Beruflich Dokumente
Kultur Dokumente
June 9, 2011
Agenda
Mobile Landscape and Trends Lotus Mobile Strategy Lotus Notes Traveler
Q&A
Social networking
Instant messaging
200m+ users accessing Facebook through mobile devices 40% of all Facebook users Mobile usage 2x in 2010 People that use Facebook on their mobile devices are twice as active on Facebook than non-mobile users
Access internet
Send photo/video 0 10 20 30 40 50 60 70 80 90
Percent
All adults
Ages 18-29
In the past
Only a few devices supported Communication focused devices Phone, mail, calendar contacts, chat, SMS Enterprise owned & controlled devices
Agenda
Mobile Landscape and Trends Lotus Mobile Strategy Lotus Notes Traveler What's New Timeline Security Best Practices Reference Links Q&A
Agenda
Mobile Landscape and Trends Lotus Mobile Strategy Lotus Notes Traveler
Q&A
Integrated collaboration on multiple devices, any network Offline / Online capabilities Clients managed centrally, easier administration Multi-OS support Out of the box features, cost effective and innovative Integrates with existing systems and applications
IBM Lotus iNotes IBM Lotus iNotes IBM Lotus Notes
Automatic wireless delivery of Lotus Domino Email and PIM Data Device security settings 2-way synchronization Over the air client or profile installation Uses native device applications for best integration (except Android) Works over all wired / wireless connections (CDMA, GPRS, GSM, WiFi, etc.) Administration support for device security policies and remote wipe
Server Requirements
Operating System
Windows Server 2003 Standard/Enterprise/R2 (32 and 64 bit) Windows Server 2008 Standard/Enterprise (32 and 64 bit) Windows Server 2008 Standard/Enterprise R2 (64 bit) Red Hat Enterprise Linux (RHEL) 5 Server (32 and 64 bit) SUSE Linux Enterprise Server (SLES) 10.2 (32 and 64 bit) SUSE Linux Enterprise Server (SLES) 11 (32 and 64 bit)
Runs in 32-bit or 64-bit mode on Domino server for Windows Linux Domino server is 32-bit only, so Traveler only runs in 32-bit mode on Linux
Domino 7.0.2 servers or above Remote mail OS can be anything that Domino supports
10
Device Requirements
Android 2.0.1 or greater devices, phone & tablets (incl.3.0) Apple Devices and Operating Systems
iPhone, iPhone 3G, iPhone 3GS, iPhone 4 iPad iPod Touch Apple OS 3.x Apple iOS 4.x
Nokia Devices
Nokia Series 60 3rd edition, including feature pack 1 and 2 Nokia Series 60 5th edition Nokia manufactured phones are only versions supported
Windows Mobile 6.0, Standard, Professional and Classic versions Windows Mobile 6.1, Standard, Professional and Classic versions Windows Mobile 6.5, Standard, Professional versions Note that Lotus Notes Traveler version 8.5.2 does not run on Windows Mobile 5 devices
11
Bullet 1
12
Bullet 1
13
Enhancement/Fix List:
coming soon !! 8.5.2.3 June 2011 adds iOS partial (Traveler only) wipe
Enhancement/Fix List:
http://www.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_APAR_listing
IOS, Android & Nokia enhancements, Group Lookup and more... coming soon....
14
Device management
Automatic device updates Multiple device per user support Centralized view of connected users/devices & their status; Admins allow/deny access by policy Ease of configuration and deployment *Killer App* for IT shops !!
Disaster Recovery Leverages mature Domino DR capabilities Serviceability - Problem reporting utility and intuitive log viewer/management tools Enhancements delivered frequently through .x (point) releases LotusLive - Common mobile solution for on-premise or LotusLive Notes cloud service, or a hybrid
15
10 March, 2011 !
16
Lotus Mobile Installer - Automatic upgrade notification Linux server support RHEL 5, SuSE 10/11 Meeting Invitations on iOS (create and accept) Corporate Name Lookup Scheduled Synchronization - sync during peak/off peak hours Data Roaming detection suspends sync; saves data costs & battery Support for W indows Mobile 6.5 Self service wipe!
