Reference / Troubleshooting

2G or not 2G, that is the question...

As you will no doubt have heard rumblings about, the 900MHz spectrum is being opened up globally for 3G use and some manufacturers are already shipping devices that are able to take advantage of this. But what does that actually mean?

Currently, mobile devices are typically referred to as either ‘tri-band’ or ‘quad-band’ and either ‘single mode’ or ‘dual mode’.
The terms tri-band and quad-band refer only to the bands which the device is able to use for GSM/GPRS service: tri-band = 900/1800/1900 MHz and quad-band=850/900/1800/1900 MHz.
The terms single mode and dual mode refer to whether the device is a GSM/GPRS-only device, or whether it is both GSM/GPRS and UMTS capable.

The frequencies that a device is capable of using for GSM/GPRS service tend to be referenced specifically, because different parts of the world use different bands, therefore it is important to know that a given device will work in your part of the world.
However, UMTS-capable handsets are simply referred to as ‘dual mode’ because UMTS uses the same frequency globally: 2100MHz, so there is no need to be any more specific (although having said the implementation of UMTS in North America only uses 2100MHz for downlink, the uplink channel differs in North America from the rest of the world).
The recent announcement that 900MHz is now being made available for UMTS service means that it will now be necessary to refer to devices as being both quad-band (GSM) and dual-band (UMTS).

NOTE - when devices are referred to as being ‘900MHz-capable’, they actually operate within a range of different frequencies around 900MHz, depending on which mobile operator the SIM is with. 900MHz is used as an umbrella term.

Why is this happening?

This decision is a global one, made by the ITU, the International Telecommunications Union, part of the UN, which is responsible for managing the global interoperability of mobile networks, and approved by the EU for implementation within Europe.

As you’ll know from my guide to mobile data technologies (http://blog.brightpointuk.co.uk/introduction-mobile-data-technologies), 3G network protocols are attractive not only to the customer because they provide higher data rates, but also to the mobile operators because they enable them to cram higher numbers of users onto base stations and make more efficient use of the available bandwidth, enabling simultaneous voice and data transmissions, etc.
The physical properties of the 900MHz spectrum from a radio perspective mean greater coverage and less signal attenuation than the 2100MHz band. It therefore makes sense to use 3G network protocols in preference to the older GSM standard wherever possible.
Essentially, GSM is now ‘old hat’ and this is the first step in the move to retire it altogether.

In the UK this has caused some controversy among the operators due to the fact that when mobile networks were first launched in the UK, backed by the government, the 900MHz spectrum was effectively given away to Vodafone and O2 for nothing.
Orange and T-Mobile rolled out later using the 1800MHz band.
Network-sharing agreements between operators mean that these distinctions are no longer as clear-cut in places, and Vodafone also own a small amount of frequency in the 1800 MHz region.
Tri-band and quad-band devices are able to use both of the frequencies so it is not a problem: both frequency-selection and cell hand-over happen transparently to the user.
The important bit is that when the 2100MHz frequency band was auctioned off by the government for 3G services, all networks (including Hutchison 3G, or Three) paid for their chunk on the understanding that this was the only frequency where 3G services would be permitted.
The news that the 900MHz band is now going to be allowed as well, means that Vodafone and O2 can effectively increase their 3G coverage for nothing. Well, not ‘nothing’ – it will cost billions and take years to update the network, but these operators have the option to do this – the others do not, and this is why they’re now complaining.
OFCOM are considering levying a charge to Vodafone and O2 to be able to use the 900MHz spectrum for 3G service, despite the fact that they already own the bandwidth.
Whatever the decision arrived at by the operators and OFCOM – this is happening from a technology standpoint and financial squabbles bear no impact on the technology or its deployment globally.

So what?

As with current services all of the clever radio stuff will happen in the background: if your device is a dual-band UMTS device, it will ‘know’ itself what frequency to use automatically.
When the 900MHz frequency allocation is 'turned off' for GSM use by the operator, then users will have no choice but to use a UMTS-capable device - which the networks will no doubt offer as part of the upgrade process. Although operators may decide to further divide up the chunk of the 900MHz spectrum allocation they own and run both 2G and 3G service concurrently while 2G handsets are slowly phased out.

As the networks deploy 3G services using the 900MHz band instead of 2100MHz, we may start to see older single-band 3G-capable devices similarly being replaced as they won't be able to fallback to GPRS service, and won't be able to use the 900MHz band for 3G service.

For reference, if you’re interested, the global radio frequency map for mobile phone usage looks like this:

Network Frequency Bands

At some point in the future the 1800MHz band will also be replaced as we head towards a 2G switch off entirely in Europe.

Checking data usage on a BlackBerry

In order to check the amount of data you have sent and received over your mobile network operator from your BlackBerry Smartphone, open the Options menu.
Select Device
Select Device and Status Information

You will see your status screen for signal strength, battery charge, memory, etc.
Although there is no text field to type into, just type BUYR and press enter.
Scroll down to the bottom of the screen.
Your voice and data counters will be displayed:

BlackBerry data usage

NOTE - these counters are not reset following a device reboot.

Checking data usage on an Android device

In order to monitor the amount of data you send and receive over your mobile network operator from your Android device, Stats is a free application available from the Android Market which displays call and data usage, both cellular and WiFi, as well as SMS usage:

Android data usage

Alternately Onavo is another useful application which can provide real-time usage information by application:

Onavo for Android

Checking data usage on the iPhone

In order to check the amount of data sent and received over your mobile operator from the iPhone, select Settings.
Tap on General:

iPhone data usage

Tap on Usage:

iPhone data usage

Tap on Mobile Usage:

iPhone data usage

Your call and data counters will be displayed.

NOTE - these counters are reset when the iPhone is powered off.

Choosing a Device Management solution Q3 2010

Choosing a device management solution

As PDAs become increasingly powerful and the need to access and store larger amounts of data rises, so does the need to secure that data. When deploying mobile devices and granting users remote access to local network resources, be it email, an intranet site, file shares or specific line of business applications, the administrator needs to know that those devices are doing so securely, will automatically lock themselves if left unattended and can be remotely wiped if they are suspected of being lost or stolen.

In this article I shall look at the foremost products available today, in the author's opinion, as well as the features that should be considered when evaluating a device management solution. If you are interested in knowing more, or have any questions relating to any of the information in this article, call Brightpoint today on 0870 849 0225.

When choosing a device management solution, there are a number of approaches that you can take: you may have decided a client device type and wish to know what solutions are compatible; you may have a specific feature set that you need to be available to your users; or similarly a set of features you don't want to be available.
In this article I shall look at the foremost device management solutions available currently, in this author's opinion, providing support for Windows Mobile, Symbian, BlackBerry, Android, Windows (ie, desktops) and the iPhone.


Features

When considering a device management solution, there are a number of guidelines that should be taken into account:


The Players

In this article I shall look at the following products:


Technologies

The Open Mobile Alliance (OMA) is a standards body responsible for developing and ratifying open standards for the mobile phone industry and currently maintains a number of protocols providing device management functionality adopted by a wide range of device manufacturers, including:

The OMA Client Provisioning protocol enables the remote configuration of device settings by the sending of specific SMS text messages, including such elements as:

Provided that the handset supports the standard OMA-CP protocol, it can be configured with the necessary settings to enable it to be able to connect to the Internet and connect to a OMA-DM server, with no need for any additional software or user expertise, simply by sending the device a specific SMS message. All that is required from the user is to accept the message and, if configured, enter a security PIN code.

The OMA Device Management (OMA-DM) protocol is an open standard enabling the configuration of a wide range of device parameters. XML-based configuration files are delivered to client devices from an OMA-DM server, these files containing virtually every setting you can think of that can be configured, including Exchange ActiveSync, VoIP, Certificates, VPN, Intranet and VoIP parameters.
I have written about these technologies previously in a separate article (http://blog.brightpointuk.co.uk/what-oma-dm)


Microsoft Exchange Server 2003 SP2

Although a messaging and collaboration platform primarily, Exchange 2003 is worth a mention in this article as it does possess limited device management capability and thanks to its widespread adoption, companies looking for basic remote wipe and password enforcement features may find that they have the necessary tools already.

The Server ActiveSync protocol introduced with Exchange 2003, not only provides bi-directional mailbox data synchronisation, but can also be used for the enforcement of a password policy on any device that supports Server ActiveSync, including Windows Mobile 5 or later, the Nokia E and N series, HTC Android-based devices, as well as the iPhone:

Exchange 2003 Device Management

All of the devices mentioned above have the corresponding Server ActiveSync client built in. In the case of Nokia handsets updates to the Mail For Exchange application are released regularly and can be downloaded free of charge from the Nokia web site: http://europe.nokia.com/find-products/nokia-for-business/software/email-...

Dataviz RoadSync is a third party client application that enables Server ActiveSync functionality on devices with no native client, including Android, Palm and Symbian UIQ devices. This client application does not require any additional configuration on the Exchange server and can extend the device management capabilities of Exchange 2003 to a wider range of devices.

Any device, provided that it has a Server ActiveSync client installed, can also be remotely 'killed' from the Exchange server by the administrator by the installation of a free update to Exchange 2003 from Microsoft, called the Mobile Device Administration update. This tool adds a web interface to the Exchange server, accessible at https://(exchange_server)/mobileadmin:

Exchange 2003 Device Management


Microsoft Exchange Server 2007 SP1

The release of Exchange 2007 added several device management features to the Server ActiveSync protocol, all of which have now been carried over to Exchange 2010. The full range of features is only available to Windows Mobile devices, running version 6.1 of the WM operating system or later, but a varying degree of functionality is also available to other devices depending on how much of the EAS protocol the device manufacturer has been able to implement on their hardware.
New features include:

Exchange 2007 Device Management Exchange 2007 Device Management

These settings can be saved as policies and be assigned to individual users or groups, meaning that different types of users can be assigned more or less control over their devices as required.

