Deploying a Mobile Messaging Solution with Windows Mobile 5.0-based Devices
6/2/2010
This document presents the recommended deployment with ISA Server 2006 as an advanced firewall in a perimeter network. This configuration and other options are described in Network Architecture Alternatives.
For detailed information about additional deployments, see the following appendices in this document:
- Appendix A: Overview of Deploying Exchange ActiveSync Certificate-Based Authentication
- Appendix B: Install and Configure an ISA Server 2004 Environment
Deployment Process Overview
The following steps summarize deployment with ISA Server 2006 as an advanced firewall in a perimeter network.
Step 1: Upgrade to Exchange Server 2003 SP2
Step 2: Update All Servers with Security Patches
Step 3: Protect Communications Between the Mobile Devices and Your Exchange Server
- Deploy SSL to encrypt messaging traffic
- Enable SSL on the Default Web Site
- Configure basic authentication for the Exchange ActiveSync virtual directory
Optional: Configure certificate-based authentication (See Appendix A.)
Optional: Update RSA SecurID Agent - Set Up LDAP Servers
- Protect IIS by Limiting Potential Attack Surfaces
Step 4: Protect Communications Between the Exchange Server 2003 SP2 Server and Other Servers
- Use IPSec to Encrypt IP Traffic (Recommended)
Step 5: Install and Configure ISA Server 2006 or Other Firewall
- Install ISA Server 2006 (Recommended)
- Install server certificate on the ISA Server computer
- Configure ISA Server with your LDAP server set
- Create the Exchange ActiveSync Publishing Rule by Using Bridging
- Set All Firewall Idle Session Time-out Settings to 30 Minutes
- Test OWA and Exchange ActiveSync
Step 6: Configure and Manage Mobile Device Access on the Exchange Server
- Enable Exchange ActiveSync for All Users
- Enable User Initiated Synchronization
- Enable direct push technology
- Set Security Policy Settings for Mobile Devices
- Monitor Mobile Performance on Exchange Server
Step 7: Install the Exchange ActiveSync Mobile Administration Web Tool
Step 8: Manage and Configure Mobile Devices
- Set up Mobile Connection to Exchange Server
- Use the Exchange ActiveSync Mobile Administration Web Tool to Track Mobile Devices
- Provision or Configure Mobile Devices