17
Device password (Android!) Prohibit ascending, descending and repeating sequences Require alphanumeric value (Android) Minimum password length (Android) Minimum number of complex characters Password expiration period Password history count Auto lock period (maximum) (Android) Wrong passwords before wiping device (Android) Prohibit camera Prohibit unencrypted devices Prohibit devices incapable of security enablement (Android)
18
iOS partial (Traveler only) wipe Android Enhanced Installation Android Home Page Widgets for mail and calendar Android Calendar Invite creation, quick switch days/weeks, week view hints Android Tap-to-dial for calendar entries Android Mail enhancements Copy/paste from clipboard Added a Send button to the compose email form Android multi-line signature Added Android OS 3.0 Support Group name lookup Domino Mail-in db returned with Name Lookup Select which applications are allowed to sync for Apple devices Reply and Forward indicators from Apple devices Device approval Symbian^3 support
19
2011 IBM Corporation
Single application (no separate Lotus Installer that was previously used) First time installing version 8.5.3, old Lotus Installer application will be removed if found Features from Lotus Installer such as automatic client update integrated into Lotus Traveler application If installing via built in Android browser, installation panels now pre-fill server name and user id Works with most browsers that use Android browser history features
20
Lotus Traveler application now includes new options in the tools menu
Check for updated software Uninstall application
21
Now supports chair side meeting actions Meeting owner can now do the following from the device
Create meetings with attendees Reschedule meetings Modify meetings Cancel meetings
22
Phone numbers included in a calendar entry are now hot spots that when clicked will dial the number. Number can be included in fields:
Subject Location Description
23
W eek view now displays text (as much as display will allow) Performance improvements when navigating (swiping) between days Performance improvements when scrolling large calendars Revised menu experience for Android 3.x tablets
24
Lotus Traveler mail widget now available to add to Android home screens Comes in large (3x3) and small (4x1) formats OS 3 tablet widget includes smooth scrolling feature Click mail icon to launch the mail application Open individual mail items Compose message by clicking '+' symbol
2011 IBM Corporation
25
Lotus Traveler calendar widget now available to add to Android home screens Comes in large (3x3) and small (4x1) formats OS 3 tablet widget includes smooth scrolling feature Click calendar icon to launch the calendar application Open individual calendar items Create new calendar entries by clicking '+' symbol
26
Server lookup done automatically when composing a new mail or searching for a contact using the Lotus Lookup application Lookup results now display contact photo if available in local contacts Results display person, group or mailin database silhouette if results contain different types
27
Use 'Select Text' menu option to copy text from mail or calendar documents Long press inside another document or application and select 'Paste
2011 IBM Corporation
28
Multi line mail signatures now possible on Android devices Lotus Traveler->Settings>Applications Signature added to all new mail messages composed on device
29
Symbian^3 devices now supported New SIS installation package created for S3 devices Device support includes (but not limited to)
Nokia E7 Nokia C7 Nokia C6-01 Nokia N8
30
Only supported for Nokia Symbian^3 devices Requires Nokia Symbian Anna level firmware release Server policy can be defined to require that only encrypted Nokia devices are allowed to connect
Prohibit unencrypted devices
Device user must encrypt phone and mass storage using Nokia supplied utility
2011 IBM Corporation
31
Remote wipe option now available for Apple devices to remove only Lotus Traveler data
Contacts Calendar Email
32
Data is removed from device, but profile or account settings remain As with all wipe operations, device cannot connect back to Traveler server until the administrator clears the wipe order Device user receives mail message on device indicating that wipe order was completed
2011 IBM Corporation
33
If policy is enabled, administrator must explicitly approve end user device before it can access the Lotus Traveler service Set number of devices to allow before approval to zero if all devices must be pre-approved Optional address list can be used to notify administrator by mail when device approval is pending
34
Lotus Traveler administration database keeps track of approval status Administrator uses Change Approval action to approve or deny Sort by Approval column
35
Administrator policy set using Domino Lotus Traveler Settings Lotus Traveler server now enforces the Set value and prevent changes option for Apple devices Policy can turn mail, calendar or contacts off. Application still exists on device but will not receive or sync any data
36
Mail routing configuration is no longer required on the Lotus Notes Traveler server Meeting notices are sent via the user's mail server's mailbox SMS messages (if configured) are sent via the user's mail server's mailbox
Meeting notices no longer appear to be sent by the Lotus Notes Traveler server Corporate lookup (aka Name Lookup) requests are executed against the user's mail server's directory Previously all requests executed against the Traveler servers directory Will be more consistent with a Notes client's lookup results Change back to the old behavior by setting NTS_TRAVELER_AS_LOOKUP_SERVER=true in notes.ini on Traveler server
37
Mail replied to or forwarded from the Apple device will now have the reply or forward indicator set in the server mail copy Cannot yet keep reply/ forward indicators in sync with device still a current restriction
38
Agenda
Mobile Landscape and Trends Lotus Mobile Strategy Lotus Notes Traveler
Q&A
40
1. Whole devices can be encrypted, and can be enabled and enforced with the security policies in 8.5.2+. iPhones that don't support hardware encryption can be blocked. The 3GS & 4G support hardware encryption, Original and 3G don't. Domino policies that admins can use to force the enablement of encryption and block unencrypted phones are: Prohibit unencrypted devices
2. Storage cards can be encrypted. Data in native PIM/email applications is not encrypted except for Domino encrypted mail. 3. Domino Policies that admins can use to manage passwords are: Device password Prohibit ascending, descending and repeating sequences Require alphanumeric value Minimum password length Minimum number of complex characters Password expiration period Password history count Auto lock period (maximum) Wrong passwords before wiping device Dynamic policy changes (admin changes are automatically synchronized to the device without requiring user interaction)
41
On-device encryption
iOS - Except for early models (original and 3G) the iPhone/iPads are password protected
at the device level and, by definition, data is encrypted. The level of encryption is controlled by Apple and is described here: http://www.apple.com/iphone/business/ integration/
Device policies, restrictions and strong encryption methods on iPhone provide a layered approach to keeping your information secure. iPhone uses AES 256-bit hardware encryption to protect all data at rest. To further secure mail messages and attachments iPhone uses Data Protection which leverages the unique device passcode to generate the encryption key. And, in the event of a lost or stolen iPhone, all data and settings can be cleared by issuing a remote wipe command from Exchange or a Mobile Device Management server.
