Product Documentation

Configuring Secure Mobile Gateway

Sep 27, 2015

You can configure Secure Mobile Gateway to selectively block or allow ActiveSync requests based on the following properties: Active Sync Service ID, Device type, User Agent (device operating system), Authorized user, and ActiveSync Command.

The default configuration supports a combination of static and dynamic groups. You maintain Static groups by using the SMG Controller Configuration utility. The static groups may consist of known categories of devices, such as all devices using a given user agent. Dynamic groups are maintained by an external source called a Gateway Configuration Provider and collected by Secure Mobile Gateway on a periodic basis. XenMobile Device Manager is Gateway Configuration Provider and can export groups of allowed and blocked devices and users to Secure Mobile Gateway.

A policy is an ordered list of groups where each group has an associated action (allow or block) and a list of group members. A policy may have any number of groups. Group ordering within a policy is important because when a match is found the action of the group is taken, and subsequent groups are not evaluated.

A member defines a way to match the properties of a request. It can match a single property (such as device ID), or multiple properties (such as device type and user agent).