DDive11 - IBM Lotus Notes Traveler

IBM Lotus Notes Traveler

Roberto Boccadoro
Lotus Collaboration Solutions Architect

Roberto Boccadoro

52 anni, dei quali 17 passati in Lotus/IBM, un terzo della mia vita.

Ho iniziato a lavorare con Notes 3.0, devo ancora smettere... :-)

Ovviamente nel corso degli anni ho lavorato su molti dei prodotti che Lotus ed IBM hanno rilasciato sul mercato, ed anche su qualcuno che non avete mai visto.

Al momento il mio ruolo in IBM quello di Collaboration Architect, ovvero una figura di IT Architect specializzata nel portafoglio Lotus.

Il mio compito quello di aiutare i Clienti ed i Business Partners a disegnare soluzioni che prevedano l'uso di vari prodotti Lotus.

[email protected] 335/8073444

Agenda

Mobile Landscape and TrendsLotus Mobile StrategyLotus Notes TravelerTimeline

What's New

Security

Best Practices

Reference Links

Q & A

http://www.pewinternet.org/Reports/2010/Mobile-Access-2010/Summary-of-Findings.aspx

Source: Pew Internet, July 2010

Percent

200m+ users accessing Facebook through mobile devices40% of all Facebook usersMobile usage 2x in 2010

People that use Facebook on their mobile devices are twice as active on Facebook than non-mobile users

Mobile Landscape and Trends
Consumer mobile usage is driving enterprise expectations

Bottom line is the mobile landscapes is changing. Both the way that people are using the devices, the way theyre the devices, and the applications theyre using on devices are changing.

In the pastToday and tomorrow

Only a few devices supportedMany device platforms & form factors(Smartphones, tablets, etc)

Communication focused devices Social and collaboration focused devices

Phone, mail, calendar contacts, chat, SMSSocial collaboration, meetings, VoIP, video

Enterprise owned & controlled devicesBring your own device but enterprise controls management & security policies

Enterprise mobile use cases are evolving

Agenda

Mobile Landscape and TrendsLotus Mobile StrategyLotus Notes TravelerWhat's New

Timeline

Security

Best Practices

Reference Links

Q & A

Lotus Mobile Strategy
Enabling users to participate in social business on the move

A comprehensive solution for social business delivered as first-class mobile platform experiencesMade available on leading devices through the device platforms' associated distribution channelSupported by application development tools to help partners and customers reach their mobile user base by mobilize their information and applicationsComplete with enterprise governance capabilities that are easily managed on premises, hosted, or in the cloud

Agenda

Mobile Landscape and TrendsLotus Mobile StrategyLotus Notes Traveler Timeline

What's New

Security

Best Practices

Reference Links

Q & A

Integrated collaboration on multiple devices, any network

Offline / Online capabilities

Clients managed centrally, easier administration

Multi-OS support

Out of the box features, cost effective and innovative

Integrates with existing systems and applications

IBM Lotus Notes

laptopZeta_Mail_RenataIBM Lotus iNotes

EarthA screen capture shows the Lotus Domino Web access browser-based client.IBM Lotus Notes Traveler

IBM Lotus iNotes

mdamobilephone2A screen capture shows the Lotus Notes Traveler interface

IBM Lotus Domino has a rich client ecosystem
Email, PIM, and more...

What is Lotus Notes Traveler?

Automatic wireless delivery of Lotus DominoEmail and PIM Data

Device security settings

2-way synchronization

Over the air client or profile installation

Uses native device applications for best integration (except Android)

Works over all wired / wireless connections (CDMA, GPRS, GSM, WiFi, etc.)

