All posts by Yvonne Wickramasinghe

Meet WSO2 EMM 2.2.0!

We’re excited to announce yet another landmark of our EMM story:  the latest version WSO2 EMM 2.2.0! WSO2 EMM comes with a host of device management, app management and analytics features that benefit IT admins as well as device owners themselves.

Let’s explore some of the new key features of this release.

Device Management

The latest release comes with improved APIs for better extensibility, advanced WiFi profiles and supports device restrictions available in Android 5.0 – Lollipop upwards.

Advanced WiFi Profiles

Some organizations prefer to configure enrolled devices over-the-air (OTA). The previous WSO2 EMM version supported only WEP (simple profile with only SSID and password input) and with 2.2.0 organizations will be able to configure enrolled devices with advanced WiFi profile types, such as EAP, WPA2 and enabling TLS/TTLS.

Device Restrictions

WSO2 EMM 2.2.0 supports all device restrictions (e.g. network configuration, VPN configuration, volume control) available from Android 5.0 – Lollipop upwards. For the complete list of supported devices restrictions, refer to our official documentation (Note: camera setting was delivered in a previous release).

App Catalog at Your Service

In the previous WSO2 EMM distribution, when a mobile application needs to be installed on a device either the admin will have to push applications to the mobile device via the WSO2 EMM Management Console or the device owner will have to be granted access to the Management Console, which is not a practical scenario.

With 2.2.0, WSO2 EMM will have a standalone mobile app called ‘App Catalog’. The App Catalog lists all mobile apps the device owner is permitted to install. Device owners will be facilitated to install mobile apps with just a click of a button and to uninstall and remove them as well.

Whitelisting and Blacklisting Apps

With this feature admins will able to whitelist and blacklist mobile apps already installed in the App Store, so that a specific set of mobile applications are provisioned to device owners. This will also enable fencing unknown malicious mobile apps from accessing corporate data.

Room to Grow – Let’s OEM

With this release WSO2 EMM unlocks a host of features capable of underpinning OEM efforts for organizations using custom Android devices as part of their business strategy (e.g. medical devices, point-of-sale devices, kiosks). Managing custom devices is two-fold; you can either maintain custom firmware or use custom apps signed by the device vendor (or by the firmware key provided by the device vendor). The 2.2.0 distribution comes with a system service app that can be installed on the device and thereby used to perform root operations on the device.

emm 2.2

Automatic Device Enrollment

With this, admins will be able initiate the device auto-enrollment by entering serial numbers via the Management Console for the required devices. Once corresponding devices are handed over to device owners, device owners will be facilitated to select the relevant serial number from the device and generate a one-time-token (OOT), which expires within a predefined duration. To complete the enrollment, you can either type in the OOT or simply scan the QR code.

This will increase the speed of enrolling a large number of devices with a few steps with less device user intervention.

Over-The-Air Firmware Upgrade

This feature will allow admins to upgrade device firmware (apps written to device ROM) via the WSO2 EMM Management Console to one/more devices in one go (e.g. a firmware upgrade to all COPE devices). Device owners, on the other hand, need not worry about manually obtaining the latest firmware, as upgrades will be auto-installed.

Silent App Installation, Update, and Removal

In the previous WSO2 EMM version, app installations would only take place subsequent to a user confirmation. With 2.2.0, apps can be installed, updated, or even removed from the device without the device owner’s consent.

Device Hard Lock

This enables admins to completely block a device user that can only be revoked by an admin. This will help organizations to screen out device users who breach organizational policies.

Device Reboot

This facilitates admins to remotely reboot Android devices via the Management Console.

How are my Devices Doing?

WSO2 EMM 2.2.0 offers an array of features to keep you up-to-date around your device portfolio.

Analytics Dashboard

The WSO2 EMM Device Monitoring Dashboard provides admins with insights into unmanaged and non-compliant devices, device distribution by platform, and BYOD/COPE ownership and connectivity.

Device Details

Admins can view both dynamic and static device related information via the WSO2 EMM Management Console. Viewable static data include memory, CPU details, and OS version. Viewable dynamic data include CPU/memory utilization, battery level, installed apps, connectivity strength, power status (i.e. on battery or plugged into a power source), and GPS location.

Alerts on Alerts

The previous WSO2 EMM Management Console facilitated admins to send alerts to Android devices; from WSO2 EMM 2.2 onwards, admins will be notified on the alert delivery and the device owner’s response to alerts as well, i.e. be notified on whether the alert was delivered, displayed, or dismissed. In addition, admins will be able to send custom alert types as well.