In addition to these new features, Exchange 2007 can still enforce password usage and remotely kill all Server ActiveSync-capable devices, with the addition of the ability of users to remotely kill their own devices via Outlook Web Access (OWA).

With both Exchange 2003 and 2007 / 2010, client devices need to be able to contact the Exchange Server directly, therefore the server must be Internet-facing. A front-end, back-end deployment is supported, as is Microsoft's ISA server product.
Client-Server communications are secured via SSL. Ideally the Exchange server should have a root-trusted certificate installed on it to simplify client setup. Self-issued certificates can be used, but can require on certain devices that the corresponding client certificate be installed onto devices manually.
Device Management policies are applied to devices automatically when they authenticate against the Exchange server to synchronise mailbox data, therefore users do require Exchange mailboxes and at least one mailbox folder must be successfully synchronised (be it Mail, Contacts, Calendar or Tasks) for the device management policy to be applied to the device.
Server ActiveSync connections require that the user know and enter the following information: server address, username, password and domain.


IBM Lotus Traveler

As with Microsoft Exchange 2003, IBM Lotus Traveler is a remote email synchronisation product primarily, but version 8.5.1 of the product does provide limited device management functionality for the Windows Mobile platform as well as Symbian and the iPhone. Therefore, companies using Lotus Domino as their email platform who are looking to deploy, or already have deployed, a remote email solution and require basic device management tools to enforce password usage on client devices and the ability to remotely kill lost or stolen devices, should consider Louts Traveler.
I have posted about this product previously in the Domino section of the blog: http://blog.brightpointuk.co.uk/lotus


Google

Google has added a number of device management features to its Premier Apps service, enabling businesses that pay to have their email service hosted by Google to perform the following actions on their devices remotely via group policy, or by the administrator via a web browser:

Google Apps device management features


Microsoft System Center Mobile Device Manager

SCMDM is part of the Microsoft System Center suite of products and is designed to enable the administrator to manage a fleet of Windows Mobile client devices using Active Directory Group Policy. Devices are 'enrolled' into the domain and any device configuration or usage policies are applied automatically, depending on the user's group membership, in exactly the same way that desktop PCs and user permissions are managed. Only Windows Mobile devices running version 6.1 of the WM operating system or later are supported.
I have posted about this solution in detail in a separate article here - http://blog.brightpointuk.co.uk/microsoft-system-center-mobile-device-ma...

As the Microsoft advertising tagline goes, System Center products are designed for "big". The solution requires a separate server running 64-bit architecture as well as a Microsoft SQL 2005 Server.
Client devices connect to the SCMDM server directly, therefore as with Exchange, there must be one Internet-facing server secured with an SSL certificate, ideally a root-trusted certificate to avoid the need to install self-issued certificates manually.
Pre-defined policies allow the administrator to automatically enable or disable:

But, unlike Exchange, users do not necessarily need to have an Exchange mailbox or synchronise mailbox data in order to have corporate device usage polices applied to their handhelds automatically.

On-device encryption can be enforced, Internet access points can be configured automatically on client devices, and devices can also be remotely wiped.
Software updates can be delivered to client devices by integrating the SCMDM server into an existing WSUS deployment.
The solution also provides extensive inventory collection and reporting capabilities, as well as a mobile-optimised VPN solution enabling access to LAN-based resources from the remote client device. Applications can be delivered to client devices and installed automatically.

System Center Mobile Device Manager

Client devices can be configured for access quickly and easily using the Device Enrollment feature, pre-installed on Windows Mobile 6.1 devices. Users are assigned a password by the administrator on the SCMDM server. Users need then simply enter their email address and the password issued to them by the administrator. The device will 'know' from the domain entered in the email address, the address of the SCMDM server to look for. This does require that the administrator add an entry for the SCMDM server in external DNS along the lines of 'mobileenrol.domain.com', but does enable devices to be automatically configured without the need for the user to know complicated server and domain information as with Server ActiveSync as we saw earlier.


SOTI MobiControl

SOTI are considered by many to be the safe choice when evaluating device management solutions for the Windows Mobile platform only. MobiControl is a fully-featured solution offering real-time remote control and screen-sharing, file synchronisation, registry editing, screen capture and video recording, application installation, whitelisting and blacklisting, hardware control, you name it - if it is Windows Mobile-based, then SOTI MobiControl can achieve what you need to accomplish from a device management perspective, be it for a large corporate or a small IT helpdesk.

I have blogged about this solution in detail here - http://blog.brightpointuk.co.uk/soti-mobicontrol

Requiring Windows Server 2000 or 2003 for the server component, the solution also requires a Microsoft SQL server database to store configuration information. For smaller deployments, the free MSDE SQL Desktop Engine can be used. A client application must be installed on devices, which are 'built' on the server with the necessary connection settings and require no configuration by the user, which can be downloaded from a web site the link to which can be SMS'd to the user's device. The server itself needs to be Internet-facing for client connectivity and uses a single, administrator-defined, TCP port for client-server communication.
The solution also offers extensive inventory collection and reporting capabilities, and can also be integrated with GPS to provide real-time device tracking and location history:

SOTI MobiControl


EveryWAN Mobility Manager

For those companies looking to manage a fleet of devices running only the Windows Mobile platform, then alongside SOTI, EveryWAN Mobility Manager should also certainly be evaluated. Offering a similar feature set to SOTI in terms of device management, it also has the benefit of supporting Linux as the server platform and can use a wide range of database back ends including PostGRE SQL, MySQL and Oracle as well as Microsoft SQL Server.
I have blogged about this solution in detail here: http://blog.brightpointuk.co.uk/everywan-mobility-manager

EveryWAN Mobility Manager

As with SOTI, the EveryWAN solution offers real-time remote control and screen-sharing, file synchronisation, registry editing, screen capture and video recording, application installation, whitelisting and blacklisting and hardware control. The one element that EveryWAN does not offer currently is the GPS integration.
The server itself needs to be Internet-facing, and a client application needs to be installed on client devices, which communicates with the server using a single, administrator-defined, TCP port secured by TLS. The client installation package itself is 'built' on the server containing all the required connection information, requiring no further configuration by the user, and can be downloaded from a web server either within the device browser and or can sent via SMS as a link.


Perlego

Extending the umbrella beyond solutions that only cater for Windows Mobile, Perlego is a completely hosted, web-based device management solution requiring that no server hardware be deployed by the customer. Because the solution is hosted, there is also virtually no lead-time to get the solution up and running. I have posted about this solution in more detail here:

http://blog.brightpointuk.co.uk/perlego

Supported client platforms include:

A client application needs to be installed onto the device, but is this downloaded simply by browsing to the Perlego web site. As the solution is hosted, there is no configuration required on the client - the user simply needs to enter a license key which they can get from the company administrator.

The administrator can then upload applications and documents to the Perlego servers and specify which clients should have access to those files.
Script-based routines can be configured on the server that can deploy a wide range of configuration settings to devices. This does require that the administrator know what format these scripts need to be in, but provided you know your way around OMA-DM XML configuration, the solution quickly becomes quite powerful.
The solution also provides a full or selective device backup and restore feature.


DME by Excitor

Excitor is a Danish software development company specialising in device management and cost control solutions for the enterprise. DME is a modular suite of applications enabling remote management of Windows Mobile and Symbian devices as well as an optional email synchronisation application for Windows Mobile, Symbian, Android and the iPhone.

The device management capabilities of the solution include the ability to deliver initial Internet connectivity, email and VoIP configuration settings via SMS, after which a full client application can be downloaded to the device to enforce password usage policies, collect inventory information, disable specific hardware and software elements on the device and deliver applications and documents.

DME by Excitor

The solution also features a number of additional tools including an on-device encryption utility and a tool for recording voicemail messages.

I have blogged about the solution in detail here - http://blog.brightpointuk.co.uk/excitor-dme-mobile-device-management

The solution uses a server-client model, requiring an Internet-facing server that can run either Microsoft Windows Server or Linux as well as a database installation (either MS SQL or MySQL).


Fromdistance

Fromdistance is a device management solution for Windows Mobile, Symbian and more recently BlackBerry devices, using the OMA-CP and OMA-DM protocols.
Again using a client-server model, the server uses the LAMP (Linux, Apache, MySQL, PHP) platform and can be deployed very quickly and cheaply. Client devices can be configured for Internet access via SMS using the OMA-CP protocol, and a link to the full DM client can also be sent via SMS. Once downloaded and installed, the DM client can then connect to the DM server and perform further device management tasks.
SMS messages can be sent from the server to client devices using Fromdistance's own SMS application, FromSMS (http://blog.brightpointuk.co.uk/fromsms).
The solution supports a wide range of hardware and software control policies, inventory collection and reporting, file and application package delivery.
The solution also provides VNC-based remote control of supported client devices.
I have blogged about this solution in detail here - http://blog.brightpointuk.co.uk/fromdistance-mobile-device-manager

Fromdistance

The decision to support BlackBerry does not offer any features that the BES solution cannot, which I will look at in a moment, but it does mean that administrators managing a mixed environment can choose to manage BlackBerry devices from within Fromdistance alongside their Windows Mobile and Symbian devices.


BlackBerry Enterprise Server

Because the BlackBerry server solution and handset devices are all developed by RIM, the solution features extensive device management capabilities: but only on Blackberry devices.
Virtually any element of the device's hardware and software functionality can be enabled or disabled through policy settings on the BES, including:

Because all data requests issued from BlackBerry handhelds go via the BES, any DNS restrictions applied on the LAN are automatically applied to the handheld devices, so if Facebook or MySpace, etc have been blocked on the LAN these sites will also be unavailable on the remote devices, by virtue of the fact that they sit "behind" the BES. The same applies to firewall restrictions: any ports blocked between the BES and the Internet will be unavailable to client devices.
The installation of third party applications can be blocked, and updates to existing applications can be delivered OTA from the BES using the Mobile Data Service (MDS).