Administration support for device security policies and remote wipe

Server Requirements

Operating SystemWindows Server 2003 Standard/Enterprise/R2 (32 and 64 bit)

Windows Server 2008 Standard/Enterprise (32 and 64 bit)

Windows Server 2008 Standard/Enterprise R2 (64 bit)

Red Hat Enterprise Linux (RHEL) 5 Server (32 and 64 bit)

SUSE Linux Enterprise Server (SLES) 10.2 (32 and 64 bit)

SUSE Linux Enterprise Server (SLES) 11 (32 and 64 bit)

Requires Domino 8.5.2 Server, Enterprise or Messaging configurationsRuns in 32-bit or 64-bit mode on Domino server for Windows

Linux Domino server is 32-bit only, so Traveler only runs in 32-bit mode on Linux

Remote mail database supportDomino 7.0.2 servers or above

Remote mail OS can be anything that Domino supports

Mail file templates
Standard and iNotes version 6.5 and above

Device Requirements

Android 2.0.1 or greater devices, phone & tablets (incl.3.0)

Apple Devices and Operating SystemsiPhone, iPhone 3G, iPhone 3GS, iPhone 4

iPad

iPod Touch

Apple OS 3.x

Apple iOS 4.x

Nokia DevicesNokia Series 60 3rd edition, including feature pack 1 and 2

Nokia Series 60 5th edition

Nokia manufactured phones are only versions supported

Windows Mobile DevicesWindows Mobile 6.0, Standard, Professional and Classic versions

Windows Mobile 6.1, Standard, Professional and Classic versions

Windows Mobile 6.5, Standard, Professional versions

Note that Lotus Notes Traveler version 8.5.2 does not run on Windows Mobile 5 devices

Lotus Notes Traveler Email, Calendar, Contacts

Bullet 1

Symbian^3 coming soon (8.5.3)

Lotus Notes Traveler Email on the iPad

Bullet 1

Recent Traveler Releases at a glance

Lotus Notes Traveler 8.5.2 - Aug 2010 Security, Device managment, Full calendar support (iOS), Linux server

8.5.2.1 Dec 2010 adds Android 2.0.1+ supportAbility to specify & enforce Domino security settings on Android

8.5.2.2 March 2011 adds Android 3.0 (Xoom) support & battery efficienciesEnhancement/Fix List: http://www.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_APAR_listing

8.5.2.3 June 2011 adds iOS partial (Traveler only) wipeEnhancement/Fix List: http://www.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_APAR_listing

8.5.3 beta in progress adds cross-platform enhancementsIOS, Android & Nokia enhancements, Group Lookup and more... coming soon....

A one vendor solution!Integrated with Domino; Domino domain expertise and support

Alignment with Notes/Domino development; insight into future direction & plans

Preserve & extend Domino investment; a no-cost mobile option for licensed Domino servers

No requirement for 'Enterprise' level data plan For corporate or employee owned phones

Security - 8.5.2 capabilities leverage familiar Domino admin tools:Set & enforce security rules, based on company policy

Password length/strength/age

Options to block unencrypted devices and camera usage

Remote wipe (admin & self) per request and upon specified # of failed attempts

end-to-end security via several supported network topologies

Device management Automatic device updates

Multiple device per user support

Centralized view of connected users/devices & their status; Admins allow/deny access by policy

Ease of configuration and deployment *Killer App* for IT shops !!

Disaster Recovery Leverages mature Domino DR capabilities

Serviceability - Problem reporting utility and intuitive log viewer/management tools

Enhancements delivered frequently through .x (point) releases

LotusLive - Common mobile solution for on-premise or LotusLive Notes cloud service, or a hybrid

Lotus Notes Traveler Value Statement
beyond mail/calendar/contact 2-way sync (push)

Lotus Notes Traveler 8.5.2.3 for Android/Apple/Nokia/Windows Mobile shipped:

10 June, 2011 !

Enhancements in 8.5.2 and beyond

Lotus Mobile Installer - Automatic upgrade notification

Linux server support RHEL 5, SuSE 10/11

Meeting Invitations on iOS (create and accept)

Corporate Name Lookup

Scheduled Synchronization - sync during peak/off peak hours

Data Roaming detection suspends sync; saves data costs & battery

Support for Windows Mobile 6.5

Self service wipe!

