Exchange Server 2003 Wireless Device Support
Exchange Server 2003 allows users of wireless and small devices, such as mobile phones, personal digital assistants (PDAs), or smart phones (hybrid devices that combine the functionality of mobile phones and PDAs), access to Exchange data. Exchange ActiveSync and Outlook Mobile Access (OMA) are two of the mobile service components that are built into Exchange Server 2003.
Exchange ActiveSync is a service provided in Exchange Server 2003 that allows users to synchronize their Exchange information (inbox, subfolders, calendar, contacts, and tasks) with their ActiveSync-enabled mobile device (such as Pocket PC 2002, Smartphone 2002, and Windows Mobile 2003 devices).
OMA is a service provided in Exchange Server 2003 that allows users to access their Exchange mailbox by using a browser-enabled mobile device. Devices such as mobile phones and PDAs that use extensible Hypertext Markup Language (XHTML), compact HTML (cHTML), or standard HTML browsers allow your users to connect to their inbox, calendar, contacts, and tasks, and perform global address list (GAL) searches. In addition to mobile phones, Windows Mobile devices using Microsoft Pocket Internet Explorer and desktop personal computers using Microsoft Internet Explorer 6.0 or later
also support OMA.
Like OWA, OMA and ActiveSync require that the computer running Exchange Server 2003 be accessible from the Internet using HTTP. When accessing a mailbox using OMA, the wireless device connects to a wireless access point that provides access to the Internet. Then the Web browser on the wireless device is used to access the computer running Exchange Server.
The use of wireless clients raises similar security issues to OWA including the following:
1- Securing the user logon By default, OMA is configured to use HTTP. This means that all user logon information is passed in clear text to the computer running Exchange Server. In addition, authentication to the SMTP server is passed in clear text. This issue can be easily addressed using SSL to encrypt all user sessions.
2- Securing e-mail contents Because all messages are sent in clear text using HTTP or SMTP, the e-mail contents may not be secure while crossing the Internet. SSL can secure the e-mail in this case.
Exchange Server 2003 allows users of wireless and small devices, such as mobile phones, personal digital assistants (PDAs), or smart phones (hybrid devices that combine the functionality of mobile phones and PDAs), access to Exchange data. Exchange ActiveSync and Outlook Mobile Access (OMA) are two of the mobile service components that are built into Exchange Server 2003.
Exchange ActiveSync is a service provided in Exchange Server 2003 that allows users to synchronize their Exchange information (inbox, subfolders, calendar, contacts, and tasks) with their ActiveSync-enabled mobile device (such as Pocket PC 2002, Smartphone 2002, and Windows Mobile 2003 devices).
OMA is a service provided in Exchange Server 2003 that allows users to access their Exchange mailbox by using a browser-enabled mobile device. Devices such as mobile phones and PDAs that use extensible Hypertext Markup Language (XHTML), compact HTML (cHTML), or standard HTML browsers allow your users to connect to their inbox, calendar, contacts, and tasks, and perform global address list (GAL) searches. In addition to mobile phones, Windows Mobile devices using Microsoft Pocket Internet Explorer and desktop personal computers using Microsoft Internet Explorer 6.0 or later
also support OMA.
Like OWA, OMA and ActiveSync require that the computer running Exchange Server 2003 be accessible from the Internet using HTTP. When accessing a mailbox using OMA, the wireless device connects to a wireless access point that provides access to the Internet. Then the Web browser on the wireless device is used to access the computer running Exchange Server.
The use of wireless clients raises similar security issues to OWA including the following:
1- Securing the user logon By default, OMA is configured to use HTTP. This means that all user logon information is passed in clear text to the computer running Exchange Server. In addition, authentication to the SMTP server is passed in clear text. This issue can be easily addressed using SSL to encrypt all user sessions.
2- Securing e-mail contents Because all messages are sent in clear text using HTTP or SMTP, the e-mail contents may not be secure while crossing the Internet. SSL can secure the e-mail in this case.
