I wrote this article when I worked at IBM. I’m now working at VMware supporting partners and clients with Workspace One. See here for further details.
Many organisations provide mobile access to corporate email/calendar services. Enabling more advanced collaboration services can be more complex and expensive to deploy. MaaS360 offers a new approach to deploy a range of new mobile collaboration services:
- Secure Document access (SharePoint, Fileshares, CMIS, Box, One Drive for Business, Connections, Google Drive)
- Web Browser Intranet access
- Mobile Application Intranet access
These services can be accessed without the need to deploy a more powerful and typically expensive VPN solution.
Clients love MaaS360’s unified mobility management features and new mobile application and App Catalog look and feel as shown below:
Mobile collaboration is enabled by deploying the MaaS360 Cloud Extender/Enterprise Gateway on-premises. This provides a micro-VPN service from your company Intranet to the MaaS360 application on each device protected by FIPS 140-2 compliant / AES-256 encryption. Regardless of the security of the mobile device, MaaS360 protects all information inside of the encrypted MaaS360 application.
This article steps you through the steps to enable this capability in less than 30 minutes.
Step 1: Start your free 30 day MaaS360 production trial
If you haven’t already, go to MaaS360.com/trial and enter your details to start a MaaS360 trial. This is a production trial so everything you configure / setup is available beyond the trial period without any activation charges.
Once you’ve started a trial, enrol a number of devices and get familiar with the MaaS360 portal. The MaaS360 administrator portal is very easy to use, however you can also review this video which provides a great overview.
Step 2: Install the MaaS360 Cloud Extender
Next install the MaaS360 Cloud Extender (CE) on an internal Windows server. This allows you to connect on-premises resources such as Active Directory, Certificate Authorities to the MaaS360 SaaS service. You can follow the instructions here to install and configure the CE.
Step 3: Install and configure the Mobile Enterprise Gateway (MEG)
The following instructions detail how to enable the Enterprise Gateway as a feature within the Cloud Extender.
- Next contact our ops team via the 24×7 technical chat service and ask for the Enterprise Gateway service to be enabled for your trial account. Also advice them to select either the US, Europe or AP hub if you use the MEG in relay mode.
- Next select Setup – Services and enable Enterprise Gateway
- Start the Cloud Extender Configuration Tool and select Enterprise Gateway. Select either Active Directory or LDAP directory using the same configuration you used for User Authentication/User Visibility.
- The config tool will perform a number of checks for connectivity and Active Directory authentication:
- Next select the Standalone configuration mode, choose a name for your MEG gateway (ie. in my case I chose MEG1-AP) and the gateway Relay mode. You should then see in the drop down box the correct relay server.
- It’s important to ensure you select WebDav Server Setup for Network File Share access. You might also like to select the checkbox to re-use the user’s credentials.Ensure you do not select Internet Proxy Settings. This will route all requests for your intranet to a proxy first. Only select this feature if really needed.
- Next within the MaaS360 Workplace persona policy, enable the following services:
- Next under Browser – Enterprise Gateway, select your MEG gateway and choose the DNS wildcard for all your Intranet services.
- From your mobile device using the MaaS360 secure browser, you should be able to access your company Intranet as shown.
- Next from the MaaS360 administrator portal, select Docs – Content Sources. Add a Windows File share using the example below. It’s important to get the Folder path correct including upper/lower case letters. Ensure you can browse to the file share without any issues from the Cloud Extender server itself.
- From your mobile device, you should be able to also access the documents from the file share from with the MaaS360 Docs application as shown:
That’s it ! As you can see, it’s quick and easy to provide company information securely to your mobile workforce. With the comfort that this information is protected and leveraging additional mobile services such as MaaS360 Threat Protection (integrated anti-malware for iOS and Android).