Mobile Services for Exchange
Topic Last Modified: 2006-05-16
Exchange Server 2003 supports mobile access by using the synchronization and browse capabilities of mobile devices. You can deploy mobile services to enable your users to access their Exchange information from mobile devices such as the Microsoft Pocket PC 2002 Phone Edition device, or any mobile device with a mobile browser.
For information about configuring and managing mobile services for Exchange, see the following topics:
Exchange 2003 now includes the ability to use Pocket PC 2002 devices to synchronize Exchange data with Microsoft® Exchange ActiveSync®. By default, when you install Exchange, all your users are enabled for synchronization.
By synchronizing a device to an Exchange server, your users can access their Exchange information without having to be always connected to a mobile network. Specifically, users can use their mobile carrier connection to synchronize their Exchange information to their Pocket PC Phone Edition or Smartphone device and then access this information while offline.
Exchange 2003 now includes the Microsoft® Office Outlook® Mobile Access application, which enables users to use mobile devices to access their e-mail, Contacts, Calendar, and Tasks folders. Outlook Mobile Access can be used with a mobile device that has a mobile browser. The mobile browser must support one of the following markup languages: HTML, xHTML, or cHTML. To deploy your Exchange server to use Outlook Mobile Access, follow the same steps involved in deploying an Exchange server to use Outlook Web Access.
When you enable Outlook Mobile Access for your users, a security issue exists when using Mobile Operators that use Wireless Application Protocol (WAP) 1.x gateways. These gateways translate secure traffic from Internet protocols to wireless protocols. Because of this translation, a WAP 1.x gateway stops a Secure Sockets Layer (SSL) session over TCP/IP, re-encrypts the data using Wireless Transport Layer Security (WTLS), and then sends the information over the wireless network using Wireless Session Protocol (WSP). During this translation at the WAP gateway, all data will be briefly unencrypted as it is decrypted from the SSL session and re-encrypted again as part of the WTLS session. This security issue affects your messaging infrastructure if your corporation is not hosting your own WAP gateway in the perimeter network.
Outlook Mobile Access for Exchange 2003 supports WAP 2.0 devices only. However, this does not eliminate the possibility of certain devices being able to use a WAP 1.x gateway. Therefore, the security issue exists whenever a WAP 2.0 device, that can use a WAP 1.x gateway, uses a Mobile Operator with WAP 1.x gateways deployed.
To resolve this issue, you can purchase and install your own corporate WAP gateway. This solution requires that you situate a WAP gateway in the perimeter network and limit your mobile users to use this gateway alone.
Alternatively, you can choose to provide only WAP 2.0 devices that use only carriers that have WAP 2.0 gateways deployed. WAP 2.0 gateways allow SSL sessions to be passed through directly to WAP 2.0 devices that support SSL without decrypting and re-encrypting the session.
For detailed information about mobile devices, see Step-by-Step Guide to Deploying Windows Mobile-based Devices with Microsoft Exchange Server 2003 SP2.