Enhancements in 8.5.2 and beyond - continued

Ability to specify/enforce Domino security settings on iOS and Android

Device password (Android)

Prohibit ascending, descending and repeating sequences

Require alphanumeric value (Android)

Minimum password length (Android)

Minimum number of complex characters

Password expiration period

Password history count

Auto lock period (maximum) (Android)

Wrong passwords before wiping device (Android)

Prohibit camera

Prohibit unencrypted devices

Prohibit devices incapable of security enablement (Android)

iOS partial (Traveler only) wipe

8.5.3 Beta What's New!! (planned for 3Q)

Android Enhanced Installation

Android Home Page Widgets for mail and calendar

Android Calendar Invite creation, quick switch days/weeks, week view hints

Android Tap-to-dial for calendar entries

Android Mail enhancementsCopy/paste from clipboard

Added a Send button to the compose email form

Android multi-line signature

Added Android OS 3.0 Support

Group name lookup

Domino Mail-in db returned with Name Lookup

Select which applications are allowed to sync for Apple devices

Reply and Forward indicators from Apple devices

Device approval

Symbian^3 support

Android improved installation

Single application (no separate Lotus Installer that was previously used)

First time installing version 8.5.3, old Lotus Installer application will be removed if found

Features from Lotus Installer such as automatic client update integrated into Lotus Traveler application

If installing via built in Android browser, installation panels now pre-fill server name and user id

Works with most browsers that use Android browser history features

Android improved installation (2)

Lotus Traveler application now includes new options in the tools menuCheck for updated software

Uninstall application

Android Chair side meeting support

Now supports chair side meeting actions

Meeting owner can now do the following from the deviceCreate meetings with attendees

Reschedule meetings

Modify meetings

Cancel meetings

Android Tap to dial for calendar

Phone numbers included in a calendar entry are now hot spots that when clicked will dial the number. Number can be included in fields:Subject

Location

Description

Supports conference dialingP and , (comma) characters interpreted as a pause

'#' to enter the conference code

';' or 'x' to prompt user before sending codes

Android Calendar improvements

Week view now displays text (as much as display will allow)

Performance improvements when navigating (swiping) between days

Performance improvements when scrolling large calendars

Revised menu experience for Android 3.x tablets

Android Mail Widgets

Lotus Traveler mail widget now available to add to Android home screens

Comes in large (3x3) and small (4x1) formats

OS 3 tablet widget includes smooth scrolling feature

Click mail icon to launch the mail application

Open individual mail items

Compose message by clicking '+' symbol

Android Calendar Widgets

Lotus Traveler calendar widget now available to add to Android home screens

Comes in large (3x3) and small (4x1) formats

OS 3 tablet widget includes smooth scrolling feature

Click calendar icon to launch the calendar application

Open individual calendar items

Create new calendar entries by clicking '+' symbol

Android Type-ahead Lookup

Server lookup done automatically when composing a new mail or searching for a contact using the Lotus Lookup application

Lookup results now display contact photo if available in local contacts

Results display person, group or mail-in database silhouette if results contain different types

Android Select text

Use 'Select Text' menu option to copy text from mail or calendar documents

Long press inside another document or application and select 'Paste

Android Multi-line signature

Multi line mail signatures now possible on Android devices

Lotus Traveler->Settings->Applications

Signature added to all new mail messages composed on device

Nokia Symbian^3 Support

Symbian^3 devices now supported

New SIS installation package created for S3 devices

Device support includes (but not limited to)Nokia E7

Nokia C7

Nokia C6-01

Nokia N8

Nokia Encrypted device policy

Server policy can be defined to require that only encrypted Nokia devices are allowed to connectProhibit unencrypted devices

Device user must encrypt phone and mass storage using Nokia supplied utility

Only supported for Nokia Symbian^3 devices

Requires Nokia Symbian Anna level firmware release

Apple iOS Data only wipe

Remote wipe option now available for Apple devices to remove only Lotus Traveler dataContacts

