Questions

Lock down Mobile Device Access via SSL?

+
0 Votes
Locked

Lock down Mobile Device Access via SSL?

JoeShmoe99
We have a customer requirement to enable Direct Push mail to a number of mobile devices running Windows Mobile 5

We have an OWA cluster but currently we do NOT allow browswer based public access to the email server over secure HTTP- this is done via an eGap solution

Therefore we will have to create a public URL to allow these mobile devices to connect to the OWA server via HTTPS. However we dont want any old device or browser or PDA to be able to access this device - just the mobile devices we are shipping

I understand that we will have to provide an SSL certificate on the OWA IIS boxes to allow secure encryption but Im assuming these wont restrict access to just the devices we want them to as they'll be from a trusted CA such as Verisign - i.e standard SSL is about encryption - not about client validation

Which leaves us with the option of having to lock down access at the DMZ firewall by IP range which I really dont want to do - not least because if they take these devices onto other networks (i.e. intnl roaming) then the IP address will change

So is there any way we can use SSL to lock down access by phones by using client certs or some other form of signed cert that WM5 would support? I profess to knowing very little about SSL?