VMware Notification Service v2.0 Installation and Configuration Guide Configure ENSv2 for cloud and on-premises deployments

Similar documents
VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

Workspace ONE UEM Notification Service 2. VMware Workspace ONE UEM 1811

Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.

Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.

Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.

Workspace ONE UEM Notification Service. VMware Workspace ONE UEM 1811

VMware AirWatch Cloud Connector Guide ACC Installation and Integration

VMware AirWatch Workspace ONE Send Admin Guide Configuring and deploying Workspace ONE Send

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

VMware AirWatch File Storage Setup Guide Setting up file storage for AirWatch functionality

INSTALLATION AND SETUP VMware Workspace ONE

VMware Avery Dennison Printer Integration Guide Integration with Workspace ONE UEM

VMware AirWatch Content Gateway Guide for Linux For Linux

VMware AirWatch Integration with RSA PKI Guide

VMware AirWatch Content Gateway Guide for Windows

VMware AirWatch Integration with SecureAuth PKI Guide

MANAGING ANDROID DEVICES: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

VMware Workspace ONE UEM VMware AirWatch Cloud Connector

VMware AirWatch Certificate Authentication for EAS with ADCS

VMware AirWatch Integration with F5 Guide Enabling secure connections between mobile applications and your backend resources

VMware AirWatch Windows Autodiscovery Service Installation Guide Installing and configuring Windows Autodiscovery with AirWatch

VMware AirWatch Integration with Microsoft ADCS via DCOM

VMware AirWatch Content Gateway Guide for Windows

VMware AirWatch Content Gateway Guide for Windows

VMware AirWatch Database Migration Guide A sample procedure for migrating your AirWatch database

VMware AirWatch Content Gateway Guide for Windows

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

VMware Enterprise Systems Connector Guide for SaaS Customers ACC Installation and Integration for SaaS

VMware AirWatch and Office 365 Application Data Loss Prevention Policies

VMware Boxer Comparison Matrix for IBM Notes Traveler Compare the features supported by VMware Boxer and AirWatch Inbox

VMware AirWatch Memcached Integration Guide Integrating Memcached functionality into your AirWatch deployment

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

VMware AirWatch Content Gateway Guide For Linux

VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch

VMware PIV-D Manager Deployment Guide

VMware AirWatch Product Provisioning and Staging for Windows Rugged Guide Using Product Provisioning for managing Windows Rugged devices.

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

INTEGRATING WITH DELL CLIENT COMMAND SUITE: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Prophet 21 Middleware Installation Guide. version 12.16

VMware AirWatch Integration with OpenTrust CMS Mobile 2.0

VMware AirWatch Epson Printer Integration Guide Using Epson printers with Workspace ONE UEM

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

Workspace ONE UEM Upgrade Guide

VMware AirWatch Content Gateway for Windows. VMware Workspace ONE UEM 1811 Unified Access Gateway

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

Workspace ONE UEM Integration with RSA PKI. VMware Workspace ONE UEM 1810

VMware AirWatch Android Platform Guide

VMware AirWatch Epson Printer Integration Guide Using Epson printers with Workspace ONE UEM

VMware AirWatch tvos Platform Guide Deploying and managing tvos devices

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

VMware AirWatch Datamax-O Neil Integration Guide

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

VMware Tunnel Guide for Windows

VMware AirWatch Books Deployment Guide Distribute and deploy books

VMware AirWatch Tizen Guide

VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch

VMware Tunnel Guide for Windows

VMware AirWatch On-Premises Certificate Authority Guide



VMware AirWatch Product Provisioning and Staging for Android Guide Using Product Provisioning for managing Android devices.

VMware Enterprise Systems Connector Installation and Configuration

Getting Started with. Management Portal. Version

Version Installation Guide. 1 Bocada Installation Guide

Crestron Fusion Cloud On-Premises Software Enterprise Management Platform. Installation Guide Crestron Electronics, Inc.

VMware Enterprise Systems Connector Installation and Configuration. Modified 29 SEP 2017 VMware AirWatch VMware Identity Manager 2.9.

VMware Content Gateway to Unified Access Gateway Migration Guide

Guide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE

VMware AirWatch Datamax-O Neil Integration Guide

BUSINESS DEVELOPMENT SUITE MOBILE INSTALLATION GUIDE. Version 14R2

AirWatch Mobile Device Management

VMware Enterprise Systems Connector Installation and Configuration. JULY 2018 VMware Identity Manager 3.2 VMware Identity Manager VMware AirWatch 9.

VMware AirWatch Product Provisioning and Staging for QNX Guide Using Product Provisioning for managing QNX devices.


VMware AirWatch Symbian Platform Guide Deploying and managing Symbian devices

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

LifeSize Control Installation Guide

Installation Guide. 3CX CRM Plugin for ConnectWise. Single Tenant Version

VMware AirWatch Mobile Application Management Guide Enable access to public and enterprise apps

Installation Guide Savision iq

Workspace ONE UEM Certificate Authority Integration with JCCH. VMware Workspace ONE UEM 1810

REVIEWERS GUIDE NOVEMBER 2017 REVIEWER S GUIDE FOR CLOUD-BASED VMWARE WORKSPACE ONE: MOBILE SINGLE SIGN-ON. VMware Workspace ONE

vfire 9.9 Prerequisites Guide Version 1.1

VMware Tunnel Guide for Windows Installing the VMware Tunnel for your AirWatch environment

Integrating AirWatch and VMware Identity Manager

VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018

Bomgar Vault Server Installation Guide

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

VMware AirWatch Self-Service Portal End User Guide

VMware Workspace ONE UEM Recommended Architecture Guide

Configuring Single Sign-on from the VMware Identity Manager Service to Marketo

VMware AirWatch Zebra Printer Integration Guide

VMware AirWatch Installation Guide Installing AirWatch v9.1 in on-premises environments

SOA Software Intermediary for Microsoft : Install Guide

Installing and Configuring vcenter Multi-Hypervisor Manager

Dell SupportAssist Agent User s Guide

VMware AirWatch Integration with Apple Configurator 2 Guide Using Apple Configurator 2 and AirWatch to simplify mass deployments

Transcription:

VMware Email Notification Service v2.0 Installation and Configuration Guide Configure ENSv2 for cloud and on-premises deployments Workspace ONE UEM v9.4 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com. This product is protected by copyright and intellectual property laws in the United States and other countries as well as by international treaties. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. 1

Table of Contents Chapter 1: Overview 3 Introduction 4 Architecture Overview 5 Requirements 6 Chapter 2: Email Notification Service for Cloud 9 Configure Boxer for Cloud 10 Email Notification Service Endpoints 11 Chapter 3: Email Notification Service for On-Premises 12 Configure CNS and Download ENS Configuration Files 13 Install Email Notification Service 2 13 Configure Boxer for On-Premises Environment 14 Chapter 4: Frequently Asked Questions 16 2

Chapter 1: Overview Introduction 4 Architecture Overview 5 Requirements 6 3

Introduction The Email Notification Service (ENS) adds Push Notification support to Exchange. VMware Boxer provide notifications about your emails by running in the background. Due to platform limitations, Boxer can only run in the background for a limited time. Email Notification Service (ENS2) provides a solution to deliver notifications to user's device when Boxer is not running. ENS2 supports notifications that includes the email subject and a badge icon to notify the number of unread emails in the Inbox on the server. This document provides the information required to install and configure the ENS2 as a cloud-hosted or on-premises service. ENS2 with Boxer ENS2 uses Exchange Web Services (EWS) subscriptions to notify changes in users' mailboxes. The EWS subscriptions can go inactive due to different reasons and the systems involved should check to make sure that the subscriptions are active. ENS2 uses a check-in mechanism within Boxer and also proactively checks the EWS subscription status to ensure the continuous delivery of notifications. The check-in mechanism used by ENS2 require intervention from Boxer to renew the EWS subscriptions. The functionality of ENS2 also depends on the Apple Push Notification Service (APNS) to deliver silent notifications to the device. The dependency of ENS2 on EWS and APNs can cause the following scenarios: No push notifications received when device notification is set to Do Not Disturb No push notifications received for up to one hour when the device is actively used (Boxer in the background) Inaccurate badge counts that is updated after receiving an email Bringing the Boxer app to the foreground thereby allowing the ENS2 to renew EWS subscriptions will solve the notification errors. 4