WSO2 Enterprise Mobility Manager (WSO2 EMM) is a 100% open source comprehensive platform supporting iOS, Android and Windows devices, which help organizations to deal with both corporate-owned, personally-enabled (COPE) devices and employee-owned devices with the bring your own device (BYOD) program.

You can download the product here and try it out for yourself. If you come across any issues please feel free to report them via the public JIRA.

High performance API traffic management and more in all new WSO2 API Manager 2.0 Beta

Last week we launched the beta version of the WSO2 API Manager 2.0. We are excited about this release as it offers analytics for API usage and performance; a Decision Manager to enforce throttling policies in real-time; API lifecycle visualization, and automatic generation of client SDKs.

Our 100% open source API Manager enables enterprises to leverage APIs, where they can derive new revenue models as well as safeguard against potential risks.

Let’s explore some of the new key features of this release

Facelift

The UIs of the Developer Portal (API Store), API Publisher and Admin Portal are transformed to bring out an intuitive user experience to users; new theme and easy navigation flows help users to perform tasks faster.

Screen Shot 2016-04-26 at 3

Dynamic Throttling

Throttling helps to regulate traffic towards APIs, secure against possible security threats as well as monetize APIs. Throttling in WSO2 API Manager is imposed through policies based on tiers; tier is composed of a duration and a maximum no of requests to be entertained within that duration.

WSO2 API API Manager 2.0 comes with a Decision Manager to support managing and scaling API traffic. The new throttling model facilitates processing throttling policies in real time:

  • Standard usage quotas to be consumed over a longer time period (e.g. total subscriptions, total resources such as calls and bandwidth
  • Rate limiting based on subscriptions, APIs, resources, IP, geo-location, bandwidth, request payload (e.g. headers), user/access token, JWT claims, request methods (e.g. GET, POST) and traffic spikes
  • Rate limiting based complex, extensible and dynamic rules, scenarios and events

With this release Super Tenant Users will be facilitated to create custom throttling policies, which will take effect immediately on all APIs globally. On the other hand, Admins will be able to define complex throttling policies (with transport headers, IP addresses, etc.), on the fly. They can utilize throttling to simply blacklist users and applications abusing rate limits.

Enhanced Analytics

WSO2 API API Manager 2.0 supports a host of new reports, log analysis as wells a real-time alerting mechanism. With these features users will be able to gauge API performance/usage and detect irregular patterns, which can be potential security risks.

Comprehensive Graphs

A host of new statistical graphs have been introduced for the benefit of users interested in assessing API and application performance.

Screen Shot 2016-04-26 at 3

Alerting

We now support a range of alerts to assist users to act upon anomalies in API usage and backend system behaviour as well as real-time detection of potential fraudulent activities. Some of the scenarios where alerts are triggered are as follows:

  • Abnormal API response time – This could indicate a potential Service Level Agreement (SLA) breach
  • Application/User throttled-out – API product managers may use this data to proactively propose a tier-upgrade or re-visit existing SLAs
  • Abnormal API request count – This will indicate when there is a sudden spike/drop in the number of request for an API resource in a given duration, which can be related to a possible system problem
  • Abnormal API Usage – This will help to detect when APIs are not utilized as expected, which could be an indication either the APIs are not useful as they used to be or support material are not upto date and act upon them
  • Abnormal renewal of access tokens – Possible indication of a lost token, which can be mapped to a potential fraud

Log Analysis

WSO2 API Manager 2.0 supports real-time log analysis with the ability to view the live log as well as to perform log analysis based on reports on low-level system operations such as log events, login failures, API failures and Access token-related issues.

Screen Shot 2016-04-26 at 3

Enhancements to Developer Portal

By utilizing swagger-codegen, the WSO2 API Manager 2.0 distribution facilitates API subscribers to generate SDKs for subscribed APIs in relation to the corresponding application with just a click of a button. This will make an app developer’s life easy by taking away the hassle of manually creating SDKs.

Screen Shot 2016-04-26 at 3

A graphical representation of API lifecycle management will illustrating the API state transition from creating to publishing, deprecating and retiring APIs.

Screen Shot 2016-04-26 at 3

WSO2 API Manager facilitates maintaining multiple API versions. With 2.0 when a new API version is created in API Publisher, users who had subscribed to its other version(s) will be notified via email by default.

You can download the product from here and try it out for yourself. If you come across any issues please feel free to report them via the public JIRA.