Due to the architecture of the BlackBerry solution, which involves a middleware server deployed by RIM with the mobile network operator, known as the 'RIM Relay', the BES server does not need to be available from the Internet; it simply needs outbound access on TCP port 3101.

Detailed articles on the whole BlackBerry product family can be found in the BlackBerry section of the blog: http://blog.brightpointuk.co.uk/blackberry


Sybase Afaria

Sybase Afaria can be regarded as the "Gold" device management solution. I have posted about this solution in detail in a separate article here:

http://blog.brightpointuk.co.uk/sybase-afaria

Afaria requires a separate server running WIndows 2000 or 2003 Server, and again that server needs to be Internet-facing for the client devices to be able to access it.
Afaria supports a wide range of client device platforms including:

The solution requires that a client application be installed onto client devices. The client can be pre-populated with the server address details and a variety of authentication mechanisms are supported. New to version 6 of the solution is the ability to deliver the client via SMS OMA-CP configuration messages onto to supported clients (Symbian S60 currently).

All client-server communications are secured using SSL on a single TCP port (3007 by default, but this is customisable by the administrator)

Afaria is a modular product, with the solution being divided into a number of optional ‘Channels’, each Channel being independent of the others and being enabled or disabled based on the license key used to install the product:

NOTE – not all Channels are available on all client platforms.

Multiple channels can be configured, with each channel having one or more of the supported client types associated with it, or specific users or groups subscribed.

The most powerful feature of the solution is the Session Manager. This component allows 'worklists' to be created using script-based commands and variables which effectively allow the administrator to query any element of the device's hardware or software configuration and have specific actions carried out based on the results returned. Email alerts can be generated automatically should any element of the worklist fail and extensive reporting capabilities are available.


Miscellaneous

For administrators who do not require a server-based device management solution, but who would like to make their lives easier by having access to template-driven tools enabling the bulk configuration of devices simply by connecting them to a PC and applying a pre-defined template to those devices, tools are available for both Nokia and Apple devices, read these articles for more information:

Apple - http://blog.brightpointuk.co.uk/apple-iphone-configuration-utility-30
Nokia - http://blog.brightpointuk.co.uk/nokia-enterprise-configuration-tool


Summary

It is important to bear in mind that whilst I have looked at a number of device management solutions in this article, that support a number of different platforms, this is by no means an exhaustive summary of the solutions available. In this article I have made no reference to the Palm platform. This is not to say that there are no solutions available for this platform, simply that demand has caused me to exclude it at this time. The Afaria solution supports Palm, as is reflected in the chart below.

For a summary of the current features offered by the products discussed in this article, view the chart below, and as always, if you need any further information or require anything clarified contact Brightpoint today on 0870 849 0225

Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution
Choosing a device management solution

Choosing a remote email solution Q4 2011

Choosing a remote email solution

When choosing a remote email solution there are a number of approaches that you can take: you may have decided on a client device type and wish to know what solutions are compatible; you may have a specific feature set you need to be available to your users; or similarly a set of features you don't want to be available. You may have specific security concerns or may have a policy regarding which manufacturers you are able to consider.
There is a lot of information to convey, much of it interconnected. In this article I shall run through the products available by manufacturer, but it is important to consider that when discussing products such a Nokia's Mail For Exchange application, this obviously requires that Microsoft Exchange be installed, so if considering Nokia, bear in mind that everything I have said about Microsoft Exchange should also factor into your choice. It's also important to bear in mind when considering BlackBerry as a remote email solution that the BlackBerry Enterprise Server itself is not an email solution in its own right: it requires an email platform be deployed already (be it Microsoft Exchange or Lotus Domino).
It's complicated, but I like to think I have included all relevant information. As always, if you want further information on anything you read here, then contact Brightpoint on 0870 849 0225: we are uniquely placed to be able to advise on any aspect of your plans for deploying an email solution...from any perspective.


Features

The features that a remote email solution should offer as standard remain unchanged. When evaluating products, should any of the below not be met, unless you are confident that they are superfluous to requirements, then that solution should be excluded from your pilot.


The Players

The key players in the remote email space are currently (in this author's opinion):


Microsoft

At the time of writing, Microsoft Exchange currently accounts for approximately 65% of the corporate email market and is the de facto standard for "behind the firewall" email deployments. That product alone nets Microsoft over $2 Billion annually. If Microsoft Exchange alone was a separate company, it would still be the 9th largest software company in the world!

Ever since the release of the Microsoft Mobile Information Server (MMIS) product back in 2000 it has been possible to synchronise email, contact and calendar mailbox data with an Exchange server from a Windows Mobile device. MMIS was a separate middleware product which provided the synchronisation functionality and was effectively incorporated into Exchange Server 2003 when it was first released. Synchronisation was only schedule-based and was only possible from Windows Mobile devices running Pocket PC 2003 or later.
Microsoft added push functionality to Exchange with the release of Service Pack 2 for Exchange Server 2003, a free update available via Microsoft Update. To enjoy push functionality you had to be using a PDA running Windows Mobile 5 (version AKU-2) or later.
The protocol that provides this push synchronisation capability is known as Exchange ActiveSync (EAS) and Microsoft has subsequently licensed it to third party manufacturers including Dataviz, HTC, Nokia, Apple, Google, Dell, Motorola, Samsung and others.
Today it is therefore possible to receive push-based synchronisation of mailbox data on a wide range of client devices, not only Windows Mobile PDAs...provided that you are running Microsoft Exchange Server 2003 SP2 or later in your corporate environment, which in turn requires a Microsoft Server operating system to run on, so it's a win-win situation for Microsoft.
Exchange ActiveSync also enables users to search for contacts in the Global Address List (GAL) from their device and also enables the administrator to require that devices have a password configured on them. Devices can also be remotely 'killed' from the Exchange server by the administrator.

The release of Exchange 2007, and later Service Pack 1 for Exchange 2007, added further functionality to the Server ActiveSync protocol, including the ability to set an out of office status and message, as well as allowing the administrator to remotely disable hardware elements on client devices such as the camera, WiFi, Bluetooth etc.
Although the EAS protocol supports this functionality when used with an Exchange 2007 server, the degree to which this functionality has been implemented by the different manufacturers varies, meaning that different devices have different capabilities when used with the same Exchange server. The features available on the different client platforms are summarised at the end of this article.

Today, if using a Windows Mobile device running version 6.1 of the operating system in conjunction with a server running Exchange 2007 SP1, the following functionality is available to the user:

It is only possible to configure one Exchange email account on the Windows Mobile platform, multiple concurrent Exchange accounts are not supported.

The following functionality is available to the Administrator:

Exchange 2003 SP2 also offers the ability to remotely wipe client devices, but requires that the Exchange ActiveSync Web Administration Tool be downloaded and installed separately:

http://www.microsoft.com/downloads/details.aspx?FamilyID=e6851d23-d145-4...

and is accessed via https://(exchange_server)/mobileadmin/:

Choosing a remote email solution - Q1 2009

Exchange 2003 SP2 does not offer the ability to define a per-user activesync policy, or the ability to remotely control hardware or software elements on client devices. Besides remote device kill, the only device management feature available is the ability to enforce a password policy on the client Windows Mobile device.

Microsoft's decision to license the EAS protocol to third parties means that a wide range of devices can also synchronise mailbox data with an Exchange server running Exchange 2003 SP2 or later in exactly the same way as a Windows Mobile device, with no additional changes required on the Exchange server. I will look at the features supported by the most common of these in this article. A summary of the capabilities of the different platforms is available at the end, but it is important to be aware that deploying a Microsoft Exchange server does not limit you to using Microsoft's client devices.

Exchange 2010 adds further functionality for the administrator, such as the ability to allow and disallow access to the Exchange server via Exchange ActiveSync based on device type. This provides a level of peace of mind to the IT department, reassuring them that making their Exchange server accessible from the Internet to devices that support the Exchange ActiveSync protocol does not have to mean opening the server to ALL devices; they can define further rules to only allow access to, say, Windows Mobile and Nokia devices and deny access to Android and iPhone devices.
Further rules can be configured to simply quarantine all devices and email the administrator indicating that a device has requested access, which the administrator(s) can choose to unblock or reject on a per-request basis.
Read this article for more information - http://blog.brightpointuk.co.uk/restricting-access-exchange-2010-activesync

It is also perhaps relevant to point out that Microsoft's Small Business Server (SBS) products, which include Exchange, offer the same functionality as Microsoft Exchange standalone installations: SBS 2003 includes Exchange 2003, and SBS 2008 includes Exchange 2007. Microsoft's new Small Business Product, SBS7, now includes Exchange Server 2010.

Installation and Configuration

Provided that you are running Exchange 2003 SP2 or later, then EAS functionality is "built-in" with no need for any additional hardware or software. Having said that, there are a few things you should be aware of when deploying Exchange with a view to providing push email functionality:

Besides the SSL certificate, because Exchange ActiveSync is a standard protocol, regardless of which client device you are using, the same information will be required to set up access on all devices:

The server address will be the same address used by Outlook Web Access (OWA), normally in the form 'mail.domain.com'.
The Domain will be the same value that is configured on your Windows desktop PC in the office, assuming you have one, when you log in - the contents of the "Log Into" field underneath the password field.

For detailed information on troubleshooting all aspects of the Exchange ActiveSync protocol, read this article - http://blog.brightpointuk.co.uk/troubleshooting-exchange-activesync

Additional Features

Besides the ActiveSync functionality we have seen here, when using a Windows Mobile 6.1 device in conjunction with Exchange 2007 SP1, users can also remotely access file servers from their devices without the need for a separate VPN connection. For details on how to configure this functionality, view this article - http://blog.brightpointuk.co.uk/configuring-remote-file-share-access-exc...

Outlook Anywhere

In addition the features available to PDAs, it is perhaps important to mention the features available to the laptop offered by Microsoft Exchange. Outlook Anywhere is the friendly name for the "Remote Procedure Call over HTTPS" protocol that enables Outlook clients to securely access Exchange remotely as if they were connected locally via the LAN, without any change in configuration required on the PC when in or out of the office. This functionality is supported on Exchange 2003 SP2 or later. For more information on how to configure this feature read these articles:

Exchange 2003 - http://blog.brightpointuk.co.uk/enabling-rpc-http-single-exchange-2003-s...
Exchange 2007 - http://blog.brightpointuk.co.uk/enabling-rpc-http-exchange-2007

For more information on the features available with Exchange 2007, read this article - http://blog.brightpointuk.co.uk/exchange-2007-features

Windows Mobile 6.5 and Exchange 2010

Exchange 2010, when used in conjunction with a Windows Mobile device running version 6.1 or later, whilst there are no new features in terms of device management, this release of Exchange includes the ability to synchronise SMS text message folders between the device and Exchange (and therefore with Outlook), the ability to view free/busy information for fellow Exchange users from your device as well as support for message reply status.
For more information on the features available in Exchange 2010, read this article - http://blog.brightpointuk.co.uk/exchange-2010-features

Windows Phone 7

It is perhaps important to point out that Microsoft's new mobile device platform, Windows Phone 7, is a complete departure from Windows Mobile and as such should not be presumed to provide the same level of Exchange ActiveSync support as Windows Mobile: it doesn't.
It is possible to access an Exchange Server via Exchange ActiveSync from a Windows Phone 7 device - you can in fact add multiple Exchange accounts and access them concurrently - but from an administrative point of view the platform does not support the device management functionality that Windows Mobile does: you cannot define ActiveSync mailbox policies restricting access to the device hardware and software as I have described above. It is possible to remotely wipe devices and to enforce a password usage policy, but that is all. For more information read this article - http://blog.brightpointuk.co.uk/windows-phone-7-exchange-activesync-support

Additional Comments

As this article is intended to discuss remote email functionality, I have not looked at the other features available in Exchange from a mobility perspective, such as the other features available in Outlook Web Access and the Unified Messaging features of Exchange 2007 and 2010, but these are worth looking into if you are undecided about upgrading from a previous version of Exchange or looking into alternatives.
It is perhaps important to point out that whilst Microsoft Exchange may offer 'remote email nirvana', you should be prepared to pay a premium for the functionality it offers, especially when deploying the solution across multiple servers, all requiring 64-bit hardware and 64-bit Windows Server operating systems to run on them.
For those on a budget, a hosted Exchange service may be worth considering, such as that offered by Outsourcery, or an open source alternative to Exchange such as Zimbra (http://blog.brightpointuk.co.uk/zimbra) or Scalix (http://blog.brightpointuk.co.uk/scalix), both of which enable desktop use of Microsoft Outlook meaning that users do not need to be re-trained or lose out on functionality.


RIM BlackBerry

The BlackBerry solution is developed by a Canadian company, Research In Motion (RIM), and is largely regarded as the 'safe' choice for remote email solutions, largely thanks to a huge adoption in North America and some impressive PR coups not least of which was the President of the USA's insistence that the NSA allow him to use his beloved BlackBerry PDA.

BlackBerry comes in a number of 'flavours': the BlackBerry Enterprise Server (BES) for corporates, the BlackBerry Internet Service (BIS) for prosumers and now BlackBerry Enterprise Server Express for small businesses. There are also solutions such as BlackBerry Unite for the home/family market - read the BlackBerry section of the web site for more information (http://blog.brightpointuk.co.uk/blackberry)

The BIS service operates by users being assigned their own email address by their network operator, and being able to add third-party POP or IMAP email accounts to their service so that they can enjoy 'push' email from consumer email providers. This is an email-only service and users can sync contact and calendar data with their desktop PC using the BlackBerry Desktop Manager software, although there are clients available for the BlackBerry device platform for services such as Google. In this article I shall limit my examination to the products aimed at the business market: BES and BES Express.
In all cases, the BlackBerry family of products can only be used with BlackBerry client devices, or on a more limited basis with "BlackBerry Connect" devices (which have the BlackBerry messaging client installed), although at the time of writing this author does not know of any manufacturers actively promoting this software.

The BlackBerry Enterprise Server, or BES, is available for Microsoft Exchange, IBM Lotus Domino and Novell Groupwise. It is important to understand that the BES is not an email platform in its own right: an email solution is still required; the BES enables bi-directional synchronisation between the email server and BlackBerry handhelds. What the BES does offer, is very powerful device management features: thanks to the fact that RIM manufacturer both the server software and the handheld devices the solution is capable of granular device control functionality that is simply unparalleled.

At the time of writing, the BES software is at version 5.0.2.
New to version 5 is a web-based administration console that can be accessed either by Active Directory or BlackBerry's own authentication mechanisms and can have multiple administrative roles created - useful for helpdesk environments.
Also new to version 5 is the ability to deploy the BES solution in a High Availability configuration, clustering individual BlackBerry services and providing for automatic failover of services between servers in the event of any problems.

If using this release of the software for Microsoft Exchange in conjunction with a handheld device running the latest version of the handheld operating system, the following functionality is available:

As with Exchange and Windows Mobile, the BlackBerry solution enables the administrator to define per-user or per-group policies governing what hardware and software elements should be available to users, including features such as the camera, Bluetooth, WiFi, SMS messaging, web browser, etc:

BlackBerry Enterprise Server

Options range from the relatively simple:

BlackBerry Enterprise Server

to comprehensively detailed:

BlackBerry Enterprise Server

Password usage can be enforced on client devices and devices can be remotely 'killed' by the administrator:

BlackBerry Enterprise Server

The BlackBerry Mobile Data Service (MDS), part of the BES software, also enables the administrator to remotely push applications down to client devices.
An added benefit of the BES solution is that all client web browsing requests (unless being accessed via a WiFi connection) are routed via the BES. Therefore, if any URL-filtering, access restriction policies or proxies are deployed at the corporate environment, any browsing restrictions that apply to the BES server are automatically applied to client devices by virtue of the fact that they sit 'behind' the BES.

The type of email attachments that users should have access to on their handhelds can also be defined as well as size limits:

BlackBerry Enterprise Server

BlackBerry Enterprise Server Express

The BES Express software is essentially a scaled-down version of the full BES, designed for small company deployments, free to download and install and not limited to any set number of users. BES Express replaces the older BlackBerry Professional Software (BPS) which is now end of life. Offering full email and PIM synchronisation, but only a limited number of IT policies, BES Express can be installed directly onto an Exchange (or Small Business) Server. A version of BES Express is also available for Lotus Domino 8.0.2 or later.
For more information on the BES Express software as well as detailed setup guides, read the BES Express section of the blog - http://blog.brightpointuk.co.uk/blackberry-enterprise-server-express

Architecture

As you probably already know, the BlackBerry solution requires that a specific tariff be enabled on the user's SIM: a tariff that is billed at a flat monthly rate regardless of how much email that user receives. This is viewed as a double-edged sword by many: on the plus side you know exactly how much you will pay each month and won't get any nasty surprises; however the amount you are paying can actually be more than an 'all you can eat' tariff anyway. All other email solutions simply require that 'data' be enabled on user's SIMs.

Part of the reason for this expense is to cover the cost of maintaining the architecture that enables the BlackBerry solution to work as it does. Unlike Exchange ActiveSync where clients communicate directly with the server, requiring that the Exchange server be Internet-facing, BlackBerry handhelds register against a middleware server maintained by RIM, known as the "RIM Relay". The BES server also registers with this Relay enabling end to end communications between the server and handhelds. One benefit of this approach is that the BES only needs outbound access to the Relay on a single port (TCP 3101) and no inbound access needs to be configured on any firewalls. There is also no need to mess about configuring or renewing SSL certificates, all client-server communications being secured by AES encryption automatically.
This approach does, therefore, mean that you are entirely reliant on third-party hardware and services being available.

BlackBerry relay architecture

Installation and Configuration

The BES software will require a separate server to run on, and therefore a separate Windows Server operating system to run on. BES Express can be installed directly on the Exchange server or Small Business Server, but in this deployment, RIM recommend only running a maximum of 75 users before you consider using dedicated hardware.

The software also uses a Microsoft SQL server database to store configuration information. By default the solution will install a copy of SQL Server Express (or MSDE) locally, which is recommended for deployments up to 500 users, but for larger installations a separate Microsoft SQL server can be specified. This would also obviously need to be licensed.

The BlackBerry solution requires that a user account be created within the Active Directory, and that user account be assigned Exchange Administrator permissions to be able to send and receive messages on behalf of any users added to the BES server. For full details on how to configure the environment for both Exchange 2003 and Exchange 2007, read these articles:

Exchange 2003 - http://blog.brightpointuk.co.uk/bes-41x-50-exchange-2003-pre-requisites
Exchange 2007 - http://blog.brightpointuk.co.uk/bes-41x-50-exchange-2007-pre-requisites
Exchange 2010 - http://blog.brightpointuk.co.uk/bes-501-exchange-2010-pre-requisites

The way that handheld devices are configured is one of the attractive USPs of the BlackBerry solution. Known as the "Enterprise Activation" feature, it operates by assigning a user an activation password on the BES server. To set up their device, all users need to do is enter in their own full email address and the same activation password. This process does not require that the user be in the office and the feature is available on all BlackBerry handheld devices, meaning that users can configure their own devices quickly and easily with minimal interaction with the IT department. For full details on how this process works read this article - http://blog.brightpointuk.co.uk/how-does-bes-wireless-activation-process...

