Enable secure mobile Intranet access in less than 30 minutes with IBM MaaS360

I wrote this article when I worked at IBM.  I’m now working at VMware supporting partners and clients with Workspace One.  See here for further details. 


Many organisations provide mobile access to corporate email/calendar services. Enabling more advanced collaboration services can be more complex and expensive to deploy.  MaaS360 offers a new approach to deploy a range of new mobile collaboration services:

  • Secure Document access (SharePoint, Fileshares, CMIS, Box, One Drive for Business, Connections, Google Drive)
  • Web Browser Intranet access
  • Mobile Application Intranet access

These services can be accessed without the need to deploy a more powerful and typically expensive VPN solution.

Clients love MaaS360’s unified mobility management features and new mobile application and App Catalog look and feel as shown below:

container1      appcatalog2

Mobile collaboration is enabled by deploying the MaaS360 Cloud Extender/Enterprise Gateway on-premises.  This provides a micro-VPN service from your company Intranet to the MaaS360 application on each device protected by FIPS 140-2 compliant / AES-256 encryption.  Regardless of the security of the mobile device, MaaS360 protects all information inside of the encrypted MaaS360 application.

This article steps you through the steps to enable this capability in less than 30 minutes.

Step 1: Start your free 30 day MaaS360 production trial

If you haven’t already, go to MaaS360.com/trial and enter your details to start a MaaS360 trial.  This is a production trial so everything you configure / setup is available beyond the trial period without any activation charges.

Once you’ve started a trial, enrol a number of devices and get familiar with the MaaS360 portal.  The MaaS360 administrator portal is very easy to use, however you can also review this video which provides a great overview.

Step 2: Install the MaaS360 Cloud Extender

Next install the MaaS360 Cloud Extender (CE) on an internal Windows server.  This allows you to connect on-premises resources such as Active Directory, Certificate Authorities to the MaaS360 SaaS service.  You can follow the instructions here to install and configure the CE.

Step 3: Install and configure the Mobile Enterprise Gateway (MEG)

The following instructions detail how to enable the Enterprise Gateway as a feature within the Cloud Extender.

  1. Next contact our ops team via the 24×7 technical chat service 3 - maas360 chat and ask for the Enterprise Gateway service to be enabled for your trial account. Also advice them to select either the US, Europe or AP hub if you use the MEG in relay mode.
  2. Next select SetupServices and enable Enterprise GatewayMEG 0.8
  3. Start the Cloud Extender Configuration Tool and select Enterprise Gateway.  Select either Active Directory or LDAP directory using the same configuration you used for User Authentication/User Visibility.MEG 1
  4. The config tool will perform a number of checks for connectivity and Active Directory authentication:MEG 3  MEG 4
  5. Next select the Standalone configuration mode, choose a name for your MEG gateway (ie. in my case I chose MEG1-AP) and the gateway Relay mode.  You should then see in the drop down box the correct relay server.MEG 5
  6. It’s important to ensure you select WebDav Server Setup for Network File Share access. You might also like to select the checkbox to re-use the user’s credentials.MEG 6Ensure you do not select Internet Proxy Settings.  This will route all requests for your intranet to a proxy first.  Only select this feature if really needed.MEG 7
  7. Next within the MaaS360 Workplace persona policy, enable the following services:MEG 8
  8. Next under BrowserEnterprise Gateway, select your MEG gateway and choose the DNS wildcard for all your Intranet services.MEG 9
  9. From your mobile device using the MaaS360 secure browser, you should be able to access your company Intranet as shown.MEG 13
  10. Next from the MaaS360 administrator portal, select DocsContent Sources.  Add a Windows File share using the example below.  It’s important to get the Folder path correct including upper/lower case letters.  Ensure you can browse to the file share without any issues from the Cloud Extender server itself.MEG 10
  11. From your mobile device, you should be able to also access the documents from the file share from with the MaaS360 Docs application as shown:MEG 12
    MEG 11

That’s it !  As you can see, it’s quick and easy to provide company information securely to your mobile workforce.  With the comfort that this information is protected and leveraging additional mobile services such as MaaS360 Threat Protection (integrated anti-malware for iOS and Android).

If you would like further information, please ask a question on the new MaaS360 forum or contact me directly via my blog contact page.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s