all clients. view the status of deployed client patches.6 FP1 Client Data Client Data Data views provides a variety of ways for you to view and manage client information. smaller views of software package tracking. You’ll find this feature convenient because you can open the same mini-views for several clients and/or different mini-views for the same client and keep them all open at the same time without leaving clients view. Data views > Clients You can also open multiple. work with deployed corporate software licenses. log. and SQL views to collect client data.

and then delivers the collection to the Afaria server during Afaria sessions. and seconds. and more. and more. File transfers – Displays views that record every instance when the server sends or receives a file. or closed. Replication – Displays log views that record messages specific to replication. Raised Events view displays the name of the event and the machine on which it occurred.Getting to Know Afaria 6. Client triggered actions – Displays log views for event monitors that record successes or failures for associated trigger action-pairs that occur on a client. as well as a view of the alerts that were closed. and more. • • • • • • • 67 . Sessions – Displays views that record information about past sessions. The right pane displays the date and time the event stopped transferring the file. acknowledged.6 FP1 Client Data Logs View Logs view presents client data logs. and then delivers the collection to the Afaria server during Afaria sessions. server on which the message was recorded. Windows Security – Displays all messages related to Data Security Manager for Windows clients. completion status or error type. session length in hours. time the alert was raised. time it occurred and the time it was received at the server. Messages – Displays views that record messages specific to the server and to OMA DM session processing. completion status or error type. The Afaria client collects Data Security Manager events and Bluetooth connection activity events as they occur. The Afaria client collects all Data Security Manager events as they occur on the client. Data views > Logs The view includes the following pre-defined logs: • Alerts – Displays a view of events that were raised. The right pane displays the date and time when the session with the client ended. minutes. The right pane displays the date and time when replication occurred with the most recent entry at the top. Afaria installs with several pre-defined logs. Handheld Security – Displays all messages related to Data Security Manager for handheld clients. but you can also create custom views. server that originated the transfer. and more. and more. Closed Alerts view displays the name of the alert. path from which the server downloads information to the client.

iOS Connection – The iOS Connection log captures the timing and sequence of actions occurring between the Afaria iOS provisioning server and the iOS devices. or deleted the policy. failed.6 FP1 Client Data • • Policy Delivery – Displays views related to policy delivery and updates. 68 . Logs record the nature and status of a policy and whether updates succeeded.Getting to Know Afaria 6.

Data views > Inventory Inventory data is organized by client type for the following categories: • Change Detection Views —Choose inventory attributes to monitor on clients. including a full directory scan and subsequent delta scans of data (Windows clients only) and configuration files. Once created. and delete these folders and views. rename.Getting to Know Afaria 6. as well as creates custom folders and views for storing inventory data. Inventory Views – View detailed inventory data for clients. Custom Views – Create custom folders and views of inventory information within the parent folder. • • 69 . Use the right pane to view inventory data for a specific client. you can edit.6 FP1 Client Data Inventory View Inventory view lets you monitor specific data that changes. You can use the right pane to view and acknowledge receipt of changes for those clients that have detected inventory changes. You can also create groups with views.

the right pane displays a summary of the following client status information specific to that item.6 FP1 Client Data Package Tracking View Package tracking view lets you examine the delivery and installation status of Software Manager channels and portal application packages on your clients.Getting to Know Afaria 6. Palm. Windows Mobile Professional (including Windows CE). Symbian. Windows Mobile Standard Data views > Package tracking When you select a channel or package to track in the left pane. iOS. Supported client types – Android. Windows. 70 .

Getting to Know Afaria 6. Data views > Backup You can also use the page to delete all backed up items older than a defined number of days. and if copy items from one client to another of the same client type.6 FP1 Client Data Backup View Backup view displays backup content from Backup Manager channels. 71 . Use it to restore items to those clients.

6 FP1 Client Data License Compliance View License compliance view lets you examine software license compliance and usage data collected from Inventory Manager scans. The License Compliance Views folder contains predefined views for most client types. Data views > License compliance You can use the predefined views to collect data. or you can define your own folders and views within the Custom Views folder. 72 .Getting to Know Afaria 6.

Action – Download a selection of patches. 73 . been applied to clients or client groups. Action – Create a dynamic client group for all clients that are missing a selection of patches. or have not.6 FP1 Client Data Client Patches View The Client Patches view provides powerful query and action tools.Getting to Know Afaria 6. Use the view for several queries and actions. Data views > Client patches The following context menu query and action items are available when you multi-select patches from the top right pane: • • • • Query – View all the clients that are missing a selection of patches. You can use a page-level filter to query which patches have. The view is based on the current patch selection you have in the Server Configuration Patch console page. The client list appears in the bottom right pane. Action – Create an unpublished Patch Manager channel for all clients that are missing a selection of patches. rather than all possible Microsoft patches identified in the Patch console page.

Uncompleted notifications – Displays all client notifications in your database for which the client installation has not been downloaded to a specific client. which include a download path for downloading the client to the device. Notifications – Displays all client notifications sent from the deployment center for all clients in your database. you see the client deployment folder views tree structure with the following predefined views: • • • Notification batches – Displays all the client deployment notifications batches sent from the client deployment center for a specific set of clients in your database.Getting to Know Afaria 6. as well as OMA CP network provisioning notifications sent to provision a device for the download and installation of the Afaria client.6 FP1 Client Data Client Deployment View Client deployment view allows you to view information about client deployment notification messages processed from the client deployment center. When the Client Deployment page opens. Notifications include OTA deployment center messages. Data views > Client deployment 74 .

Getting to Know Afaria 6.netop. Remote Control helps you manage frontline devices by allowing you to view and manipulate a client’s environment in real time. Use this capability for problem resolution or application training. Remote Control supports Windows and Windows Mobile clients. All Remote Control communication is AES encrypted and authenticated against your centralized authentication system. Visit Danware’s product site at www. 75 . saving time and expense. Additional features include audio chat and client-initiated requests.6 FP1 Remote Control Remote Control Afaria uses Danware’s NetOp Remote Control for the Afaria Remote Control solution. It uses role-based administration so you can carefully define the nature of changes that you allow different administrators to make.com for more NetOp Remote Control information and product documentation.

Sign up to vote on this title
UsefulNot useful