Information on using Mobile Device Manager in a locked down environment


image The System Center Mobile Device Manager 2008 Security Configuration Wizard (SCW) includes three templates that you can apply to MDM servers to help enhance security by disabling functionality that is not required for the servers.


The SCW is an attack-surface reduction tool that is bundled with Microsoft Windows Server 2003. By using the SCW, you can create security templates that then can be applied to the server on which they were created or to other similarly configured servers.


The MDM SCW templates provided in this download are pre-configured by using SCW to disable functionality that is not required on each MDM server. The following SCW templates are included:


* DeviceManagementPolicy.xml – Template for MDM Device Management Server


* EnrollmentPolicy.xml – Template for MDM Enrollment Server


* GatewayPolicy.xml – Template for MDM Gateway Sever


For more information about using SCW, see “SCW Quick Start Guide” on the following
TechNet Web page: http://go.microsoft.com/fwlink/?LinkId=118378


Obtain the Server Tools here:


Resource Kit Tools – Server Tools
http://www.microsoft.com/downloads/details.aspx?FamilyID=0433b453-15a5-48ae-a343-6a1053f46251&displaylang=en


Network Service account requirements, as well as other security specific content:


Provide Network Service Permissions to the Certificate
http://download.microsoft.com/download/7/e/f/7ef580df-3666-4746-b5ad-67393983c819/SCMDM08Deployment.doc


Other Tools:


System Center Mobile Device Manager Resource Kit Tools
http://technet.microsoft.com/en-us/scmdm/cc304591.aspx


Other security content:


Security Best Practices in MDM
http://technet.microsoft.com/en-us/library/dd261854.aspx


MDM Backup and Recovery
http://technet.microsoft.com/en-us/library/dd261892.aspx


Security and Protection for Mobile Device Manager
http://technet.microsoft.com/en-us/library/dd252842.aspx


Clint Koenig | Support Escalation Engineer


Comments (0)