System Center Mobile Device Manager (MDM) enables Windows Mobile 6.1 devices to become a trusted member of your company network. As soon as it is domain-joined, the managed device can access internal network resources for your company that the administrator enables.
This includes file shares, internal applications, Microsoft® Exchange e-mail messages, Microsoft SharePoint® sites, and other services that before only desktop and portable computers could access.
The following MDM features help you manage, control, and make your mobile messaging environment more secure:
- Enforce Active Directory® group policies specific to managed
devices
- Wipe all data from managed devices and the contents of
removable storage cards
- Use Windows Software Update Server (WSUS) with MDM software
distribution components to distribute .cab files to managed devices
With MDM architecture, you can configure MDM in your company infrastructure in many ways. However, this depends on the scalability option that you select and the availability of system requirements for your company. The following illustration shows an overview of the three primary server configurations:
There are three primary configuration options:
-
Integrated configuration: For the minimal MDM configuration,
install the components on two physical 64-bit servers: MDM Gateway
Server on a stand-alone or workgroup server in the perimeter
network and MDM Enrollment Server, MDM Device Management Server,
and Microsoft SQL Server® on a domain-joined server in the company
network. Although the integrated option provides a simple
implementation, it is not the most secure configuration and can
restrict an organization that has many Windows Mobile devices to
manage.
-
Distributed configuration: Deploy each MDM component: MDM
Gateway Server, MDM Device Management Server, MDM Enrollment
Server, and SQL Server, on separate, dedicated physical 64-bit
servers. This configuration provides better scalability than the
integrated configuration. However, this configuration offers no
redundancy, nor can you easily add more servers to scale out when
the number of managed devices increases and you must add more
servers.
-
Scaled-out configuration (recommended): Configure MDM
Gateway Server and MDM Device Management Server in load-balanced
arrays. At first, an array may consist of only one server, but when
the initial installation is set up as a scaled-out configuration,
you can add more servers easily. We recommend that you have a
dedicated computer that is running SQL Server to make software
distribution on a larger scale easier. This is the recommended
configuration for a production enterprise environment. The
scaled-out configuration allows for the greatest scalability and
the highest levels of availability for managed mobile devices.
Note:To scale out MDM Device Management Server or MDM Enrollment Server, you can deploy either hardware or software load balancers. Contact the product technical documentation for features and limitations of load balancers. With either software or hardware balancers, affinity must be enabled in the load balancer configuration.
For more information about these configuration options, see Planning for Mobile Device Managerin the MDM Planning Guide.