advanced administration: kaseya byod suite
TRANSCRIPT
Advanced Administration: BYOD
Jonathan Foulkes VP of Mobile Product Management
Copyright ©2014 Kaseya 1
The information in this presentation is confidential and proprietary to Kaseya and may not be disclosed or distributed without the prior written permission of Kaseya. This document, and any related presentation, as well as Kaseya's strategy, possible future developments, products, platforms, directions and/or functionality are all subject to change without notice at Kaseya’s sole discretion. The information in this document does not constitute a commitment, contract, promise or legal obligation to deliver any material, code or functionality. This document is provided without warranty of any kind, either express or implied, including but not limited to, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. This document is for informational purposes only and may not be incorporated into a contract. All forward-looking statements, including those set forth in this presentation, are subject to various assumptions, risks and uncertainties that could cause actual results to differ materially from projections. Readers are cautioned not to place undue reliance on such forward-looking statements, and specifically, not to rely upon such in making purchasing decisions.
Copyright ©2014 Kaseya 2
BYOD Recap
Add-on enabling secure mobile access to enterprise resources
Secure containers
On-prem Gateway & Cloud Services
Copyright ©2014 Kaseya 3
Browser Docs Mail
BYOD Elements
Copyright ©2014 Kaseya 4
Setting up data sources
Define the sources users may reach
– For web-based systems
– For document sources
– For mail
Segment based on AD groups
Copyright ©2014 Kaseya 5
Site Menu
Copyright ©2014 Kaseya 6
Tunneled Site Setup
Copyright ©2014 Kaseya 7
Segmenting with AD groups
Copyright ©2014 Kaseya 8
Mobile View
Copyright ©2014 Kaseya 9
Browser-related Tips
Want to let them type their own URL?
– Add a page that shows a text field
– Redirect page to that URL on submit
Leverage single-sign-on
– Set target sites to use NTLM auth as an option
– Reduce creds exposure, as not typed on mobile
Copyright ©2014 Kaseya 10
Working With The Proxy List
Proxy list – white list of targets the Gateway will route mobile requests to
– Enforced at both mobile and Gateway
Auto-built via Site tab, but admin can edit
– Why?
• Site A (in proxy list) links site B (not there) – Fail
• Use wildcards (CIDR)
– Route locked-down public addresses
Copyright ©2014 Kaseya 11
Document Sources
What sources?
– Most WebDAV-capable systems
• IIS, SharePoint
• Network Attached Storage systems
• Cloud CMS
Ideally, NTLM auth set
– Single-sign-on
Copyright ©2014 Kaseya 12
Doc Source list
Copyright ©2014 Kaseya 13
Mobile View
Copyright ©2014 Kaseya 14
Defining A Doc Source
Copyright ©2014 Kaseya 15
Permissions
Copyright ©2014 Kaseya 16
Docs-related Tips
Leverage IIS as WebDAV server to publish shared folders
– Test access and config via Explorer
KISS - Let the server do trimming
Leverage single-sign-on
– Set target servers to use NTLM auth as an option
– Reduce creds exposure, as not typed on mobile
Copyright ©2014 Kaseya 17
Direct vs. Relay
What is ‘Direct’ for?
– Typical DMZ-style deployment
– Bypass the relay
How:
– Network tab - check direct
– Set external name and port
– Turn OFF relay
Copyright ©2014 Kaseya 18
Logs Are Your Friend
Four primary logs
– Gateway – start, stop, auth, comms
– Panel– Local UI, not really interesting
– Portal – Siteinfo, policy, locally served content
– Proxy – proxied requests
Copyright ©2014 Kaseya 19
Log Content
Standard Apache log format
– Consume in your favorite log-munger
Determine who is accessing what
– Or if they are getting errors, rejections (auth?)
Gateway log is a pretty good network line monitor ;-)
Copyright ©2014 Kaseya 20
Log Levels
Set in byodgateway.ini
– Only use Debug on test systems with limited access – very verbose
# Logging level for gateway error log - CRITICAL/ERROR/WARNING/INFO/DEBUG
service_loglevel = INFO
Copyright ©2014 Kaseya 21
Summary
Connect the right users to the right sources
Integrate with AD for security and simplicity
Leverage logs for insight and troubleshooting
Copyright ©2014 Kaseya 22
Copyright ©2014 Kaseya 23
Questions and Answers Thanks for Attending Kaseya Connect
#KaseyaConnect Let's Share!