Chapter 1: Overview Architecture Overview This section provides information about the architecture design and functionality of ENS2. ENS2 Architecture using APNS Architecture Flow Description 1. Public-Key Request The device requests a public key to encrypt the account credentials. 2. Subscribe The device sends an encrypted payload with credentials and all the necessary information to subscribe and get email notifications. 3. Push Subscription ENS authenticates with EWS and subscribes for push notifications using a webhook URL. The webhook URL contains the encrypted credentials. The credentials are now kept encrypted on the Exchange server. 4. New Email Notification Exchange sends notification about the mailbox changes to the provided webhook URL. ENS extracts and decrypts the credentials and prepares call to fetch emails. 5. Email Fetch ENS performs a fetch for the email details (subject and sender) required for providing a notification. 6. Push Email ENS pushes email details for delivery to all devices belonging to the user through Apple Push Notification Service (APNS). 5

Chapter 1: Overview Requirements This section explains the requirements for using the ENS2 with AirWatch. Email Server Integration Versions Supported Email Client - VMware Boxer v4.8 for ios or later Email Server - Exchange 2010 SP3, Exchange 2013 SP1, Exchange 2016, or Office 365 Workspace ONE UEM console Requirements AirWatch Console v8.4 or later Hardware Requirements (On-Premises Only) Web Server CPU Core RAM Hard Disk Storage Notes 2 (Intel processor) 16 GB (8GB minimum) 30 GB Per 100,000 users. Database Server CPU Core RAM Hard Disk Storage Notes 2 (Intel processor) 16 GB (minimum) Approx. 0.0477 MB per user to estimate the DB storage size. Per 100,000 users. 6

Chapter 1: Overview Software Requirements Requirement (On-Premises only) Windows Server 2008 R2 or Windows Server 2012 R2 SQL Server 2012 2016 (Database Server) CNS Certificate Secure Channel Certificate IIS 7 or later Requirement (Cloud and On-Premises) Basic Authentication for the Exchange environment Autodiscovery enabled in Exchange environment and Internet exposed EWS environment. If autodiscovery is disabled, you can use the EWSUrl key value pair to configure ENS. Exchange requires an outbound connection to ENS for pushing the events. Notes The servers should be externally accessible The db_owner role and public role must be enabled on the SQL server user that is used for running the application Installed on Web Server Notes Upcoming versions support Certificate Based Authentication and Modern Authentication Networking Requirements Network Ports Source Destination Protocol (Port) ENS Exchange (EWS) HTTPS (443) Exchange (EWS) ENS HTTPS(443) ENS Airwatch Cloud Notification Service (CNS) HTTPS(443) ENS SQL Server Instance SQL(1433) 7

Chapter 1: Overview IIS Services Component Name Required Services Notes FTP Server Web Managment Tools World Wide Web Services Application Development Features Common HTTP Features Health and Diagnostics Performance Features Security FTP Extensibility FTP Service IIS 6 Management Compatibility IIS Management Console IIS Management Scripts and Tools IIS Management Service.NET Extensibility 3.5.NET Extensibilty 4.6 Application Initialization ASP ASP.NET 3.5 ASP.NET 4.6 ISAPI Extensions ISAPI Filters Server-Side Includes WebSocket Protocol Default Document Directory Browsing HTTP Errors Static Content HTTP Logging Static Content Compression Request Filtering 8

Chapter 2: Email Notification Service for Cloud Chapter 2: Email Notification Service for Cloud Configure Boxer for Cloud 10 Email Notification Service Endpoints 11 9

Chapter 2: Email Notification Service for Cloud Configure Boxer for Cloud Configure the Email Notification Service 2 (ENS2) related settings for VMware Boxer on the Workspace ONE UEM console. Prerequisites API token and ENS2 server URL received from VMware AirWatch are required to activate the ENS service using Workspace ONE UEM console. Procedure To configure the ENS2 settings on the Workspace ONE UEM console: 1. Select the required organization group. 2. Select APPS & BOOKS and then select the Public tab. 3. Select VMware Boxer. 4. Select Edit on the upper right corner of the page and then select the Assignment tab. 5. On the Application Configuration (Optional) section, add the following keys. Configuration Key Value Type Configuration Value Description ENSLinkAddress String Supported format: https://ens.getboxer.com/api/ens Replace ens.getboxer.com with the resolved name or IP provided by VMware based on your region. Provide the address for the ENS2 system for your users to connect. For more information, see Email Notification Service Endpoints on page 11. ENSAPIToken String API Token provided by VMware AirWatch to activate the ENS service. AccountNotifyPush Boolean True - enable (default) False - disable Enables ENS for the account. EWSUrl String Enables manual configuration of Exchange Web Services (EWS) endpoint when autodiscovery is disabled in your Exchange environment. 6. Select Save & Publish and then select Publish on the next page. 10

