FAQ: Google Apps For Business Integration

Does AirWatch integrate with Google Apps for Business?

Yes. Google Apps for Business is a suite of tools to manage email, contacts, and calendar items, which include the Gmail email infrastructure. Integrating Google Apps for Business with your AirWatch environment adds an additional layer of security by securing the email traffic endpoint and preventing it from circumventing the secure endpoint.

 

What are the benefits of integrating Google Apps for Business with AirWatch?

  • Flexible configuration while maintaining tight integration
  • Email monitoring and management
  • Customizable access control
  • Google Apps for Business support

 

What are the requirements to integrate?

To successfully integrate, you need access to Google services authenticated using a Single-Sign-On and Active Directory/Lightweight Directory Access Protocol credentials for applicable end-users. Email addresses in Google must match those of users in AirWatch. However, because AD/LDAP credentials cannot be used for Google synch, each account must use a different password for accessing Google Apps for Business and for AirWatch.

 

Are there multiple configuration options available?

 

Yes. Available configurations are as follows: Standard (recommended) integration:

  • AirWatch communicates with Google Apps directly.
  • You have visibility of managed devices through the device dashboard within the AirWatch Admin Console.
  • Device compliance is based on MDM compliance policies configured in the AirWatch Admin Console.
  • When a device is deemed non-compliant, the account password is changed in Google.

 

Standard integration without Password Retention:

  • AirWatch communicates with Google Apps directly.
  • You have visibility of managed devices through the Email dashboard within the AirWatch Admin Console.
  • Device compliance is based on email policies configured in the AirWatch Admin Console.
  • When a device is deemed non-compliant, the Exchange ActiveSync profile is automatically removed from the device.

 

SEG Proxy:

  • The SEG manages email traffic to and from the device.
  • You have visibility of managed and unmanaged devices through the Email dashboard within the AirWatch Admin Console.
  • Device compliance is based on email policies configured in the AirWatch Admin Console.
  • The password remains on the device and the SEG blocks any requests to retrieve email from Google.
  • Ability to perform attachment security (in AirWatch 6.4).

 

How is integration completed?

Regardless of the configuration you select, integration is accomplished using the same basic process:

  • Configure email settings for Google Apps for Business. Note: If applicable, specify SEG usage and password retention options for your integration in the AirWatch Admin Console System Configuration when you initially configure email settings.
  • Deploy Exchange ActiveSync profiles to applicable end-user devices.
  • Create a dedicated Admin role for integration.
  • Enable the Google API.

 

What server URL is used in the Google email profile?

When configuring the profile, use m.google.com as the Exchange ActiveSync host.

 

What is a Password Purge?

A password purge can be configured so that when a device is found to be non-compliant, the Exchange ActiveSync profile is automatically removed (provided a compliance policy is set) from the device and the password through which a user logs in to Google Apps is changed without the knowledge of the user. When the user attempts to log in using the old password, they are denied access. Once the device is compliant, the Exchange ActiveSync profile is republished to the device and the password is reset. To achieve this, disable "Use Recommended Settings" and "Retain Google Password" in Advanced Email Settings. By default, this option is enabled to encrypt and to store the Google password in the AirWatch database. Once this option is deselected, you can also configure the following options:

  • Google Random Password Length – Enter the preferred random password length. Minimum accepted characters is eight and maximum is 100.
  • Password Retention Period – Enter the number of hours the password should be retained temporarily for management purposes. The default value is 48.
  • Auto-rotate Google Password – Select this checkbox to reset the password once within the specific period. The Scheduler runs to check if any user's password needs to be reset within the specified period.

Auto-rotate Google Password Period – Enter the specific period to reset Google password. The default period is 30 days.

Have more questions? Submit a request

0 Comments

Article is closed for comments.