BlackBerry Web Desktop Manager

Available as a separate component for BES 4.0.6 and later and incorporated into BES 5, the Web Desktop Manager enables users to access and edit settings relating to the content that is delivered to their handheld, directly from their web browser. The web application runs on the BES itself and can be enabled or disabled by the administrator as required. Users can also backup and restore device configurations and can activate new handhelds themselves by issuing an activation password. Read this article for more information - http://blog.brightpointuk.co.uk/bes-5-web-desktop-manager

BlackBerry Mobile Voice Service (MVS)

BlackBerry MVS is a relatively new product available from RIM that it is worth mentioning if you are looking to integrate your client devices with a VoIP deployment as well as email. A separate server installation, the MVS allows BlackBerry handhelds to effectively remotely register as extensions of your IP PBX, enabling users to ring office-based staff free of charge and to 'break out' from the corporate PBX for local numbers. For more information read this article - http://blog.brightpointuk.co.uk/blackberry-mobile-voice-system-mvs

Additional Comments

For some, use of a BlackBerry device has nothing to do with the fact that they have a BES deployed within their business - some simply like the phones. It is of course, possible to use the BIS service to access a corporate Exchange server via HTTPS directly but this is beyond the scope of an article dedicated to corporate email use (and only provides access to email, rather than contacts and calendar), for information on this read this article - http://blog.brightpointuk.co.uk/setting-new-blackberry-internet-service-....
However, I shall be looking at ways to use BlackBerry devices without the need for either a BES (and the BES tariff) or an Exchange server...

It is only possible to activate a BlackBerry device with one BlackBerry Enterprise Server.


IBM

IBM Lotus Domino accounts for perhaps 10% of corporate email deployments but is still regarded as a specialist or niche email platform, Domino being a database platform first and an email platform second. Indeed many companies that use Domino for its database functionality will also have an Exchange server for email.

Domino has pretty much always provided webmail access to users, and supports the ubiquitous POP and IMAP email protocols, but for a long time the only means of enjoying push email synchronisation with a client device was either via a BlackBerry deployment or with Nokia's Intellisync Mobile Suite solution, which has now been retired.
BlackBerry still supports Domino, but IBM have relatively recently launched their own push email application for Domino: Lotus Traveler.

Traveler enables bi-directional push-based synchronisation of mail, contacts, calendar, journal and to do folders with Windows Mobile and Symbian devices and also the Apple iPhone. The latest version, 8.5.2.1 adds support for Android devices running Android 2.x or later.
The Traveler component needs to be installed on an Internet-facing server, and a single TCP port allowed through to that server from the Internet. The port used for client-server communication can be specified by the administrator, and all communications can be secured using TLS/SSL encryption.

Traveler 8.1 was released alongside Domino 8.0.1 and provided support for Windows Mobile 5 and 6 devices. The release of version 8.5 extended this support to the Symbian Series 60 platform (including the Nokia E and N series range of devices), and version 8.5.1 more recently adds support for the iPhone. 8.5.2.1 is required for Android support.

System Requirements

Traveler 8.5 can only be installed on a server running version 8.5 of the Domino software. User mailboxes can themselves be stored on a Domino server running version 7.0.2 or later. Domino 8.5 is only supported on Windows Server 2003.
From a licensing perspective, all Lotus Notes users are automatically enabled for the Traveler service, they simply need to download the client from the Domino server.

Traveler 8.5 includes limited device management functionality on the Windows Mobile platform, including:

Client Installation

Client devices can be configured simply by downloading and installing a single client application. This client can be downloaded via a web browser either from the Domino server itself (requiring that the server be accessible on TCP port 80) or from a server of the administrator's choosing. The web site could also be customised to include downloads for any other software packages such a VPN clients or certificates if so desired.
The client installer package reads its configuration from an XML-based "bootstrap" file which allows the administrator to pre-populate the client with required settings including the server address and port number among other variables.

For more information on the Traveler installation process and features, read these articles - http://blog.brightpointuk.co.uk/lotus


Google

Google's online search portal is now only a fraction of its service and product portfolio: with the launch of the Android platform it is a mobile phone operating system developer and content-delivery platform, and with the launch of the Google Voice service it is also a telco. The Google Chrome browser and operating system see the company poised to rival Microsoft for the desktop applications market, and the Google Apps service is reducing Microsoft's hegemony with the Office/Exchange combination.

Google Mail, or GMail, is a free-to-use email service that can be accessed from any web browser. Google also have their own client application for a variety of platforms, including Windows Mobile, Symbian and BlackBerry and of course is also integrated into the Android platform. Alongside Mail, Google also offer free contacts and calendar synchronisation services.
Should users prefer to use the native client on their PDA rather than the Google client, Google have also licensed the EAS protocol meaning that Windows Mobile, Symbian, iPhone and Android devices can access Gmail using their native clients. Google have also implemented remote device wipe to their support for EAS meaning that administrators can remotely 'kill' devices that have been reported lost or stolen directly from their web browser or from the Exchange server, as detailed above.

Gmail also supports both POP and IMAP access from clients that only support these protocols (such as Symbian S40 devices) and contacts and calendar directories can also be accessed via the SyncML (OMA-DS) protocol. In short, then, if you have a Google account, you can access your data from pretty much anything.
GMail also has a nice feature whereby you can add third party POP accounts to your Google profile (such as a Sky or TalkTalk account) and have mail sent to those accounts delivered directly to your GMail client.

Besides consumer services, the Google Apps service, which is a chargeable service businesses pay for to host their corporate email in Google's cloud, offers additional features such as the ability to delegate access to your mailbox to others, provides numerous tools to migrate your existing Exchange email infrastructure to Google's servers and also offers a level of device management and security by offering administrators the ability to enforce on-device encryption, password usage and strength as well as the ability to remotely disable device camera usage:

Google Apps device management features

I have posted a number of articles on how to configure access to Google's services:

Symbian S60 - http://blog.brightpointuk.co.uk/setting-google-sync-nokia-e71
http://blog.brightpointuk.co.uk/google-mail-symbian-s60
Windows Mobile - http://blog.brightpointuk.co.uk/setting-google-sync-windows-mobile

Following the release of the Google BES Connector software, corporates can now leverage the comprehensive device management capabilities of the BES solution with BlackBerry handhelds without the need for a local Domino or Exchange server (http://blog.brightpointuk.co.uk/google_apps_connector_bes)

For the office environment, it is possible to access Google's mail service from Microsoft Outlook, meaning that users need not necessarily know that a change has occurred in the back office environment and will not need additional training. Of course it should be taken into account that your data will no longer be stored locally, you may need to increase the bandwidth of your Internet feed and will be at the mercy of your ISP's resilience...


Android

Google's own mobile device platform, Android, is taking the handset world by storm and the break-neck pace of development performed on the platform is adding new functionality all the time, although Google are taking pains to slow down this pace to prevent "fragmentation" in the marketplace - having to support multiple versions of its own operating system when releasing new services and applications.
Android 2.1 brought to Android the ability to synchronise with an Exchange email server via EAS.
Now in version 2.3, Android supports multiple concurrent Exchange email accounts, a unified email Inbox, the ability to access all mailbox folders including Contacts and Calendar information as well as the ability to specify how many days' worth of email should be synchronised.
The Global Address List can be accessed in "real time" as you compose email recipients, and Android 2.3.4 adds the ability to set an out of office message and status. Device management features are supported by the EAS implementation including the ability to remote kill the device from the Exchange server as well as the ability to set a password usage policy.
For more information on the Exchange capabilities of the Android platform, read this article - http://blog.brightpointuk.co.uk/quick-look-android-23s-exchange-support
It is important to note that this information applies to the standard Android email client, as used by "pure" Google Android handsets such as the Nexus range. Individual device manufacturers may choose to implement their own email clients offering differing functionality. This is certainly true of HTC and Motorola. I will be looking at these devices in a moment.


Nokia

Nokia have also recently jumped on the cloud bandwagon with the launch of their OVI portfolio of services - so called as 'ovi' is the Finnish for 'doorway', presumably to give the impression of the Ovi platform as a one-stop portal to a wide range of services...if you speak Finnish.
I have blogged several times about the features available in Ovi, such as web-based access to contacts, calendar, Ovi mail and documents, but as this article is intended for the corporate market I shall not be looking at it here. The OVI Maps service should perhaps be investigated by those looking to deploy Nokia handsets for their email capability but looking for that 'something extra'.

Nokia acquired Intellisync for a not inconsiderable sum a few years ago, the Intellisync Mobile Suite being a remote PIM synchronisation and device management solution to rival BlackBerry, available for a wide range of platforms...but unfortunately decided after only a short period to cease all development and retired the product.
Whilst a shock to many (including according to my sources the Intellisync product team themselves), Nokia has very much thrown its lot in with Microsoft and has amalgamated its licensing of the EAS protocol with the capabilities of the Intellisync platform to produce a client application that can rival the capabilities of Windows Mobile 6.1 when used in conjunction with Exchange 2007.

The Mail For Exchange software, Nokia's implementation of the EAS protocol, is only available for the Symbian S60 platform (the E and N series of handsets as well as the Xpress Musics) and is now preloaded on most handsets, providing access to Exchange 2003 SP2 or later. The software is also available for download from the Nokia Business web site: http://europe.nokia.com/get-support-and-software/download-software/mail-...

Although not able to provide the device management capabilities of the Windows Mobile 6.1 platform, the Nokia E75, E72 and more recently the N8 and the C7, when used with Exchange 2007 can synchronise all mailbox folders, including subfolders, can set and edit out of office status message, can access the GAL and perform message searches as well as the ability to enforce password usage and remote device wipe.

