Windows Mobile 2003 includes many new features specifically for the enterprise, such as new VPN (Virtual Private Networking) support, IPv6, enhanced synchronization, device management, and more. In case you missed it, Windows Mobile 2003 is reviewed in this issue on page 14.
Virtual Private Networks
Microsoft continues to support PPTP (Point to Point Tunneling Protocol) in their VPN client for Windows Mobile. In addition, Microsoft has added IPSec/L2TP--IP Security, (www.rfc-editor.org/rfc/rfc2411.txt) and Layer2 Tunneling Protocol (www.rfc-editor.org/rfc/rfc2661.txt) --to its Windows Mobile VPN client. IPSec/L2TP is included in Windows Server 2003 and other VPNs from third-party vendors such as Cisco. At this writing, a list of supported VPNs is not available. Microsoft also allows a network administrator to configure multiple VPN connections and a user to select which VPN to connect to.
Connection Manager
With the new version of Connection Manager, Windows Mobile 2003 allows you to control where requests are sent based on the name of the host. If the host has a period in its name then the request is sent to the Internet. If the host does NOT have a period in its name then the request is sent to the work settings, including the VPN. With Windows Mobile 2003, network administrators can set up special mappings to tell Windows Mobile whether to use Work or Internet to find a specific host. This will resolve the problem that some corporations have when they use a DNS (domain name server) internally for hosts.
Real-time Communications Server support
Microsoft has added support for using the MSN Messenger client with the Real-Time Communications Server (RTC Server). You can specify whether to connect to the RTC Server or to MSN Messenger first when you attempt to connect. Also, the Messenger client is supported with Exchange Server 2003 (code name Titanium).
Wi-Fi enhancements
Along with the Wi-Fi Zero Configuration I
discussed in the prior Windows Mobile 2003 article, Microsoft has added IEEE
802.1x support. 802.1x support uses a digital certificate stored on the Pocket
PC to allow a network server using either Windows 2000 or Windows 2003 Server to
confirm that an authorized device is connecting to it. In addition, Microsoft
also supports PEAP (Protected Extensible Authentication Protocol) and EAP-TLS (Extensible Authentication Protocol Transport Layer Security) as part of the 802.1x support. These are major security enhancements to Wi-Fi to prevent unauthorized users from accessing your network.
Pocket Internet Explorer digital certificates
Microsoft has added many additional root digital certificates which will allow Windows Mobile to connect to more secure Web sites such as banks, brokerage accounts, and retirement accounts. Further, Microsoft has added support for the installation of local digital certificates. Local digital certificates can be used to allow a specific device such as a Pocket PC to access a Web site, while preventing other devices that do not have the certificate installed from doing the same. Network administrators can install their own root and local certificates as well as manage the certificates on Windows Mobile devices. Since the certificate manager user interface is available to users of Windows Mobile, network administrators should tell users NOT to delete certificates or they may not be able to access some SSL websites.
Configuration of connection settings
Microsoft also included a way for network administrators to configure Windows Mobile standard network connections, such as dialup or VPNs. This is done using a variety of tools ranging from XML to a CAB file. The settings can be delivered via GSM, GPRS, CDMA, Wi-Fi, or a Web site. Also, wireless vendors may use this over the air (OTA) to set up Pocket PCs to connect to their networks.
IPv6: More host addresses
Printer-friendly version