Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

SAP Mobile App Protection by Mocana

SAP Mobile Secure Rapid Deployment Solution
Version 2, September 2014
Customer
SAP Mobile Secure rapid-deployment solution
Contents
Solution at a glance
Solution in detail
 Mobile Device and App Management – Afaria
 Analytics for Mobile Device & App
Management – SAP Lumira™ Content
 Mobile App Security – SAP Mobile App
Protection by Mocana
 Mobile Content Management – SAP Mobile
Documents
Package deployment
Software products and system landscape
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
2
At-a-Glance: SAP Mobile Secure rapid-deployment solution
Ready to run, a solution with fixed scope, predefined services at a predictable price with the flexibility for future extension.
Business Requirement
Solution
What is my pain?
Solution description
 Enabling employees to access corporate email, calendar, files and enterprise apps on
mobile devices
 Establishing and enforcing safety and compliance of corporate devices, content, and data
 User convenience, adoption, and collaboration
 Cost of scaling enterprise-grade, secure mobility to employees and ecosystem
 Cost of EMM deployment and efficient operating
 Secure, multi-layered protection of mobile device and app connections to corporate
network, email, office functions, and digital content
 Remote device monitoring, managing, and remediation
 Regulation-compliant, self-enforcing security and privacy policies
 User self-services to enroll and manage devices
 Prescriptive guides with best practices to install and run entire Mobile Secure portfolio
 Consultants of SAP and its ecosystem trained and qualified to implement the software at
predictable costs and provide for knowledge transfer to IT team
What are my needs?
In scope
 Protecting the enterprise network, corporate data,
 Addressing privacy concerns of employees
 Support the lines of business in deploying apps that give staff, managers, temp workers,
contractors, and consumers easy, consumer-grade access to mobile enterprise
applications
 Quick and simple go live with Enterprise Mobility Management for iOS, Android, and
Windows Phone devices, and the data and apps that run on them
 Deployment of Afaria 7 SP5 for mobile device and app management on premise for
production in mid-sized landscape with two device types in 3 weeks, or in server farm with
high availability and three device types and Lumira analytics in 5 weeks
 Deployment of SAP Mobile App Protection 3.0 on premise for production with three device
types in 2 weeks
 Deployment of SAP Mobile Documents for mobile content management on premise for
evaluation or production in 2 weeks
 Knowledge transfer of best practices to IT administrators
Learn more
Consumer-grade mobile experience with compliant, multi-layered enterprise-grade security in 3 weeks!
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
3
Overview
Live in 3 Weeks with Mobile Enterprise Management on Premise
Business challenges
There is a solution
 Employees need to access corporate email, calendar,
files and enterprise apps on mobile devices
 Temp workers, contractors, suppliers, and customers
may need apps with secure and compliant access to
selected corporate data
 Prerequisite for productivity gains from a mobile
workforce is broad user adoption, which requires
consumer-grade user experience while enforcing
enterprise-grade security
 Scaling enterprise-grade, secure mobility to
employees and ecosystem at constant or decreasing
costs
 Deploying and operating EMM reliably at predictable,
low costs
 Secure, multi-layered protection of mobile device and
app connections to corporate network, email, office
functions, and digital content
 Remote device monitoring, managing, and
remediation
 Regulation-compliant, self-enforcing security and
privacy policies
 User self-services to enroll and manage devices
 Prescriptive guides with best practices to install and
run the entire Mobile Secure portfolio
 Consultants of SAP and its ecosystem trained and
qualified to implement the software and provide for
knowledge transfer to IT team
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
5
Business scope
SAP Mobile Secure
rapid-deployment solution
Device
Application
Content
Mobile Application Management
Mobile Device Management
