Click on the headings below to get detailed information on the features, functionality and benefits of Mobility software. Unless otherwise specified, the functionality described applies to both the Mobility Premium and Commercial Editions.
> True Application Persistence
Critical Applications are Always Available
No other mobility management software can match the application session persistence of Mobility, which sustains application sessions even through suspend-and-resume cycles and loss of connectivity. Other solutions in these situations lose application sessions—causing data loss and corruption, and forcing users to reauthenticate repeatedly and restart applications.
When a NetMotion Mobility user encounters a coverage gap, open application sessions are maintained until the user's network connection is re-established. If a user loses connectivity while an application is transmitting data, Mobility suspends the transmission—for days if necessary. As soon as connectivity is re-established, Mobility resumes transmitting the data at the exact point the application was interrupted.
> Standards-Based Security
Protect Networks and Data with Standards-Based Authentication and Encryption
Mobility establishes a VPN tunnel that secures network access and all data transmissions using strong, standards-based authentication and encryption, making tight security easy to manage and maintain.
Single sign-on and inter-network roaming capabilities make security transparent to the end user; workers only need to log on once per session. There are no additional steps or passwords to remember, no matter how many different networks they use. For additional security against unauthorized use of stolen or misplaced devices, Mobility can enforce periodic user re-authentication, validating the identity of the person using the device.
Two-factor authentication is federally mandated for all law enforcement agencies, and is a wise precaution for commercial enterprises as well. It requires a second factor — something the user has — in addition to a user name and password to successfully authenticate the user. Mobility supports two-factor authentication methods to allow organizations to comply with federal standards at minimal cost. In addition to native RSA Secured certified support for RSA SecurID, Mobility also supports smart cards and X.509v3 user certificates. By leveraging NTLM, RADIUS, and standards-based PKI implementations available from many vendors and built into Microsoft server operating systems, Mobility provides options for strong, two-factor user authentication with little or no incremental cost.
Authentication of the device using X.509v3 certificates confirms that the device is an authorized corporate asset. This protects corporate resources from being accessed by legitimate users logging on from an untrusted, unsecure device. It also adds an extra authentication factor that can be bound loosely or tightly to the user; an individual may be allowed to use only a subset of devices, or a specific, personally assigned device. The ability to authenticate the device without an active user session is also a key management feature, supporting over-the-air device management using third-party policy, asset-management, and control tools.
The Industry's Highest-Standard for Encryption
FIPS 140-2 validated AES encryption modules are the United States government's standard for securing non-classified information. Mobility Premium Edition encrypts data transmitted between the Mobility client and server with FIPS 140-2 validated AES encryption libraries, has the option to force users to use only validated encryption libraries in order to connect, and logs the use of those libraries for audit compliance purposes. Mobility Commercial Edition encrypts data transmitted using industry-standard, enterprise grade AES encryption. Mobility provides the security advantages of an IPSec VPN without its configuration, client provisioning, and management burdens.
NSA Suite B Encryption
In addition to FIPS 140-2, Mobility Premium Edition can mandate the use of NSA Suite B cryptographic algorithms. Suite B is required by the US government for all networks handling information classified as secret, and the use of Suite B algorithms is a best practice for other industries.
Certified Under the Highest International Standards
Mobility Premium Edition has certification from Common Criteria, an international set of guidelines for verifying the security features and capabilities of IT solutions. Mobility is rated at Evaluation Assurance level 4+ (EAL4+), which is the highest internationally recognized assurance level available for a software product under the Common Criteria Recognition Agreement.
Device Quarantine for Additional Network Protection
Because mobile device loss or theft can compromise information on enterprise networks, Mobility lets network administrators quickly and easily quarantine lost or stolen devices. Quarantined devices are unable to authenticate to the network and administrators can easily restore network access when the device is recovered.
> Wireless Performance Optimization
Optimize Performance Over Wireless Networks
Mobility wireless WAN optimization automatically reduces network consumption and improves throughput and application responsiveness, particularly over bandwidth-constrained or wireless networks.