Chapter 2: Email Notification Service for Cloud Email Notification Service Endpoints Following API endpoints are supported by ENS2. Location API Endpoint Service Outbound IP Addresses North America https://ens.getboxer.com/api/ens 35.170.156.92 52.0.239.8 52.203.205.147 Asia Pacific https://ens-apj.getboxer.com/api/ens 54.248.56.175 European Union (EU) Verify VMware Boxer Settings 54.249.212.171 54.95.25.171 https://ens-eu.getboxer.com/api/ens 18.195.84.245 18.196.197.192 52.28.149.150 After you have added the ENS configuration keys for the VMware Boxer using the Workspace ONE UEM console, check the Boxer settings on your device to confirm if your device received the configuration keys and the ENS is activated. To verify the Boxer settings: 1. Open Boxer, tap the Settings icon and then select the appropriate email account. 2. In the email settings, verify: a. If the Use Push Service is enabled. b. If the Notifications display Push as the default selection. If the Use Push Service is enabled and Notifications display Push, then the ENS is activated. 11

Chapter 3: Email Notification Service for On-Premises Chapter 3: Email Notification Service for On- Premises Configure CNS and Download ENS Configuration Files 13 Install Email Notification Service 2 13 Configure Boxer for On-Premises Environment 14 12

Chapter 3: Email Notification Service for On-Premises Configure CNS and Download ENS Configuration Files Configure the Cloud Notification Service (CNS) and download the configuration (.xml) file using the Workspace ONE UEM consoleto install ENS in an on-premises deployment. To configure the ENS V2 settings on the Workspace ONE UEM console: 1. Select the required Organization Group and navigate to Groups & Settings > All Settings. 2. From the System column, select Advanced. 3. From the URL values page, select Cloud Notification Service URL text box and provide the CNS URL. 4. From the left navigation pane, select Security and then select SSL Pinning. Follow the instructions to configure the SSL Pinning certificate. 5. If you have logged in as a Global Admin, then change the Organization Group to the child Organization Group for which you are configuring the ENS. 6. From the Settings page, select Email and then select Email Notification. 7. To enable Email Notification, select Yes and then select Save. After the settings are saved, the Download Configuration option is displayed. 8. Select Download Configuration. 9. From the Download email configuration page, select Certificate Password text box and provide a password to download the configuration. The password you provide for downloading the configuration should again be provided during ENS installation 10. Select Confirm Password text box, provide the password to confirm and select Download. Save the archived.xml file for completing the ENS installation. Install Email Notification Service 2 To use the Email Notification Service 2 (ENS2), you must install the ENS on an IIS server. Prerequisites Complete the following tasks before you install ENS2: Install IIS 7 or later on the Web Server Update ASP.Net to v4.6.2 If you do not have an SQL Server database in your environment, install the supported version of SQL Server to create an empty ENS database. The account used for SQL must have the db_owner and public roles enabled. Download the config.xml file from the Workspace ONE UEM console. 13