Mobile Content Management
Mobile App Security
Analytics for Mobile Device and App Management
Enterprise Mobility Management System
On-Premise
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Hybrid
Customer
6
Benefits for you
Business benefits
Measurable success
 Defined scope and rapid deployment methodology
reduce your deployment and investment risk
 Thorough tests ensure your solution is properly
installed and configured
 Proven best practices reduce your cost of operations
 Extensive knowledge transfer enables you to
thoroughly monitor compliance and to implement
sound yet unobtrusive security policies to delight
mobile users
 Your corporate network and data remain protected
while your user base can scale and become more
productive
 Deployment project in time and in budget
 Reduced project times compared to conventional
project methods free budget
 Auditable compliance of mobilized enterprise
 Productivity gains through mobilized staff, and
ecosystem
 Scalable to hundred thousands of mobile users for
Afaria and SAP Mobile Documents
 Self-enforcing policies on apps wrapped with Mobile
App Protection scale theoretically limitless
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
7
Solution in Detail
Mobile Device and App Management - Afaria
Scope and benefits
For deployments to go live* on premise the package
content includes:
 Requirements Checklist - outlines all the technical
and organizational prerequisites that need to be
addressed before deploying Afaria
 System Setup - provides step-by-step guidance on
how to install and configure the Afaria platform
components
 Business Process Configuration and Test - describes
the configuration steps for the device management
lifecycle such as Device Provisioning, Device
Configuration, Application Onboarding, Asset
Tracking, Operation and Monitoring, to
Decommissioning of Devices. Validates with prepared
test scenarios that the Afaria system is working
correctly.
Benefits
 Reduces overall deployment and investment risk
 Ensures that solution is properly installed and
configured
 Enables customers to focus on operations instead of
installation
 Provides for operational best practices
 Enables end-users to enroll and manage their devices
Within 3-5 weeks, SAP Services implement the scope of this item for production* purposes
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
*) Trials for evaluation available at sapmobilesecure.com
Customer
9
Mobile Device and App Management - Afaria
In the system
Key functionality
 Install and configure Afaria
platform
 Onboard and secure mobile
devices - corporate furnished
or employee-provisioned
(BYOD)
 Monitor and enforce device
and app compliance
 Block, wipe and decommission
devices
Afaria manages mobile devices
throughout their lifecycle in the
enterprise and apps that run on them
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
10
Analytics for Mobile Device and App Management – Lumira Content
Scope and benefits
With Lumira's powerful visualizations in real time IT
administrators gain valuable insights about managed
devices and their compliance for immediate response.
Analytics for Mobile Device and App Management
targets Afaria customers who have invested in SAP
Analytics infrastructure and wish to leverage the preconfigured reporting content of this RDS.
Package content:
 Configuration Guide - provides instructions to import
pre-configured reporting content into Lumira
 Process Diagram and Test Script - contain
procedures to share reports securely in the cloud for
consumption on any device; analyze device
compliance with selected pre-configured reports.
 Leverages your prior investments in SAP Lumira
Server and SAP HANA, or Lumira Cloud, or SAP
BusinessObjects BI Server
 Instantly visualizes compliance violations with preconfigured reports that fit any device
 Expands your mobile analytics use cases to Afaria
device and application management
Within 2 weeks, SAP Services implement the scope of this item for evaluation or production purposes
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
11
Analytics for Mobile Device and App Management – Lumira Content
In the system
Key functionality
 Configure Lumira Server for Afaria
reporting
 Import pre-configured reports
 Share reports with selected users
 Analyze compliance of devices on