Nokia Mail for Exchange

For detailed instructions on how to configure the Nokia E71, E72, E75, N97, N8 and C7 as well as information on the Ovi service, view the Nokia section of the blog - http://blog.brightpointuk.co.uk/nokia

The Nokia N8 and C7 handsets can access multiple Exchange email accounts concurrently.

Perhaps also worth mentioning is the Nokia Messaging Service (http://blog.brightpointuk.co.uk/nokia-email-service) which provides BIS-style email delivery to prosumers, in fact using the architecture of the Intellisync platform behind the scenes. This feature allows users to access a consumer POP or IMAP email account and define more advanced settings than the native POP or IMAP protocols themselves support, such as the ability to define attachment size limits and attachment file types. Read the article above for more information.

Additional Comments

Nokia also have a number of enterprise deployment tools available for the S60 range, including the ability to define Exchange ActiveSync and VPN settings, roll them up into a single configuration file and apply that file to any number of handsets. Read this article for more information - http://blog.brightpointuk.co.uk/nokia-enterprise-configuration-tool


HTC

Although in terms of Exchange ActiveSync functionality, Windows Mobile and Windows Phone devices are largely standard regardless of device manufacturer (the EAS client being part of the Windows Mobile operating system), HTC's Android-based devices do feature a proprietary email client that offers superior features over the standard Android one.
Prior to the release of Android 2.1 (Eclair), Android devices could not natively connect to an Exchange Server using EAS (POP and IMAP was of course supported). HTC's Hero and Tattoo devices were able to provide this functionality using HTC's own licensed EAS client. This proprietary client has been developed further and is incorporated in all HTC Android devices. The latest HTC Android devices offer a very feature-rich experience when used with an Exchange server. Multiple Exchange email accounts are also supported.

HTC Rhyme Exchange email

All email folders can be synchronised, as well as contacts and calendar data and also Tasks beginning with the release of the HTC Rhyme. Synchronisation schedules can be defined for peak and off-peak hours, so your device won't poll for new mail during the night if you don't want it to.
Out of office status and message can be set from the device.
For full details on how to configure the HTC Android client on HTC Android models, read this article - http://blog.brightpointuk.co.uk/setting-exchange-email-htc-desire-hd

Besides the device management features offered by the Exchange email client, HTC Android models can also be managed online using HTC's HTCSense.com service, which allows users to remotely lock and wipe handhelds from any web browser, as well as configure a lock message to be displayed on the device screen. Users can also synchronise contacts, calendar and SMS text messages with their online HTCSense account - http://blog.brightpointuk.co.uk/htc-announce-htcsensecom

For information on the capabilities of HTC devices, visit the HTC section of the blog - http://blog.brightpointuk.co.uk/htc

Motorola

As with HTC, Motorola also develop their own Exchange email client for their Android devices, which offers superior functionality over the stock Android client. Their range of business-focused devices, such as the Pro +, supports a wide range of Exchange ActiveSync management protocols including the ability to not only enforce password usage, but password complexity, history, recovery and login attempts. Hardware control is also implemented, so use of the device camera, WiFi and storage card can be enabled and disabled by EAS policy.

Motorola Pro +

For full details of the Exchange capabilities of the Pro +, read this article - http://blog.brightpointuk.co.uk/introducing-motorola-pro-0


Apple

Apple licensed the EAS protocol, which they released in version 2.0 of the iPhone software, enabling access to any Exchange server running Exchange 2003 SP2 or later. Now in version 4.2 of the iOS software, which now includes the iPad, functionality has not changed hugely with the exception that multiple concurrent Exchange email accounts are supported as well as a unified email inbox.
Synchronisation of Tasks is not supported, but a password policy can be enforced on devices and iPhones can be remotely wiped from the Exchange server. For information on how to configure the iPhone for access to Exchange, read this article - http://blog.brightpointuk.co.uk/setting-server-activesync-apple-iphone

As with Nokia, Apple have also developed an Enterprise deployment tool for the iPhone which enables the bulk deployment of Exchange and VPN settings in a single configuration package. Read this article for more information - http://blog.brightpointuk.co.uk/apple-iphone-configuration-utility-20

It is perhaps also important to note that the release of Snow Leopard, or MacOS 10.6, features built-in access to Microsoft Exchange 2007 via Apple's Mail, iCal and Address Book applications, significant when you consider that Windows does not by itself provide access to Exchange, requiring that Microsoft Outlook be installed (and purchased) separately.
For details on how to configure Snow Leopard for Exchange access read this article - (http://blog.brightpointuk.co.uk/configuring-macos-snow-leopard-access-ex...)


Dataviz RoadSync

Dataviz (www.dataviz.com) is a software company that has also licensed the EAS protocol from Microsoft. Whilst not a hardware manufacturer as with the other companies looked at in this article, what DataViz have done is to create client software, know as RoadSync, for devices that do not inherently have Exchange ActiveSync capabilities, such as Symbian S40 devices, Symbian S80 devices (the Nokia Communicator 93xx and 95xx devices), Java MIDP 2.0 devices and Windows Mobile 2003 devices.
RoadSync is also available for non-HTC Android devices and also offers functionality for the Symbian S60 platform that is not available to the Nokia Mail For Exchange client for devices prior to the E71 (such as support for subfolder synchronisation).
Visit the Dataviz web site for more information.


Hosted Services

I have touched already on the subject of hosting your corporate data in the cloud, but it is perhaps important to note that an Exchange or BlackBerry server can offer the same features to users regardless of its physical location: EAS and Outlook Anywhere services mean that both field staff and office workers can access Exchange even if that server is not located locally - provided that you have adequate bandwidth.
A hosted solution also removes the headaches of managing backups, security certificates and availability and, depending on the service, anti-spam and anti-virus measures.

If you are interested in considering a hosted solution, consult Outsourcery (http://www.outsourcery.co.uk/)


Old School

For companies that have an existing email infrastructure that cannot be mobilised natively (Exchange 5.5, 2000 / Domino 5,6,7) and do not wish to consider upgrading or having their data hosted, there are low-cost solutions available, such as the solution offered by Openhand. Visto and Seven should also be investigated as options.


Summary

Whilst I have focused on the new features available from the major email providers available today, it is important to note that virtually all email server platforms and device clients support the venerable POP and IMAP protocols. Therefore if you are not bothered with push delivery or device management but simply want rock solid, user-initiated mail retrieval, then none of the above is necessarily relevant to you. Call Brightpoint today for more information.

I have also not mentioned the Palm platform in this article, do not take this to mean that there are not solutions available for this platform, merely that demand has driven me to exclude it at this time.

For a summary of the current features offered by the email platforms discussed in this article, view the chart below. Do not, however, take this chart to mean that these are the only options available to you...

Choosing a remote email solution Q1 2011
Choosing a remote email solution Q1 2011
Choosing a remote email solution Q1 2011
* - When used with Microsoft Exchange 2007

If you require any further information on any of the products or services you have seen outlined above please contact Brightpoint on 0870 849 0225.

Introduction to mobile data technologies

Today the mobile phone has evolved from a simple voice device, to a fully-functional personal organiser conveniently containing important information including contacts, calendar appointments and notes. It can be used to access the Internet while on the move, especially for email, and is also a portable radio, music player, camera and photograph album.
The same technology (the Internet-connectivity part at any rate) can also be used in a data card or USB device in conjunction with a laptop computer, or can even be embedded within the PC itself. It is also used in other, newer devices, such as portable wireless access points and cellular terminals.
So what do all the acronyms surrounding this subject stand for? What is the difference between HSDPA and EDGE?
In this article I will look at the development of mobile data technologies from their first inception to the present day and beyond.


In the beginning…

Before networks became “cellular”, people who needed mobile communications could use a vehicle-mounted radio telephone services by one large central antenna in a major city. This communication was not “personal”: you simply broadcast on a particular frequency and anyone listening on that same frequency could hear you. These networks typically covered approximately 50 miles.

A cellular network employs a number of radio masts and can theoretically service an infinite area. The first generation, or 1G, of mobile networks was entirely analogue and only serviced a small number of users with low growth projections. Networks were usually state-owned, coordination between countries was minimal and roaming between countries with the same handset was impossible.
Several different technologies emerged:

The systems all worked on different radio frequencies, devices were bulky with limited battery life and coverage was, at best, adequate.
These networks could transmit data, but demand for such services was virtually non-existent.


Second Generation Systems (2G)

2G mobile networks were launched in Europe in 1992. The motivation in Europe was to adopt a single technology for the EC, replacing the patchwork of incompatible analogue systems with one digital system that would enable European citizens to make and receive calls anywhere in Europe.

The technology that was adopted was GSM, the Global System for Mobile telecommunication.

Digital technology provided improved call quality, security and data capability at 9.6kbps!

GSM networks were also rolled out in the US, however deployment was slow due to the prevalence of the AMPS system. It was cheaper for operators in the US to upgrade the existing infrastructure from AMPS to D-AMPS (Digital Advanced Mobile Phone System), also known as TDMA, or Time Division Multiple Access, which I will look at later.


Why is digital better than analogue?

Both analogue and digital systems use analogue radio waves to transmit information from the mobile device to the nearest radio mast (or cell tower). However, digital systems use the analogue wave to send binary information in 1s and 0s rather than an analogue radio signal.
Analogue signals have a tendency to lose their integrity because of “noise” or interference. The amount of noise picked up during transmission is known as the “signal to noise ratio”. When an analogue signal is passed through an amplifier to boost the signal, the noise that has been picked up along the way is also amplified. The further a signal travels, the more noise it will pick up until the original signal is indistinguishable from the noise. This is known as “signal attenuation”, and is the reason why long-distance telephone calls used to sound so much worse than local calls.
Whereas analogue signals can represent a whole range of values, digital signals can only represent two: 1 or 0. Instead of amplifiers, digital signals are regenerated using a repeater. The incoming signal is examined, the repeater determines whether the value is 1 or 0 and transmits a new, perfect, signal. Therefore any noise that is picked up along the way is removed.