Chapter 3: Email Notification Service for On-Premises Procedure 1. Download the latest version of ENS2 installer from the AirWatch Resource portal. a. Run the installer. The InstallShield Wizard opens and displays the License Agreement. b. Select the I accept the terms in the license agreement check box and then select Next. 2. Select the ENS components you want to install and select Next. You can install both components on the same server. If you have separate database server, you can install the components on different servers. 3. Choose a location to install the selected components and select Next.If you want to install the components at a custom location, select Change. 4. From the ENS Configurations wizard window, select Browse and locate the config.xml file and then select Next. 5. Select Certificate Password text box and enter the certificate password you provided when you downloaded the configuration file from the Workspace ONE UEM console, and then select Next. 6. From the Database Server window, select the Database server you are installing to text box and provide the database path and account credentials for installing the database components. The database account provided must have access and modifying privileges. 7. Select the Name of the database catalog text box and enter ENS as the name of the database and select Next. The name of the database must be ENS. 8. Select OK to confirm and then select Install to start the installation. After the installation is complete, an API token is displayed in a text file. 9. Copy the API token. The API token is required when deploying Boxer application with ENS2. 10. Select Finish to exit the wizard. Configure Boxer for On-Premises Environment After you have installed the ENS2, you can configure the ENS2 related settings for VMware Boxer on the Workspace ONE UEM console. Prerequisites API token and ENS2 server URL received from VMware AirWatch are required to activate the ENS service using Workspace ONE UEM console. Procedure To configure the ENS2 settings on the Workspace ONE UEM console: 1. Select the required organization group. 2. Select APPS & BOOKS and then select the Public tab. 14

Chapter 3: Email Notification Service for On-Premises 3. Select VMware Boxer. 4. Select Edit on the upper right corner of the page and then select the Assignment tab. 5. On the Application Configuration (Optional) section, add the following keys. Configuration Key Value Type Configuration Value Description ENSLinkAddress String Supported format: https://acme.com/mailnotificationservice/api/ens Replace acme.com with the resolved name or IP of your ENS Server. Provide the address for the ENS2 system that your users should connect. ENSAPIToken String API Token provided by AirWatch to activate the ENS service. The API token is displayed in a text file after the ENS2 is complete. AccountNotifyPush Boolean True - enable (default) False - disable Enables ENS for the account. EWSUrl String Enables manual configuration of Exchange Web Services (EWS) endpoint when autodiscovery is disabled in your Exchange environment. 6. Select Save & Publish and then select Publish on the next page. To verify VMware Boxer settings, see Verify VMware Boxer Settings on page 11. 15

Chapter 4: Frequently Asked Questions Chapter 4: Frequently Asked Questions This section provides information on the frequently asked questions about ENS2 functionality. How are credentials or authentication tokens handled? Although the client shares the credentials or tokens with the ENS2 environment upon registration, they are not saved on Workspace ONE UEM servers. The Exchange server sends the encrypted authentication information back to Workspace ONE UEM as part of a notification whenever a new email is available. From that notification (Exchange to ENS2), the credentials are decrypted and used to make any requests necessary to the Exchange server. The credentials are discarded after performing the necessary requests. If credentials are not saved, what data is saved by ENS? How secure is ENS? Workspace ONE stores a list of devices and a list of public private key pairs used to decrypt the credentials when the notifications are sent from Exchange. The database is saved on a Virtual Private Cloud (private sub-net) secured using firewall. There is no direct access from the internet to this sub-net. All access is controlled using VPC and Firewall rules and only web servers with a single account have access to the database. Workspace ONE saves the log files to help debug issues and monitor the system. The log does not contain any private information (PI) of the customers and access is secured using account permissions. Where is ENS hosted? Are there instances configured to serve each region based on data sovereignty laws? ENS is hosted in multiple regions. We have various environments spanning the US, Europe, and Asia regions that permit us to abide by data sovereignty rules. What data is transmitted through the ENS server without being saved? How is it secured? User credentials that are encrypted with RSA encryption. Email subject and sender (sent using HTTPS). Future functionality: The functionality to control what data (if any) is sent or fetched for the notification. You can also control the data from an email that is used in the notification payload. All communication is made through HTTPS. What is the dependency of ENS on cloud services? AWS Simple Notification Service (SNS) is used for managing push notification. Apple Push Notification Service (APNS). APNS is mandatory for passing notifications to Apple devices. AWS Relational Database Service (RDS) is used for data persistence. What is the user agent utilized by ENS2 when sending requests to Exchange? MailNotificationService/v2 (ExchangeServicesClient/15.00.0913.015). The value '15.00.0913.015' will change as new libraries from Microsoft are released and are updated for using ENS2. What email folders does ENS2 monitor for incoming messages and actions? 16

Chapter 4: Frequently Asked Questions ENS2 only monitors each user s Inbox folder. 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback