mFormation manages your wireless fleet
- By Michelle Speir
- Sep 23, 2002
Not long ago, the words "handheld" and "enterprise" didn't often appear in the same sentence. Handheld computers were personal devices used individually by the occasional executive or employee with specialized functions.
Now, the proliferation of wireless technology has changed the way we work, and more agencies are equipping employees with wireless devices so that they can work on the road and in the field.
This large-scale deployment has created a need for enterprise-level management software. Think of a product such as Computer Associates International Inc.'s Unicenter ServicePlus or Hewlett-Packard Co.'s OpenView, but designed for a fleet of wireless devices instead of clients on a network.
MFormation Technologies Inc. has answered the call with its mFormation Enterprise Manager, a wireless infrastructure management platform. The product manages device deployments from end to end, allowing high levels of control and monitoring.
Information technology managers will be pleased to know that the mFormation Enterprise Manager is completely device- and wireless network-independent: It can manage any mix of devices across any combination of networks anywhere in the world. For example, if your agency's deployment includes Palm Inc. devices for some employees and Research in Motion Ltd.'s (RIM) BlackBerries for others, with some devices operating on a Cingular Wireless Mobitex network and some using Cellular Digital Packet Data, the system can manage all of them simultaneously from one Web-based console.
The level of control is indeed impressive. Thanks to a hidden agent installed on every device, managers can perform a host of actions, including locking the device, sending it a text message and monitoring the loaded applications. Managers can also check network performance with reports in the form of graphs and charts.
With Palm and handheld devices running on certain networks, it's even possible to install or remove applications remotely. The physical location of devices is also easily monitored. A thief could take a device to an out-of-coverage location and secretly dig through its applications, but any activity on the network would be detected.
Adding to its flexibility, the mFormation interface offers role-based access. IT support personnel, for example, can log on with just enough rights to perform their jobs while higher-level access is restricted to managers.
We used the application service provider environment for our testing. MFormation loaned us three RIM BlackBerry devices with working e-mail accounts and device agents preloaded, and they set up an administrative account that we could use to access the Web-based console and manage the devices. The console is accessible from any Web browser.
The graphical user interface won't win any beauty contests, but that hardly matters. After learning just a few basic concepts about the interface's organization and commands, even a novice user can perform most functions without consulting the manual. All functions are clearly labeled and accessible from a few main screens.
To organize the devices in an enterprise, managers can assign them to business-level groups. This way, policies can be set and commands issued by group. All monitoring statistics and reports can also be viewed by group. Likewise, these functions can be carried out for the entire enterprise at once or for individual devices separately.
Command schedules can be preset to carry out certain commands at a specific time or after a specified delay. Again, the flexibility is impressive. Commands can be sent not only by group, but also by network or device type, or according to other parameters, such as to users who have logged on to e-mail in the past two days. An IT manager might, for example, send a message to staffers who are using a certain application to let them know a new version is available.
As with any product that relies on a wireless network, occasionally a network glitch does occur. In a few instances, we had problems sending commands to BlackBerry devices. In one case, a command sent to a device inexplicably remained pending until the next day, when it was manually deleted via the mFormation console. A subsequent attempt went through without a hitch.
In another test, the mFormation server worked properly, but Cingular lost a data packet, which apparently happens on occasion.
The mFormation Enterprise Manager comes with several important security features.
For starters, the Get Location command enables managers to immediately retrieve location information for a device. The information returned includes the street address and identification number of the base station being used, as well as current signal strength and battery level.
The Lock command prevents all access to a device, rendering it unusable. An Unlock command reverses this action. If a device is lost or stolen, its status can quickly be changed to Lost with one mouse click. This also locks the device, but in the interest of securing it as quickly as possible, it bypasses the initialization process that takes place when a Lock command is issued. With one more click, the device status can be changed to Found and its functionality restored.
Managers also have real-time password management control. They can reset a device's password remotely as well as monitor password changes. This could be accompanied by a message to the user containing instructions.
The most drastic security measure is the Zap command, which deletes all the application databases on a device and locks it. This command is not reversible. However, the agent remains on the device so that if it is powered on in an area with network coverage, mFormation can still track and monitor it.
The company has also implemented tight agent/server communication security. First, each device agent is installed with a burnt-in server address such as a Mobitex Access Number or Short Message Service Center gateway address that is used to authenticate the server. The device will reject commands from any other source. The agent can also store a long-term public key for server authentication.
In addition, the commands sent to the server from the device and the information sent from the device to the server are both encoded using proprietary technology.
In addition to monitoring the devices, the mFormation Enterprise Manager monitors the wireless network connections and performance. Topology diagrams show the structure of the enterprise and pinpoint faults, such as lack of service between a device and a base station, or between gateways.
The system also monitors applications to keep track of availability and performance. For example, BlackBerries' e-mail can be monitored regularly by implementing a policy. When a policy is set, it automatically issues commands from the server or collects statistics at preset intervals.
When faults are found or tests fail, the system automatically generates alarms. With this type of monitoring, problems can often be detected and fixed before users notice any difference in service.
Alarms can be configured to notify administrators via e-mail or forwarded to external management systems. For example, an alarm can be sent to any e-mail address, forwarded to OpenView Network Node Manager through Simple Network Management Protocol traps, or sent to Unicenter Network and Systems Management or Micromouse Netcool/OMNIbus through mFormation-provided gateways.
The company also offers a host of useful reports that pull together all kinds of information, including coverage statistics, frequently used base stations, e-mail usage, roaming, authorized applications by group or device type, applications by user and more. Everything an administrator would want to know is covered.
The reports come in different formats appropriate to the information they contain. Some reports include full-color pie charts (such as frequently used base stations), bar graphs and line graphs, and others are presented in list format.
The Bottom Line
If your agency is planning — or already has — an enterprise-level deployment of wireless devices, we recommend taking a close look at the mFormation Enterprise Manager. This system is comprehensive, exceptionally flexible and easy to use. It will blend with any existing IT infrastructure and can be used with any type or combination of devices and any wireless network.
CPU: Sun Microsystems Inc. Enterprise E250 or Intel Corp. Dual Pentium III 866 MHz processor
Disk storage: 8 x 18G
Networking: 100Base-T Ethernet (in-house); Internet connection (application service provider)
Operating system: Sun Solaris 2.8 or higher or Microsoft Corp. Windows NT or higher
Software: Oracle Corp. 9i standard database, BEA Systems Inc.'s WebLogic, Java Development Kit
Wireless connectivity: Frame relay circuit(s) to wireless carrier(s) (For "out of band" communications)
Wireless devices: Any wireless Research in Motion Ltd., Pocket PC or Palm Inc. OS-based device (in-house); Any wireless RIM, Pocket PC or Palm OS-based device (application service provider)