GSM was originally licensed for use on the 900 MHz band, but was soon expanded to include 1800 MHz as demand grew. The US implemented GSM networks using 1900 MHz instead. Thus you often hear of phones being either “dual-band” or “tri-band”. South American and Asian networks have subsequently deployed GSM networks on 850MHz, and modern phones are thus referred to as being “quad-band”.

GSM was not readily adopted in the US and other nations outside Europe, large operators selecting an alternate technology instead: CDMA, which I will look at later.


GSM network infrastructure

A GSM network is made up of a number of key components: the mobile device (this could be a phone, datacard, USB dongle, embedded module, etc) is referred to as the mobile station (MS).
Radio signals are sent to and received from the nearest cell tower, or base transceiver station (BTS).
BTS units are normally located every few miles, or closer together in densely populated areas, or where the natural geography of the landscape requires it.
A handful of BTS units will be controlled by a base station controller (BSC), which monitors the performance of each BTS and handles the process of moving a subscriber from one tower to another (this process is known as “handover”).
The BSC units are in turn connected to the network’s mobile switching center (MSC), which is the gateway between the mobile network and the public switched telephone network (PSTN), or landline network.
Connected to the MSC is a large computer known as the home location register (HLR), which tracks and stores the location of each subscriber so that incoming calls can be routed to the correct BTS that the user is connected to at that time. The HLR also contains records on what services the subscriber is eligible for, such as MMS, Internet access, Blackberry, etc.
Linked to the HLR is the equipment identity register (EIR), which holds records on SIM numbers and IMEI numbers. If you’re not familiar with these terms, these will also be looked at later. The CDR database, or Calling Data Record, tracks how much use the subscriber makes of the network so that bills can be sent accordingly.


GSM network frequency usage

When a network is said to operate on 900 MHz, it actually uses different frequency bands for the uplink and downlink connections between the MS and the BTS. 905 MHz to 915 MHz is used for the uplink, and 950 MHz to 960 MHz does the downlink. This 10 MHz band is then further divided into 2 lots of 5 MHz, with each 5 MHz “passband” being allocated to a single network operator. Similar divisions are also made of the 1800 MHz passband. Therefore, for a long time, 4 network operators existed in the UK: 2 operating at 900 MHz and 2 at 1800 MHz. This has now changed with the licensing by the government of the frequency used by 3G, which I will look at later, and the emergence of so-called ‘virtual’ network operators, such as Tesco and Virgin mobile, who “piggyback” on the infrastructure of existing network operators.
You can find out information about the frequencies used by the different UK operators here:
http://www.gsmworld.com/roaming/gsminfo/cou_gb.shtml

The network operator then subdivides their 5 MHz allocation into 25 sub-channels of 200 KHz each. Each of these channels is known as a “carrier”. 24 are available for customer use, 1 is reserved for network monitoring and signalling. Within this small frequency range, a specific frequency will be used for the actual transfer of data, and the “surrounding” frequency is used as “spacing” to prevent adjacent carriers from interfering with each other.

No two adjacent cell towers use the same carrier frequencies. This enables operators to cover a large area with only a relatively small amount of allocated bandwidth.

This technique of frequency usage is known as Frequency Division Multiple Access (FDMA).

To further maximise the number of subscribers who can use the network simultaneously, each carrier is further subdivided into 8 “timeslots”, with one timeslot assigned to each user. Each user then transmits for just 0.5 milliseconds before use of the timeslot is passed onto the next user and so on. This process happens so quickly that no loss in quality is noticed by the user. This technique is known as Time Division Multiple Access (TDMA).

The capacity of a cell is therefore based on the number of carriers used multiplied by the number of timeslots.

One weakness of the TDMA system is that data must be transmitted at all times to keep all 8 timeslots in sync with each other. Therefore even if no speech is being transmitted, “packing” data must be broadcast instead.


So how does it work?

All mobile devices have a unique code associated with them. This is a 15-digit number called an IMEI number (Individual Mobile Equipment Identifier) and can normally be located on a sticker under the battery.
The SIM card, or Subscriber Identity Module, also has a unique number associated with it, called an IMSI number (Individual Mobile Subscriber Identifier).
When a mobile device is turned on, it will search on the control carrier for a System Identity Code (SIC), a unique 5-digit identifier assigned to each mobile network operator by the local governing body. If it cannot find any codes at all, it will display “no service” on the display, or something similar.
When it does find an SIC, it will compare it to the number programmed on the SIM card. If they match, the device will then transmit a registration request containing its IMEI number. The mobile network will then update its location database with the details of the IMEI, IMSI and the BTS and send a message to the device over the control carrier letting it know what frequencies to use for uplink and downlink.
As the device moves towards the edge of a cell, the BTS will determine that the signal strength is diminishing. Simultaneously, the BTS toward which the device is moving, will determine that the signal strength is increasing. The two BTS units coordinate with each other through the BSC until a signal is sent to the device over the control channel telling it to change frequency, thus “handing over” from one cell to another.


CDMA

CDMA stands for Code Division Multiple Access and is another 2G cellular technology, not employed in Europe, but used extensively in the US.
CDMA was developed by the US military as early as the 1940s as a robust transmission system that could withstand jamming attempts. It was deployed in cellular networks in 1993.
It is a spread spectrum technology. Simply put, this technology still divides the available frequency into “carriers”, but instead of using specific individual carriers for each base station, the entire bandwidth is used and data is sent in small packets across all of it, “hopping” from one frequency to another pseudo-randomly (the transmitter and receiver agree on the algorithm to use before communication begins, to a potential eavesdropper the sequence appears random). Rather than assigning users a ‘timeslot’ to identify them, individual users are assigned a unique code to identify them and their data stream is sent over the network simultaneously with other users’ data-streams. This allows for a more efficient use of the available frequency spectrum as there is no need to transmit “blank” data when there is no speech to broadcast. CDMA also allows for data communication at up to 14.4 Kbps.


2.5G Systems

As demand for data services grew, “bolt-ons” to the existing GSM infrastructure were deployed. The term 2.5 G is used as they were effectively stop-gap solutions on the road to 3G.
With conventional GSM, data could be sent and received at 9.6 Kbps. This was a limitation of the network infrastructure and did not depend on which operator you used, or what device you were using.
Internet connections were all “dial-up”, which required firstly that you have an account with an ISP (Internet Service Provider). To connect to the Internet you would need to dial a PSTN telephone number from your computer and then wait for up to 30 seconds for the connection to be established as the modems went through the handshaking process.
Once connected, a “circuit” between you and the ISP was opened, and left open until you disconnected. This was known as Circuit-Switched Data (CSD).
This method of connecting to the Internet was slow and also expensive as the user was billed for the length of the call placed to the ISP, even though for much of that time they would not be sending and receiving any data. It also tied up the timeslot being used for the length of time that that user was connected: not an effective use of the network’s preciously limited resources.
One of the temporary measures deployed was the introduction of High Speed Circuit Switched Data (HSCSD). This was only implemented by Orange in the UK. This involved altering the encoding mechanism used, squeezing 14.4 Kbps into one timeslot instead of 9.6 Kbps, and allowing one user to have 2 timeslots simultaneously so that they could effectively connect at 28.8 Kbps.
The other measure was the introduction of the General Packet Radio Service, or GPRS.


GPRS

GPRS uses the same physical network infrastructure as GSM, that is why it is referred to as a 2.5G technology: it is still based on TDMA and users are still assigned timeslots. However, instead of dialling into an ISP and then establishing a circuit with that provider to send and receive data, with GPRS the method of sending and receiving data is different. The network operator effectively becomes the ISP, negating the need for an account with an external provider. When the (GPRS-capable) device is turned on, it is registered on the data network immediately and is able to send and receive data instantly in “packets”. It is therefore said to be “packet-switched” rather than circuit-switched.
GPRS connections are said to be “always-on”. Data can be sent and received at any time, with data transmission being paused should a voice call need to be placed.
This has a number of advantages both for the user and the operator:

GPRS networks required additional hardware to be installed within the GSM infrastructure: each BTS is upgraded to include a Packet Control Unit (PCU) to handle the routing of data packets. Each PCU sends the data packets it receives to a Serving GPRS Support Node (SGSN), which performs a similar function to that performed by the BTS for voice communication. It is effectively a router that examines each packet and determines its destination and routes it accordingly.
A Gateway GPRS Support Node (GGSN) is the router that sits between the mobile network and the wider Internet. This is also known as the Access Point Node (APN) and will record details on data transferred for billing purposes.
Each network operator will have its own APNs, some used for general Internet browsing, some dedicated purely to the sending and receiving of picture messages, etc. It is also possible for corporate customers to have their own hardware installed on the network that is dedicated to routing data from the mobile network to their own internal network. This is called a “Private APN”.
Therefore, when configuring a GPRS connection on a mobile device, rather than entering a telephone number to be dialled, you simply need to enter the name of the APN to be “attached” to.
GPRS uses a number of different means of encoding data for transmission across the radio link, which allows for faster data speeds: up to 13.4 Kbps per timeslot. Users can also be allocated up to 4 timeslots, allowing for up to 53.6 Kbps.
It should be noted, however, that the amount of timeslots allocated to data users will be controlled by the network operator: at times when there is a lot of voice traffic on the network, fewer timeslots will be made available for data usage than at times when the voice traffic is low.