Android - Mail, calendar, attachments, are fully under Traveler control and are all AES
256 encrypted. Contacts application comes with the OS and is outside of Traveler and therefore not encrypted by Traveler.
Windows Mobile - Storage cards can be encrypted. Mail/PIM data is not encrypted
except for Domino encrypted email.
42
Companion App for iPhone/iPad; Read/compose Domino encrypted mail Free download available from Apple iTunes Apps Store Coming soon password caching (enter password once per session)
43
Traveler Mail and Calendar data encrypted (on phone storage or sdcard) Wipe and Password policies primarily based on Android 2.2 security capabilities: Device wipe to factory settings, sdcard wipe, Traveler data only wipe
Android 2.1 and older not capable of device or sdcard wipe, or device level password enforcement Setting in the Traveler server security policy can control if these devices are allowed to connect to the Traveler server
44
Several wipe options available for Android/WM/ Nokia, Apple supports hard reset Hard reset device action removes all data and applications on device Wipe commands are delivered over TCP and SMS push channels (no SMS support on iPhone) Wipe order remains in effect on the server until cancelled
46
"Apple" - all Apple devices are allowed to sync, but no other devices. "(IBM SyncML Client)|(Lotus Traveler WM)" - All Windows Mobile devices (old and new) are allowed to sync, but no other devices. "(Nokia SyncML HTTP Client)|(Lotus Traveler Nokia)" - All Nokia devices (old and new) are allowed to sync, but no other devices. "Lotus Traveler * 8.5.2" - Only 8.5.2 Windows Mobile and Nokia clients are allowed to sync, but not Apple devices. "(Apple)|(Lotus Traveler WM)" - Only Apple and 8.5.2 Windows Mobile clients are allowed to sync, but not Nokia devices. "Apple-iPhone/7" - only Apple iPhones (not iPods or iPads) using OS 3 are allowed to sync (Windows Mobile and Nokia devices are not allowed either). "Lotus Traveler Android" - Only Android devices are allowed to sync.
47
Network topologies
Three network topology options to consider..... Direct connect Reverse Proxy VPN Configuration
48
Direct Connect
SMS Email Notification (optional for Android/WM/Nokia only)
Push Request (SSL/443) Periodic poll for DB changes Notes RPC (TCP/1352)
App needs to sync Sync Request (SSL/ 443) Data access Notes RPC (TCP/ 1352) Lotus Domino 8.5.2 with Lotus Notes Traveler 8.5.2.x service DMZ Intranet Domain (trusted)
Apple devices
Reverse Proxy
50
VPN Configuration
51
Things to know
AT&T *Fix* for installing Traveler on AT&T Android 2.2 devices Rollout May 16-23rd on select devices Guidelines for configuration/Infrastructure
See doc on planning your environment -http://w w w -10.lotus.com /ldd/dom inow iki.nsf/dx/Planning_your_netw ork_topology_LNT8521
Capacity planning
- See 8.5.2 performance report --- http://www.ibm.com/developerworks/lotus/library/notes852-trav-perf/index.html - See capacity planning doc -- http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Server_capacity_planning_LNT8521 - Capacity is based on workload which can vary incredibly between deployments. Look at things like CPU, memory, etc. For initial planning purposes ~ 2K per server is an upper end ballpark
Memory and thread sizing confusion with some users (e.g. some Traveler servers still
have 100 HTTP active threads when they might really need 300) - See configuring a Traveler server -- http://w w w -10.lotus.com /ldd/dom inow iki.nsf/dx/Configuring_Lotus_Notes_Traveler_server_LNT8521
- MUST READ - Tuning section of the doc - http://w w w -10.lotus.com /ldd/dom inow iki.nsf/dx/
Tuning_perform ance_of_the_se rver_LNT8521
- Traveler Health check command - "tell traveler status" tells you if your HTTP threads are too low or if you are using more devices than you have threads allocated.
52
Access to > 2GB virtual memory is critical in larger mobile user populations (> 300) Virtual memory is shared across all Domino processes and can exceed 2GB Reduce memory overhead with notes.ini setting NTS_BUFFER_POOL_SIZE_MB=256
Some applications make server changes which are not compatible with Lotus Traveler (e.g. Disabling HTTP JVM)
53
Reference links
54
THANK YOU!!