Exchange 2007 Service pack 1 - Why it's important for Mobile Users
Exchange 2007 Service Pack 1 has just been released to the web for Download. It even made the front page of the latest Technet Magazine which is quite surprising for a Service Pack.
There are many key enhancements in Service Pack 1 however from a mobile perspective there are some very important additions.
With Service Pack 1 we have added 30+ new policies for Exchange Activesync. These new policies will require a future version of Windows Mobile (similar to System Center Mobile Device Manager 2008) however they can be implemented within your Exchange 2007 environment now ready for when that version becomes available.
There are 2 different categories of policies - the first set control the Sync, Authentication and Encryption settings. The second set are really focused on controlling functions on the device.
Sync
Within the Synchronisation setup we have the ability to configure many of the synchronisation options on the device:
Configure message formats (HTML or plain txt)
Include past email items
Email body truncation size
HTML email body truncation size
Include past calendar items (Duration)
Require manual sync while roaming
Authentication
With the device password we can enforce more complexity as well as setting a password expiration and remembering password history
Minimum number of complex characters
Enable password recovery
Allow simple password
Password Expiration (Days)
Enforce password history
Allow Windows file share access
Allow Windows SharePoint access
Encryption
From a security perspective we can control the use of SMIME as well as whether Device Encryption is enforced
Require signed SMIME messages
Require encrypted SMIME messages
Require Signed SMIME algorithm
Require encrypted SMIME algorithm
Allow SMIME encrypted algorithm negotiation
Allow SMIME SoftCerts
Enforce Device encryption
As I mentioned previously the second set of policies control much of the device, network and application functionality.
Device Control
Disable desktop ActiveSync
Disable removable storage
Disable camera
Disable SMS and any MMS text messaging
Network Control
Disable Wi-Fi
Disable Bluetooth
Disable IrDA
Allow internet sharing from device
Allow desktop sharing from device
Application Control
Disable POP3/IMAP4 email
Allow consumer email
Allow browser
Allow unsigned applications
Allow unsigned CABs
Application allow list
Application block list
All of the NEW Exchange Activesync policies are described on the Technet Website in detail HERE
There is also a whole host of documentation for Exchange 2007 Service Pack 1 available:
· What's New in Exchange Server 2007 SP1
· Standby Continuous Replication
· Upgrading Clustered Mailbox Servers to Exchange 2007 SP1
· Monitoring Continuous Replication
· New High Availability Features in Exchange 2007 SP1
· How to Install Exchange 2007 SP1 Prerequisites on Windows Server 2008
· Installing Cluster Continuous Replication on Windows Server 2008
· Installing Single Copy Clusters on Windows Server 2008
· New Client Access Features in Exchange 2007 SP1
· New Transport Features in Exchange 2007 SP1
· New Mailbox Features in Exchange 2007 SP1
· New Unified Messaging Features in Exchange 2007 SP1
· IPv6 Support in Exchange 2007 SP1
Comments
Anonymous
November 30, 2007
PingBack from http://msdnrss.thecoderblogs.com/2007/11/30/exchange-2007-service-pack-1-why-its-important-for-mobile-users/Anonymous
November 30, 2007
I deployed SP1 on Friday and was very impressed with how easy it was to do and especially the new features in terms of the Database Architecture, new features for OWA, ect. As you mention the new ActiveSync policies need a slightly newer version of WM from the existing WM6. Microsoft say it should be out Q1 of 2008. But do you have any better timescales or atleast a release date for an Emulator? RishiAnonymous
November 30, 2007
Jet Red vs Jet Blue 5 Essential Administration Tasks for Exchange Server 2007 Exchange 2007 and WindowsAnonymous
December 18, 2007
Its a shame the new Exchange 2007 SP1 Active Sync policies are only available if you upgrade to exchange enterprise CAL's.... which arn't cheap.... Are microsoft getting greedy? Dont get me wrong I like MS generally but with all these new 'enterprise' CAL's for sharepoint and exchange etc it gets very expensive to benefit from the nice new features....