Over recent years there has been a massive proliferation of the use of smart phones within the Enterprise and one of the accompanying trends has been to adopt a BYOD (Bring Your Own Device) strategy. There are some pros and cons with using personal devices for business but I suppose these are almost irrelevant as BYOD looks like it’s here to stay for the foreseeable future.
From an IT perspective that leads to the fundamental question of how am I going to manage my corporate applications? The current answer seems to be either using MDM (Mobile Device Management) or alternatively MAM (Mobile Application Management). Although having said that, Cisco is also a member of the new ACE (Application Configuration for Enterprise) forum that is promoting secure configuration of applications via standard APIs available within IOS and Android for Work.
For more information I’ve provided the link below:
Look out for Cisco UC client ACE support in the future.
With respect to this blog we’re going to take a high level look at the MAM approach and how it currently relates to Cisco’s Jabber and WebEx clients. Before we do that let’s quickly discuss the reasons why MAM might be used instead of MDM for a BYOD deployment.
MDM policy enforcement applies to the entire phone, these policies can include SSID lockdown, content wiping and GPS location tracking. Such capabilities in the hands of IT may be acceptable for corporate owned phones but for some end users who have spent their own money on a device, which they also use for their personal lives, this may prove too intrusive. Hence, the rise of MAM, which provides secure compartmentalization for corporate applications and the ability to manage these without impact to the end user’s personal applications and data.
Resultantly, Cisco has received a number of customer requests asking if it is possible to use a third party MAM product to wrap Jabber and WebEx clients. The act of “wrapping” is simply the term used to describe the process of packaging an application for deployment and management by the MAM solution. Take a look at the simple diagram below that outlines the generic wrapping procedure for Jabber and WebEx clients.
At the time of writing, if you want to wrap a Cisco UC client the first thing you need to do is to sign a MAM agreement. Cisco will then provide a copy of the unsigned client; this correctly implies that you cannot “wrap” code that is downloaded straight from a public App Store. You then follow the MAM vendor’s “wrapping” process, which digitally signs the Cisco software with the appropriate Enterprise Application key. Post deployment, Jabber and/or WebEx clients will be stored in a secure MAM container partitioned off from the end user’s own personal data and applications. This then allows IT to securely manage the Cisco clients on the BYOD device. The specific management functions will vary by MAM manufacture, but wiping the corporate applications (without removing user data) would be an example capability.
Sounds simple? In reality there are a couple of things to consider:
1) Application “wrapping” Cisco UC clients is still in its infancy and there are currently no formal test documents or “how to” guides published by Cisco engineering on this topic.
2) Although Cisco engineering will do their best to help a customer or partner use their chosen MAM vendor to “wrap” Jabber and the WebEx clients, there is no formal TAC support.
The comment about TAC support is important. The “wrapping” process invalidates support, so any issue would need to be reproduced on a “non-wrapped” version of the client before troubleshooting could commence.
Mobile Application Management looks like it will become increasingly prevalent, whether it’s based upon application “wrapping” or native phone APIs. If you are interested in a Jabber/WebEx MAM deployment my advice is to work closely with your Cisco Collaboration Specialist to obtain an unsigned version of the clients, but most importantly, make sure you fully understand the support position.
Hello, I just finished upgrading PCCE (CCE, Finesse, VVB, CUIC)12.5.1 to 12.6.1 MR. I went to test agent login and validate the standard gadgets. I got an error stating I need to run "utils finesse layout updateCuicGadgetUrl 12.6.1+" on t...
I'm having a customer with a lot of Webex site updates recently, but he noticed the desktop App didn't automatically upgrade and he asked to manually obtain the new application offline file to install on the PCs, so i wanted to confirm the time cycle wher...
Good afternoon! At the moment, we have lost control of some conference functions from Cisco Meeting Management (CMS 2000 product). For example, we can't turn off the participant's microphone. At the same time, the status displays emergency messages: ...
Uninstalled an old Call Studio v11.5 and installed new v12.5. Imported existing projects/scripts back and getting the following errors now. I did use a different folder for the install (c:\cisco\CallStudio12_5). There were some errors about not finding th...
Hello, I have about 50 ISR 4331 to add to CUCM. Has anyone done this using the BAT tool? I see that you can insert gateways, but the ISR 4331 model is not in the list of available gateways to insert. TIA