Calendar

Email

Command available via self-service Traveler home page or administrator database

Apple iOS Data only wipe (2)

Data is removed from device, but profile or account settings remain

As with all wipe operations, device cannot connect back to Traveler server until the administrator clears the wipe order

Device user receives mail message on device indicating that wipe order was completed

Server Device Approval Policy

If policy is enabled, administrator must explicitly approve end user device before it can access the Lotus Traveler service

Set number of devices to allow before approval to zero if all devices must be pre-approved

Optional address list can be used to notify administrator by mail when device approval is pending

Server Device Approval Policy (2)

Lotus Traveler administration database keeps track of approval status

Administrator uses Change Approval action to approve or deny

Sort by Approval column

Server Lock sync applications for Apple

Administrator policy set using Domino Lotus Traveler Settings

Lotus Traveler server now enforces the Set value and prevent changes option for Apple devices

Policy can turn mail, calendar or contacts off. Application still exists on device but will not receive or sync any data

Server Mail Routing and Lookup

Mail routing configuration is no longer required on the Lotus Notes Traveler serverMeeting notices are sent via the user's mail server's mailbox

SMS messages (if configured) are sent via the user's mail server's mailbox

Meeting notices no longer appear to be sent by the Lotus Notes Traveler server

Corporate lookup (aka Name Lookup) requests are executed against the user's mail server's directoryPreviously all requests executed against the Traveler servers directory

Will be more consistent with a Notes client's lookup results

Change back to the old behavior by setting NTS_TRAVELER_AS_LOOKUP_SERVER=true in notes.ini on Traveler server

Lookup results now include Group names and Mail-in databases

Apple iOS Reply/Forward Indicators

Mail replied to or forwarded from the Apple device will now have the reply or forward indicator set in the server mail copy

Cannot yet keep reply/forward indicators in sync with device still a current restriction

Agenda

Mobile Landscape and TrendsLotus Mobile StrategyLotus Notes Traveler Timeline

What's New

Security

Best Practices

Reference Links

Q & A

Device Security Capabilities

Lotus Notes Traveler8.5.18.5.28.5.2.3

AppleNokiaWMAppleNokiaWMAndroidApple

1Encrypted data in transit (HTTPS)YesYesYesYesYesYesYesYes

2Domino encrypted mailYesw/ Companion(read only)YesYesYesw/ Companionread (reply, fwd, send in test)YesYesYesYesw/ Companionread (reply, fwd, send in test)

3Remote wipeYesFull reset onlyYesFull or Traveler onlyYesFull or Traveler onlyYesFull reset onlyYesFull or Traveler onlyYesFull or Traveler onlyYesFull or Traveler onlyYesFull or Traveler only

4Encrypted data at restNoNo2No2Yes1via Domino policiesNoNoYesYes1via Domino policies

5Password monitoringYes4via IPCUYesYesYes3via Domino policiesYesYesYesYes3via Domino policies

Footnotes for previous slide

1. Whole devices can be encrypted, and can be enabled and enforced with the security policies in 8.5.2+. iPhones that don't support hardware encryption can be blocked. The 3GS & 4G support hardware encryption, Original and 3G don't. Domino policies that admins can use to force the enablement of encryption and block unencrypted phones are:Prohibit unencrypted devices

Prohibit devices incapable of security enablement

2. Storage cards can be encrypted. Data in native PIM/email applications is not encrypted except for Domino encrypted mail.

