How Mobile Device Manager Works
This section describes how System Center Mobile Device Manager works.
- Device Enrollment with Mobile Device Manager
Before a device can use MDM to connect to the company network, it follows a process of authentication and provisioning that ensures it is a recognized and verified member of the Active Directory® domain in your company.
- Mobile VPN with Mobile Device Manager
This is the authenticated and encrypted connection established between a managed Windows Mobile device and MDM Gateway Server. After the Mobile virtual private network (VPN) is established, all network traffic from the device cellular wireless wide area network (WWAN) or its Wi-Fi connection redirects through it and back to MDM Gateway Server.
- Device Management with Mobile Device Manager
A managed device can communicate with MDM Device Management Server after it successfully negotiates the authenticated network access connection with MDM Gateway Server. The server collects information about the device and then pushes the appropriate Group Policy settings and software packages to it.
- LOB Access with Mobile Device Manager
Device-based applications can use an authenticated network access connection to create communication sessions with the e-mail and line-of-business (LOB) applications for your company. This communication requires that users provide account information to authenticate their account on the servers in your company network. MDM denies the connection if the user account does not have permissions to your company LOB servers.
- Group Policy Application on Mobile Device Manager
By using Group Policy, an administrator can enable or disable any device functionality. For example, an administrator could disable all cameras as a default setting, and the end user could not override this setting.
- Software Distribution on Mobile Device Manager
MDM Device Management Server regularly checks with MDM software distribution for newly published software packages and evaluates managed devices against package applicability rules and approval information.
- Application Authentication on Mobile Device Manager
After a managed Windows Mobile device establishes an authenticated network access connection, it can access IT services on your company network.