Cisco Systems MaaS360 manual Enterprise Integration, Dmz

Page 17

Enterprise Integration

Fiberlink MaaS360 offers a solution that enables integration with existing enterprise infrastructures such as AD, Exchange, and a certificate authority. This is achieved using a component called Fiberlink MaaS360 Cloud Extender. The Fiberlink MaaS360 Cloud Extender is a small program that runs as a service on a Microsoft Windows machine in your network. The Cloud Extender creates an outbound connection over HTTPS to the Fiberlink MaaS360 portal that is used as a bi-directional communication facility and allows the Fiberlink MaaS360 portal to integrate with an enterprise Active Directory Server to perform user authentication and synchronization of users and groups using Active Directory. The Fiberlink MaaS360 Cloud Extender requires that it be configured with an account with sufficient rights to run as a service and to have read-only access Active Directory.

Fiberlink MaaS360 Cloud Extender can be installed on a Physical or Virtual Machine with following specifications:

Windows Server 2008 R2 (64-bit)

Dual Core, 4 GB RAM

Access to Fiberlink MaaS360 Cloud (outbound connection, port 443)

Read-only Administrative access to AD to real user and group information

Redundancy configurations are available but are out of scope for this document. For more information, see: https://www.cisco.com/go/Fiberlink MaaS360support.

Figure 10 Typical Cloud Deployment Model

Internet

 

 

 

DMZ

 

 

Internal Network

 

 

 

 

 

 

 

 

 

 

 

 

Cisco ISE

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

AD/LDAP

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

HTTPS

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Email

 

 

 

Admin Portal

 

 

 

 

 

 

 

 

 

 

 

Request

 

 

 

 

CSR

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

HTTPS

 

 

 

 

 

 

 

 

 

 

 

Response

 

 

 

Certificate

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

FiberLink

 

 

 

 

 

 

 

Certificate

Enrollment

 

 

 

 

 

 

 

 

User Portal

 

Cloud

 

 

 

 

 

 

 

Authority

 

Server

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

OTA

SSL

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Configuration

HTTPS

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

2195

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Management

 

 

Cloud

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Extender

 

 

 

 

 

 

 

 

 

APNS

GCM

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

iOS and

 

 

 

 

 

 

 

 

 

 

 

 

294254

Android Agents

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Integrating Fiberlink MaaS360 with Cisco Identity Services Engine

17

 

 

Page 16 Page 18
Image 17
Page 16 Page 18
Contents Revised August 6 Page Page Overview Fiberlink MaaS360 Capabilities and FeaturesCapability Features Fiberlink MaaS360-Key Capabilities Deployment Models Import MDM Certificate to ISE Getting Fiberlink MaaS360 Ready for ISEExporting the MDM Site Certificate with Internet Explorer Grant ISE Access to the Fiberlink MaaS360 API Manage Administrator Account Add Account Add MDM Server to ISE Configure the MDM API on ISE Message Explanation Verify Connectivity to MDMReview MDM Dictionaries DMZ Enterprise IntegrationFiberlink MaaS360 Cloud Extender Download Cloud Extender Installation Wizard AD Group Memberships Active Directory/LDAP IntegrationOwnership User Group Restrictions MDM Profiles Create Policies Shows the flow of this process MDM APNS/GCN Mobile Client Application-Fiberlink MaaS360 AgentDevice Ownership MDM On-boarding User ExperienceMDM Enrollment MDM Enrollment-Terms of Acceptance Pass Code Complexity Enterprise Application StoreInstallation of Maas360 Application Data at-Rest Corporate DataForced CoA from ISE Corporate WipeISE Compliance versus MDM Compliance Verify Device ComplianceEnd User Portal Action Type Options Device Scanning Intervals Device Compliance/RestrictionsManually Updating the MDM Server PINLockStatusRegisterStatus Manage Lost/Stolen DevicesJailbroken or Rooted devices Application Distribution Cisco Applications Jabber, etc Disclaimer Conclusion
Top Page Image Contents