3. Domino Policies that admins can use to manage passwords are:Device password

Prohibit ascending, descending and repeating sequences

Require alphanumeric value

Minimum password length

Minimum number of complex characters

Password expiration period

Password history count

Auto lock period (maximum)

Wrong passwords before wiping device

Dynamic policy changes (admin changes are automatically synchronized to the device without requiring user interaction)

4. Static policy changes (user must remove and reinstall the Apple Profile)

On-device encryption

iOS - Except for early models (original and 3G) the iPhone/iPads are password protected at the device level and, by definition, data is encrypted. The level of encryption is controlled by Apple and is described here: http://www.apple.com/iphone/business/integration/Device policies, restrictions and strong encryption methods on iPhone provide a layered approach to keeping your information secure. iPhone uses AES 256-bit hardware encryption to protect all data at rest. To further secure mail messages and attachments iPhone uses Data Protection which leverages the unique device passcode to generate the encryption key. And, in the event of a lost or stolen iPhone, all data and settings can be cleared by issuing a remote wipe command from Exchange or a Mobile Device Management server.

Android - Mail, calendar, attachments, are fully under Traveler control and are all AES 256 encrypted. Contacts application comes with the OS and is outside of Traveler and therefore not encrypted by Traveler.

Nokia/Symbian - Storage cards can be encrypted. Mail/PIM data is not encrypted except for Domino encrypted email, but certain Symbian device models (E5, E52, E55, E72) support encryption, though not enforce-able by Traveler.

Windows Mobile - Storage cards can be encrypted. Mail/PIM data is not encrypted except for Domino encrypted email.

Traveler Companion for iPhone/iPad

Companion App for iPhone/iPad; Read/compose Domino encrypted mail

Free download available from Apple iTunes Apps Store

Coming soon password caching (enter password once per session)

Android Device security capabilities

Traveler Mail and Calendar data encrypted (on phone storage or sdcard)

Wipe and Password policies primarily based on Android 2.2 security capabilities:Device wipe to factory settings, sdcard wipe, Traveler data only wipe

Alphanumeric device level password enforcement

Android 2.1 and older not capable of device or sdcard wipe, or device level password enforcement Setting in the Traveler server security policy can control if these devices are allowed to connect to the Traveler server

Security Planning and Capabilities

Admin can pullback request if caught before command activation.

Remote Wipe

Several wipe options available for Android/WM/Nokia,Apple

Hard reset device action removes all data and applications on device

Wipe commands are delivered over TCP and SMS push channels (no SMS support on iPhone)

Wipe order remains in effect on the server until cancelled

Default Settings and Security Profiles

LotusTraveler.nsf Default Settings view

Alternative to Domino Traveler Settings in policies

Filtered access -Restrict access by device category

Examples:"Apple" - all Apple devices are allowed to sync, but no other devices.

"(IBM SyncML Client)|(Lotus Traveler WM)" - All Windows Mobile devices (old and new) are allowed to sync, but no other devices.

"(Nokia SyncML HTTP Client)|(Lotus Traveler Nokia)" - All Nokia devices (old and new) are allowed to sync, but no other devices.

"Lotus Traveler * 8.5.2" - Only 8.5.2 Windows Mobile and Nokia clients are allowed to sync, but not Apple devices.

"(Apple)|(Lotus Traveler WM)" - Only Apple and 8.5.2 Windows Mobile clients are allowed to sync, but not Nokia devices.

"Apple-iPhone/7" - only Apple iPhones (not iPods or iPads) using OS 3 are allowed to sync (Windows Mobile and Nokia devices are not allowed either).

"Lotus Traveler Android" - Only Android devices are allowed to sync.

More information - http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Restricting_access_by_device_category_LNT8521

Network topologies

Three network topology options to consider.....Direct connect

Reverse Proxy

VPN Configuration

Direct Connect

Understanding data flow using Lotus Notes Traveler in the DMZ

Internet Domain (untrusted)DMZIntranet Domain (trusted)

Lotus Domino mail servers (7.0.2 +)

Lotus Domino 8.5.2 with Lotus Notes Traveler 8.5.2.x service

Apple devices

Push Request (SSL/443)

Periodic poll for DB changesNotes RPC (TCP/1352)

App needs to sync

Sync Request (SSL/443)

Data accessNotes RPC (TCP/1352)

Android,Nokia & Windows Mobile

SMS Email Notification (optional for Android/WM/Nokia only)

