The architecture for Endpoint Manager for Mobile Devices is mostly the same as with managing any other endpoint. The key difference is that there is a new BigFix platform component, the "Management Extender", that is needed to manage Apple iOS devices or to manage devices through Microsoft Exchange or Lotus Traveler.



Android devices are managed by installing a management agent app. The Android agent app is based on the same code as the BigFix agents for Windows, Linux, Unix, and Mac and works very similar to the other BigFix agents. The Android agent will communicate with relays on the BigFix port (default 52311), evaluate relevance and Fixlets, and perform other functions similar to other BigFix agents.


Apple iOS

Apple devices (iPhone, iPad, and iPod Touch) must be managed using Apple's MDM APIs for management. These APIs are controlled by using Apple's Push Notification Network (APNS) that activate the built-in management functionality in iOS devices. To manage Apple iOS devices with this mechanism, there is a new BigFix component called the "Management Extender for iOS" that is installed on a relay that can communicate with Apple iOS devices.

Since managing Apple iOS devices requires interacting with the devices in addition to the Apple Push Notification Servers, there are additional network requirements:

ActiveSync-based Management

Mobile devices typically have some basic management functionality (including setting password policies and wiping lost/stolen devices) that is available when then are connected to email servers. BigFix MDM can optionally connect to an email server (Microsoft Exchange or Lotus Traveler) using a "Management Extender" to gain management over any devices connected through the email server. This allows management of wide variety of devices (including Android, Apple iOS, Symbian, and Windows Mobile) without putting an agent on the device. However, the management functions provided using ActiveSync (which includes password policies and wipe functionality) are limited compared to the agent-based management (which can include extensive inventory, more security policies, app management, vpn/wifi configuration, and more).



Please note that some parts of mobile device management are still in Beta. Please read the Beta disclaimer:

IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion.