Tip

Exchange ActiveSync mobile management FAQ

Microsoft Exchange ActiveSync is probably the mobile management tool most familiar to IT administrators, but many still have questions about what it can and can’t do.

Exchange ActiveSync is a protocol available on most

    Requires Free Membership to View

mobile devices today that lets users sync email, calendars and contacts from their corporate Exchange accounts. IT can also use built-in ActiveSync mobile management capabilities to help secure and enforce policies on users’ smartphones and tablets.

For users, enabling ActiveSync is typically a simple process. As long as IT has approved mobile access, all a user has to do is fill out a couple of fields and enter his or her username and password. For IT, the process is more involved. There are several steps to follow when setting up and securing ActiveSync, and admins must also familiarize themselves with the Exchange Server ActiveSync Web Administration Tool, the portal through which ActiveSync mobile management occurs.

The answers to these frequently asked questions will help IT understand how to set up Exchange ActiveSync mobile management and how it works on the major mobile operating systems: Apple iOS, Android and Windows Phone.

How can I make sure I’m using ActiveSync securely?

Securing Exchange ActiveSync is the first step towards successful ActiveSync mobile management. ActiveSync is available through Exchange Server’s client access server (CAS) role, and although you can install CAS on the same server as other Exchange roles, it’s better to keep them separate. Running CAS on its own server reduces the chances of an attack and limits the damage of any potential attacks. Other best practices include using a reverse proxy and enabling Secure Sockets Layer encryption. 

Can I do Exchange ActiveSync mobile management on the iPhone?

ActiveSync lets you address basic enterprise iPhone security issues by implementing and enforcing policies, performing remote wipes and prohibiting the use of certain apps, such as the camera and Web browsers. There are some common problems that can occur between the iPhone and Exchange ActiveSync, however, and they may prevent devices from connecting to ActiveSync if not addressed.  

If you want advanced capabilities, the iPhone Configuration Utility, Apple Configurator and new application programming interfaces offer more iOS 5 device management options. These features let IT deploy and backup devices, install and remove applications and monitor device status.

Is ActiveSync mobile management the same on all Android devices?

Fragmentation is a problem when it comes to Android devices, and not every device or operating system version supports the same ActiveSync mobile management capabilities. For example, Android 2.2 Froyo added some basic Android management features through ActiveSync, such as remote-wipe capabilities and Exchange mailbox policies, but the extent of these features still varied among devices made by different manufacturers. All Android 4.0 Ice Cream Sandwich devices will support the same version of ActiveSync, so the hope is that fragmentation will become less of a problem over time, but most users are still on older versions.

Does Windows Phone take advantage of full ActiveSync mobile management features?

ActiveSync mobile questions

Got more ActiveSync questions? Ask the IT Knowledge Exchange community for help!

Windows Mobile, Microsoft’s previous mobile OS, relied on full Exchange ActiveSync mobile management. Windows Phone 7 and 7.5 are more consumer-oriented OSes, however, and as such, Microsoft scaled back their ActiveSync mobile management capabilities. When it comes to management, Windows Phone 7 features are now more in line with those on iOS and Android. IT can enforce password policies, perform remote wipes and do other basic tasks, but for advanced features, admins will have to rely on Windows Phone’s integration with other Microsoft enterprise software.

Like SearchConsumerization.com on Facebook.

This was first published in May 2012

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Expert Discussion

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.