Reverse Proxy

Reverse Proxy Configuration

VPN Configuration

Virtual Private Network

Things to know

Guidelines for configuration/Infrastructure
See doc on planning your environment -- http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Planning_your_network_topology_LNT8521

Capacity planning
- See 8.5.2 performance report --- http://www.ibm.com/developerworks/lotus/library/notes852-trav-perf/index.html
- See capacity planning doc -- http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Server_capacity_planning_LNT8521
- Capacity is based on workload which can vary incredibly between deployments. Look at things like CPU, memory, etc. For initial planning purposes ~ 2K per server is an upper end ballpark

Memory and thread sizing confusion with some users (e.g. some Traveler servers still have 100 HTTP active threads when they might really need 300)
- See configuring a Traveler server -- http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Configuring_Lotus_Notes_Traveler_server_LNT8521
- MUST READ - Tuning section of the doc - http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Tuning_performance_of_the_server_LNT8521
- Traveler Health check command - "tell traveler status" tells you if your HTTP threads are too low or if you are using more devices than you have threads allocated.

Server Best Practices

Install Lotus Traveler on Windows 64-bit server

Access to > 2GB virtual memory is critical in larger mobile user populations (> 300)

Virtual memory is shared across all Domino processes and can exceed 2GB

Reduce memory overhead with notes.ini setting NTS_BUFFER_POOL_SIZE_MB=256

Avoid running multiple applications on the Lotus Traveler server

Some applications make server changes which are not compatible with Lotus Traveler (e.g. Disabling HTTP JVM)

Reference links

Lotus Notes Traveler Product Page
http://www.ibm.com/software/lotus/products/notes/traveler.html

Lotus Notes Traveler Support site
https://www-304.ibm.com/support/docview.wss?uid=swg24019529

Lotus Notes Traveler Wiki (8.5.2 and beyond)
http://www-10.lotus.com/ldd/dominowiki.nsf/xpViewCategories.xsp?lookupName=Lotus%20Notes%20Traveler%208.5.2%20Documentation

Restricting access by device category
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Restricting_access_by_device_category_LNT8521

Greenhouse (to test-drive Lotus Notes Traveler!)
http://greenhouse.lotus.com

Companion App on iTunes
http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewSoftware?id=346633404&mt=8

Lotus Notes Traveler 8.5.2 Performance report
http://www.ibm.com/developerworks/lotus/library/notes852-trav-perf/index.html

Nomination form for 8.5.3 beta program !
https://www-304.ibm.com/software/earlyprograms/surveys/cust/nomination.wss?id=1163

THANK YOU!!

Grazie agli sponsor per aver reso possibile il DDive 2011!

Main Sponsor

Premium Sponsor

Prime Sponsor

27

Accelerated Value Program 2010 IBM Corporation

ibm_light_gray_logo_300dpi

27

2727 2010 IBM Corporation

ibm_white_logo_300dpicircleR

2727

2011 IBM Corporation

ibm_light_gray_logo_300dpi

Click to edit the outline text formatSecond Outline LevelThird Outline LevelFourth Outline LevelFifth Outline LevelSixth Outline LevelSeventh Outline LevelEighth Outline LevelNinth Outline Level



Click to edit the title text format







Click to edit the notes format


Click to edit the outline text format

Second Outline Level

Third Outline Level

Fourth Outline Level

Fifth Outline Level

Sixth Outline Level

Seventh Outline Level

Eighth Outline Level

Ninth Outline Level







Third Outline Level


Fifth Outline Level

Sixth Outline Level



Ninth Outline Level






Third Outline Level


Fifth Outline Level

Sixth Outline Level



Ninth Outline Level



All adultsAges 18-29

Social networking2348

Instant messaging3046

Email3452

Access internet4065

Send photo/video5481

DDive11 - IBM Lotus Notes Traveler

Technology

Transcript of DDive11 - IBM Lotus Notes Traveler