any device
Lumira visualizes compliance and business data of mobile devices managed with Afaria throughout their
lifecycle in the enterprise and of the apps that run on them
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
12
Mobile App Security – SAP Mobile App Protection by Mocana
Scope and benefits
IT administrators can safely extend the reach of their
organization's mobile apps to users beyond the
enterprise, like contractors, suppliers, temp workers, or
consumers.
Package content :
 Configuration Guide - provides instructions to install
and configure SAP Mobile App Protection by Mocana
on premise, as well as app-protecting policies
 Process Diagram and Test Script - contain
procedures to upload apps, wrap apps with security
policies, and distribute apps.
 Wraps 14 comprehensive access and data security
policies into native and web apps on iOS and Android
mobile applications
 App-based security in seconds
 Accelerates deployments by separating app security
from application development
 Secure Mobile Web Browser with single sign-on
capabilities
 Adds layers of security to internal enterprise apps
where regulations like HIPAA or corporate policies
require specific means of protection, e.g. encryption
of data at rest and in transit for compliance with FIPS
140-2, app-specific passcodes, EULA and time frame
for app use, e.g. for temp workers
Within 2 weeks, SAP Services implement the scope of this item for production* purposes
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
*) Trial for evaluation available at sapmobilesecure.com
Customer
13
Mobile App Security – SAP Mobile App Protection by Mocana
In the system
Key functionality
 Setting up Mobile App Protection
 Using the MAP console
 Applying MAP policies and uploading
apps
 Deploying Apps with Mocana App
Catalog
 Deploying Apps with MDM like Afaria
Mobile App Protection configures and applies security policies for mobile apps
on devices managed by MDM like Afaria, for additional layers of protection, or
on unmanaged devices, to enforce similar policies.
Wrapped apps can be deployed with MDM or Mocana catalog
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
14
Mobile Content Management – SAP Mobile Documents
Scope and benefits
With SAP Mobile Documents business users can
securely share files, view documents, and present and
collaborate on corporate content.
Package content:
 Configuration Guide - provides instructions to install
and configure the SAP Mobile Documents add-on for
SAP NetWeaver Java on premise, including roles,
destinations, and repositories for user content,
corporate content, and shared content
 Process Diagram and Test Script - contain
procedures to onboard users, access content, and
securely share content.
 Allows users to securely access and share enterprise
content online, and on the go, or access offline from
any device
 Integrates with open industry standard CMIS
supporting content and knowledge management
systems, such as SAP Knowledge Management,
Microsoft SharePoint, OpenText, Alfresco, IBM
 Leverages prior investments in SAP NetWeaver
Portal, and CMIS-standard supporting CMS
 Reduces business risks, ensures compliance, and
increases employee productivity
 Ensures that solution is properly installed and
configured
Within 2 weeks, SAP Services implement the scope of this item for evaluation or production purposes
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
15
Mobile Content Management – SAP Mobile Documents
In the system
Key functionality
IT Admin
 Onboard users on various device
platforms
User
 Access corporate content
 Share content securely
Mobile Documents empowers users to access their business content on
any device, and securely share it with collaborators within the enterprise
and with business partners
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
16
Package Deployment
SAP Mobile Secure rapid-deployment solution – Service Scope
What’s included – Service scope
 Kickoff workshop to
– define requirements,
– set up the project,
– establish expectations
 Knowledge transfer
 Go live support
Software
Service
Content
Enablement
Partner’s scope of service may vary.
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
18
Service scope
Key deliverables
What does SAP deliver?
What do you have to do?












Installation check
Support for Customer Selection of Options
Activation of Solution and Options
Confirm Activation
Key User Training
Assistance for Testing
Assistance for Switch to Production
Assistance for Go Live Support
Partner’s scope of service may vary.
© 2014 SAP SE or an SAP affiliate company. All rights reserved.







Provide the IT infrastructure (servers)
Install SAP Business Objects (if needed)
Install the SAP NetWeaver Portal (if needed)
Provide fixed contact people in the business and IT
departments
Document Customer Options
Attend Key User Training
Provide Technology support
Execute User Acceptance Testing
Conduct end-user training
Switch Solution to Production
Go Live Support
Customer
19
Integration points in scope
Integration
point
From Product/
Solution
To Product/
Solution
Description
Short description of
integration point
From SAP product that
integrates
To SAP product that
integrates
Longer description of scope of integration perhaps covering business
objects or data
Deployment of SAP Mobile
Documents clients with
MDM
SAP Mobile Documents
Afaria
Afaria can be used to pre-configure corporate access points. When users
download client apps from the built-in Afaria app store these apps are
automatically connected to the corporate network. The app “just works”.
Lumira visualization for
Afaria reporting
Afaria
Lumira (Server or Cloud or
BI) (& MOBI)
7 pre-configured reports on devices and apps managed by Afaria, visualized
with Lumira, and accessed on desktop or on mobile devices, via Lumira Cloud,
Lumira Server, or via SAP BusinessObjects BI.
Wrapping of SAP
BusinessObjects Mobile BI
clients for iOS or Android
with app-specific security
and distribution with Afaria
SAP BusinessObjects
Mobile BI
SAP Mobile App Protection
by Mocana & Afaria
MOBI clients can be security wrapped using Mobile App Protection for
elevated compliance needs. Users can download wrapped client apps from the
built-in Afaria app store.
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
20
Service scope options
A service scope option is a combination of scope that can be removed to reduce the service price of the
rapid-deployment solution.
Service scope options
Option 1
Option 2
Option 3
Option 4
Required
Scope items / Functionality delivered
Mandatory
Optional
Optional
 Mobile Device and App Management – Afaria
 Customer-branded iOS client
 Reporting for Mobile Device and App Management – Lumira
n/a
 Mobile App Security – SAP Mobile App Protection
n/a
 Mobile Content Management – SAP Mobile Documents
n/a
 Clinic: Mobile Security Fundamentals
The four service scope options are optional to one another. Within service scope option 2-4, “all or nothing” applies
Partner’s scope of service may vary.
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Customer
21
Software Products and
System Landscape
Which software is used? 1/2
Product
Product Version
Component
SAP Afaria
Device and mobile
App Management
SAP Afaria 7 SP5
Afaria Server
Comments
Afaria API Service
Afaria Administrator
Enrollment Server
Product
Product Version
SAP Lumira™
1.18
for reporting on
devices and apps
managed with
Afaria
One of the following 64bit operating systems
Package Server
iAnywhere SQL
Anywhere Database
iAnywhere SQL
Anywhere 12
Microsoft SQL Server
Database
One of the following:



End User SelfService Portal
Not Applicable
Not Applicable
2008 R2
Enterprise
Edition
Windows 7 SP1
Supported database for
SAP Afaria
Supported database for
SAP Afaria
One of the
following to publish
dataset
Windows Server 2012 /
Windows Server 2012
R2
SAP Lumira™ Server
1.18, and
SAP HANA, SP08
Revision 81
2008 R2
Datacenter
Edition
SAP BusinessObjects BI
4.0 SP7 / SP8 / SP9

2008 SP1
Standard Edition
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Free but required component to
adapt reports in customer
landscape. Manual data import
and publication
Windows 8 / Windows
8.1
SAP Lumira™ Cloud
2008 SP1
Enterprise
Edition
Comments
Windows Server 2008
R2 SP1
2008 R2
Standard Edition

Component
For consumption
on mobile device
SAP BusinessObjects BI
4.1 SP1 / SP2 / SP3 /
SP4
SAP BusinessObjects
Mobile (a.k.a. MOBI)
Lumira Server 1.18 also
requires SAL AFL Rev.81,
Patch Level 2; allows for
automated near real-time
updates between Afaria SQL
and HANA.
Content published with SAP
Lumira via Server, Cloud or BI
channel can be consumed
through SAP BusinessObjects
Mobile on the iPad 3 and above
Customer
23
Which software is used? 2/2
Product
Product Version
SAP Mobile App
Protection
SAP Mobile App
Protection 3.0
JAVA
1.6.0
MySQL
5.5
Ruby
1.8.7
SQLite
N/A
Bundler
N/A
Component
EPEL
Comments
MAP Database Server
Ruby Version
Manager
Product Version
Component
Comments
SAP Mobile
Documents
MCM 1.0 SP2
N/A
SAP NetWeaver
One of the following:

SAP Mobile Documents
add-on for SAP
NetWeaver AS Java
Application
Server JAVA

NW Product
Description

Application
Server Java
Extensions

EP Core

7.3 SPS 09

7.3 EhP1 SPS 05

7.4
Enterprise Portal
Note: You will find pretty good documentation on implementing SAP Mobile Documents on the
SAP Community network, at scn.sap.com/community/mobile-documents.
Phusion Passenger
Tomcat
Product
Tomcat6
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
MAP Web Server
Recommendation: SAP NetWeaver 7.4 is available for trial or full production use on the SAP Cloud
Appliance library (CAL) at cal.sap.com. Use the SAP Enterprise Portal 7.4 on SAP Max DB on CAL
for an easy start with implementing SAP Mobile Documents.
Customer
24
System Landscape – Afaria On Premise Standalone
•
Apple APNS
•
Google GCN
•
TinyURL
•
Google URL
Shortener
Apple APNS Ports 2195, 2196
Google GCM Ports 5228-5230
TinyURL; Google URL Shortener
Relay Server
RSOE
80, 81,443
Microsoft
CA Server
80,443
Afaria Server and
subcomponents
Firewall,
Reverse Proxy
Database
80,443
EUSSP
Internet
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
DMZ
Private
Customer
25
System Landscape – Afaria On Premise Server Farm, HA
Apple APNS Ports 2195, 2196
•
Apple APNS
•
Google GCN
•
TinyURL
•
Google URL
Shortener
Google GCM Ports 5228-5230
TinyURL; Google URL Shortener
Load Balancer
Relay Servers
Afaria Master Server
and Subcomponents
RSOE
80, 81, 443
80,443
80,443
Microsoft
CA Server
Database
(MSCS)
RSOE
80, 81,443
Afaria Replication
Server and
Subcomponents
80,443
Load Balancer or Reverse Proxy
(recommended for High Availability)
Internet
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
DMZ
EUSSP
Servers
Private
Customer
26
Afaria with Lumira (deployment options, simplified view)
XOR
Publish reports
SAP Business
Objects BI Server
Lumira
Desktop
XOR
XOR
Lumira Cloud
Import query
from Afaria‘s
SQL DB
manually
Automatically update
SAP HANA DB from
Afaria‘s SQL DB
Lumira Server
RSOE
80, 81,443
Microsoft
CA Server
80,443
Afaria Server and
subcomponents
Relay Server
Firewall,
Reverse Proxy
Database
80,443
EUSSP
Internet
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
DMZ
Private
Customer
27
System Landscape – SAP Mobile Documents
SAP NetWeaver
Cloud Server
SAP NetWeaver Cloud
(optional for shared documents)
Firewall, Reverse
Proxy
<SAP
NetWeaver
Portal Port>
SAP Mobile
Documents Server
Internet
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
DMZ
Backend Servers (SAP
Knowledge
Management, Microsoft
SharePoint, other CMIS
CMS
Private
Customer
28
System Landscape – SAP Mobile App Protection by Mocana
Reverse Proxy,
Firewall
SAP MAP Server and
subcomponents
80,443
Note: Only if application is distributed
via SAP MAP Server otherwise no
external inbound connection is required
to SAP MAP Server
Internet
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
DMZ
iOS Signing Server
(for iOS application
wrapping
Private
Customer
29
SAP Rapid-Deployment solutions
The fastest way to run your business better
© 2014 SAP SE or an SAP affiliate company. All rights reserved.
Related documents
School name here - Prevention First
School name here - Prevention First
PPM RDS Marketing Flyer
PPM RDS Marketing Flyer
Short Presentation Title
Short Presentation Title
it media presentation - Kenya Ports Authority
it media presentation - Kenya Ports Authority
Process Mapping Financial Aid Processes for Greater Efficiency
Process Mapping Financial Aid Processes for Greater Efficiency
CCBC Academic Advisor Training
CCBC Academic Advisor Training
SAP/R3 Development workbench Data Dictionary
SAP/R3 Development workbench Data Dictionary
About the Student Assistance Program PowerPoint
About the Student Assistance Program PowerPoint
SAP - OSGi
SAP - OSGi
Download