Mobility uses link optimizations to reduce the number of retransmitted packets, cut down on excess control information and other network "chatter," and dramatically improves throughput by compressing data and images. Best-Bandwidth RoutingTM technology ensures that the fastest and most efficient available network connection is used.
For example, Mobility automatically roams to a WLAN connection the moment it becomes available—resulting in greater productivity, improved efficiency and reduced WAN expenses.
> Inter-Network Roaming
Roam Seamlessly Across Networks
Today's mobile workers use a variety of public and private networks, such as conventional wired LANs, corporate Wi-Fi networks, third-party hotspots, and wireless WANs available through cellular carriers. Mobility InterNetwork RoamingTM lets mobile workers change networks seamlessly, transparently, and securely without thinking about their network connections or needing to re-authenticate.
Mobility InterNetwork roaming is tightly integrated with network applications and single sign-on authentication so that users have application session persistence and do not have to logon again when they traverse networks, go in and out of network range, or suspend and resume their devices
The Mobility server accomplishes this by establishing a virtual IP address on the server for each VPN session. As users roam, enterprise application servers always see the same, unchanging virtual IP address rather than the user's network-specific IP addresses. With Mobility, there is no need to re-segment networks, implement VLANs or deploy additional hardware to enable mobile workers to traverse networks seamlessly. In addition, Mobility supports roaming between IPv4 and IPv6 networks. As wireless carriers roll out IPv6, Mobility is ready to support the changes, helping you future-proof your mobile deployment. Your mobile workers can now focus on their work—not configuring, enabling and disabling adapters.
> Centralized Management
Powerful Management Console
No other mobile software provides the spectrum of flexibility, visibility, and control afforded by Mobility. Its robust administrative console enables all aspects of the system to be observed and managed in one centralized location. The web-based interface gives administrators a complete system-wide view, from overall metrics down to device connections, worker behavior, and application use. Detailed activity logs preserve a historical view of user activity. From the management console, administrators can quarantine devices that are misused, lost or stolen, as well as view device connectivity status, number of quarantined devices, and even battery life. Administrators can search for information on a specific user or device, such as open applications, device operating system, and the current interface or port.
A system administrator has full, unrestricted access to the Mobility console and can create additional Mobility console roles with specific permissions and assign them to individual users, or assign roles based on membership in an Active Directory group. For example, you might want a certain person to manage Mobility devices and users, but to not have access to any Mobility server management functions. Role enforcement occurs when the person logs on to the Mobility console.
Integration with Systems Management Tools
Unattended device access extends the reach of device and patch management tools to mobile platforms with true “over the air” management access. By using certificates to authenticate the device at boot time, Mobility provides a secure wireless connection that’s just as full-featured as an internal wired network. It supports device-management technologies such as Active Directory Domain scripting and software update policies, as well as other popular device-management suites. Users stay in the field and remote devices stay up to date – all without new investments in wireless-specific management tools.
The Analytics Module proactively alerts administrators of pending problems by sending notifications.
> Automatic Client Updates for All Platforms (Mobility 10.51)
Mobility 10.51 adds the ability to:
• Remotely update the Mobility client for Windows over the network
• Install or upgrade the Locality agent for Windows
Administrators can push an update to individual Windows devices, groups of devices, or an entire deployment in real time, or schedule updates during non-peak periods like evenings or weekends. Administrators can even allow users to interrupt an update, or defer it to a more convenient time in the work day.
Clients running on other platforms are available in their respective application stores and can be upgraded manually or automatically, based on the user’s preferences.
To take advantage of automatic Mobility client updates for Windows, customers must have both a Mobility 10.51 server and client. Mobility’s automatic client update feature can also be used to upgrade Locality v2.10 agents or later.
Easy to Deploy
Award-winning Mobility is a software-only solution that helps minimize costs and complexity. It is simple to deploy, highly scalable, and easy to maintain. And, its use is transparent to end users—no user configuration or training required. The Mobility architecture is comprised of server and client software. The Mobility server software can be installed on a server behind the firewall or in the DMZ. Lightweight Mobility client software is installed on each mobile device (client)—any combination of laptops and handheld devices including tablets and smart phones running on Windows, Android, or on the iPhone, iPad, or iPod touch devices.