3G

It is important to remember that the term “3G” does not refer to a specific technology, it refers rather to a type of service. As 2G refers to both GSM and CDMA, so does 3G refer to a handful of different technologies. Therefore, saying that you are “connecting over 3G” is not technically accurate.
3G technologies allow for the live streaming of media from the Internet, video conferencing, etc. There are several different technologies within this umbrella.
EDGE (Enhanced Data rates for GSM Evolution) is largely considered to be a 2.75G technology. It is also referred to as E-GPRS.
EDGE is a bolt-on enhancement to the existing GPRS network. It requires no hardware changes to the network, rather a software update to the BTS and BSC (and the mobile device) that enables a more advanced encoding algorithm that allows for a maximum of 129.6 Kbps (using 4 timeslots).

How is digital data sent over an analogue signal?

In a nutshell, mobile devices are able to send and receive data over the air by adjusting the physical properties of a radio wave to denote either a binary 1 or a 0 (all data is made up of 1s and 0s). Provided that both the mobile device and the cell tower it is registered with are configured to 'look' for the same changes to the carrier signal, data can be sent and received.
This is essentially the same principle used by all communication mediums: fibre optics use light pulses; Ethernet uses copper cables; cellular devices use radio waves.
It is beyond the scope of this overview to go into high-level physics, but essentially it breaks down like this.
The properties of a radio wave can only be altered so far - you can adjust its amplitude, its frequency or its phase - or a combination of all of them. Amplitude is the extent of vibration of a wave, measured in terms of displacement from the horizontal axis. If a carrier wave has a normal amplitude of x, then anything less than x could be said to represent 0, and anything greater than x could be said to represent 1.
Altering the amplitude of a wave to represent binary data is known as Amplitude Modulation. The key to achieving ever-faster data rates is to refine the extent to which a variation in a wave's properties constitutes a data value.
This is a massive simplification but essentially what this means is that whereas 2.5G systems might adjust a wave's amplitude by 1 measurement unit to denote a binary 1, 3G systems might refine the detection mechanism to mean that the wave can be altered by up to 1/4, 1/2, 3/4 and 1 measurement units. Therefore, whereas the 2.5G system can present a binary 1 or a binary 0 by changing the wave once, 3G can change the wave up to 4 times and therefore present 4 binary values between 00, 01, 10, and 11. This is achieved without needing to change the properties of the wave itself, just the processors at the sending and receiving units at each end of the wave. This also means that by changing the wave once to denote a value of 01, this is twice as fast as having to change the wave twice to denote both a 0 followed by a 1 - hence it's twice as fast.
The ability to assign 4 values to a single carrier wave is known as Quadrature Amplitude Modification, or QAM.

UMTS is the Universal Mobile Telecommunications System. This is a theoretical umbrella term used to describe any technology that constitutes a global mobile network. In reality, the term UMTS is only used to describe, and has become synonymous with, W-CDMA, or Wideband Code Division Multiple Access.
W-CDMA uses the same underlying technology as CDMA, however utilises a different frequency: 2100 MHz. the important thing is that all W-CDMA networks that have been deployed globally all use the same frequency, from the US to Europe to Japan. It can therefore, be said to be a truly global mobile technology.
Handsets that can operate on both GSM / GPRS and UMTS are said to be “dual mode”.
WCDMA networks can support data speeds up to 1.8Mbps, thanks to the greater frequency used (and hence more wave cycles), and further improvements to the modulation scheme.
HSPA is the High Speed Packet Access service, comprised of HSDPA (High Speed Downlink Packet Access) and HSUPA (High Speed Uplink Packet Access). HSPA is an upgrade to the WCDMA technology that allows for data rates of 1.8, 3.6, 7.2 and 14.4 Mbps.
HSPA achieves these higher data rates by employing 16-QAM (16 Quadrature Amplitude Modulation). As discussed above, altering the amplitude of a wave can be used to represent a 1 or a 0 per wave cycle, or baud. The higher amount of processing power contained in mobile devices today means that more precise variations of this amplitude can be achieved, allowing for more bits to be represented by each specific variation. 16 QAM allows for each wave cycle to represent 16 possible bit combinations:

0000
0001
0010
0100
1000
1001
1010
etc

The same laws of physics apply - the radio wave itself is the same and can only have its physical properties adjusted in the same way. What differs is the distinct degrees to which a change in the wave's properties can be interpreted by the sending and receiving equipment as a binary data value. HSPA can detect up to 16 different values (16 QAM) per wave cycle: 0000, 0001, 0010, etc et etc and is hence 4 times as fast: 0000 in one go rather than 0,0,0,0 in 4 goes.


The Future

HSPA Evolved is hoped to provide up to 42 Mbps in its first release. This technology will use antenna arrays supporting MIMO (Multiple In Multiple Out) packet transmission, effectively allowing a mobile device to simultaneously send and receive multiple steams of data to the network.
HSPA LTE (Long Term Evolution) is hoped to provide up to 200 Mbps for the downlink channel and up to 100 Mbps for the uplink channel by employing OFDMA technology (Orthogonal Frequency Division Multiple Access). This involves extremely precise signalling, controlling and processing capabilities on the part of the sending and receiving equipment and sends larger amounts of data over each wave cycle by employing 64 QAM - meaning that the carrier signal can be altered by 1 of 64 different values to represent a larger number of bit sequences.
It gets much more complicated when you realise that the values being broadcast are not even 0000, 0010, 0100 or 1000, but are symbol values to represent more commonly occurring, larger bit sequences. Essentially communications between the device and the cell tower are compressed, in a manner similar to how ZIP applications can compress large files into smaller archive files.

This same technology is in fact already in use in 802.11 WiFi equipment, providing up to 54 Mbps data rates in the 802.11g incarnation, and is used in the 802.16 WIMAX standard, which can deliver data rates up to 200 Mbps.

Performing a manual roam on Android

Should you be experiencing poor signal strength or no service, it is occasionally necessary to perform a manual roam on your device to de-register it from your network provider and then re-register it again.

To perform a manual network roam on an Android device, launch the Settings menu and select Wireless and Networks

Performing a manual roam on Android

Select Mobile Networks

Performing a manual roam on Android

Select Network Operators

Performing a manual roam on Android

Select the option to Search for networks

Performing a manual roam on Android

A list of available networks will be displayed after a few moments:

Performing a manual roam on Android

Select any other network that is not your home provider network. After a few moments you will see "No Service" on the display.
Now select your home provider network and change the selection back to Automatic.

For information on how to set an Android device to 2G only mode, view this article - http://blog.brightpointuk.co.uk/setting-android-phone-2g-only-mode

Performing a manual roam on BlackBerry

Should you be experiencing poor signal strength or no service, it is occasionally necessary to perform a manual roam on your device to de-register it from your network provider and then re-register it again.

To perform a manual network roam on a BlackBerry device, select the option to Manage Networks from the main menu

Setting a BlackBerry Smartphone device to 2G only mode

Select Mobile Network Options
Change the Network Selection Mode from Automatic to Manual

A list of available networks will be displayed after a few moments. Select any other network that is not your home provider network. After a few moments you will see "No Service" on the display.
Now select your home provider network and change the selection back to Automatic.

For information on how to set a BlackBerry device to 2G only mode, view this article - http://blog.brightpointuk.co.uk/setting-blackberry-smartphone-device-2g-...

Performing a manual roam on Windows Mobile Pocket PC

Should you be experiencing poor signal strength or no service, it is occasionally necessary to perform a manual roam on your device to de-register it from your network provider and then re-register it again.

To perform a manual network roam on a Windows Mobile Pocket PC device, tap Start and select Phone
Tap on Menu and select Options
Tap on the Network tab

Performing a manual roam on Windows Mobile Pocket PC

Change the Network Selection option from Automatic to Manual

A list of available networks will be displayed after a few moments. Select any other network that is not your home provider network. After a few moments you will see "No Service" on the display.
Now select your home provider network and change the selection back to Automatic.

For information on how to set a Pocket PC device to 2G only mode, view this article - http://blog.brightpointuk.co.uk/setting-windows-mobile-pocket-pc-device-...

Performing a manual roam on Windows Mobile Smartphone

Should you be experiencing poor signal strength or no service, it is occasionally necessary to perform a manual roam on your device to de-register it from your network provider and then re-register it again.

To perform a manual network roam on a Windows Mobile Smartphone device, press Start and select Settings
Select Phone
Select Networks (you may need to select More to see this option)
Set the Network selection option to Manual
Press the Menu button and select the option to Find a new network

A list of available networks will be displayed after a few moments. Select any other network that is not your home provider network. After a few moments you will see "No Service" on the display.
Now select your home provider network and change the selection back to Automatic.

Performing a manual roam on Windows Phone 7

Should you be experiencing poor signal strength or no service, it is occasionally necessary to perform a manual roam on your device to de-register it from your network provider and then re-register it again.

To perform a manual network roam on Windows Phone 7, open the Settings view from the main menu and select Cellular
Tap on the option for Network Selection and change it from Automatic to "Tap to Select". A list of available networks will be displayed after a few moments.
Select any other network that is not your home provider network. After a few moments you will see "No Service" on the display.
Now select your home provider network and change the selection back to Automatic.

For information on how to set a Windows Phone 7 device to 2G only mode, view this article - http://blog.brightpointuk.co.uk/setting-windows-phone-7-device-2g-only-mode

Performing a manual roam on the Apple iPhone

Performing a manual roam on the Apple iPhone

Should you be experiencing poor signal strength or no service, it is occasionally necessary to perform a manual roam on your device to de-register it from your network provider and then re-register it again.

To perform a manual network roam on the iPhone, launch the Settings and select Carrier. The above screen will be displayed. Unselect the option for Automatic. A list of available networks will be displayed after a few moments. Select any other network that is not your home provider network. After a few moments you will see "No Service" on the display.
Now select your home provider network and change the selection back to Automatic.

For information on how to set the iPhone to 2G only mode, view this article - http://blog.brightpointuk.co.uk/setting-iphone-2g-only-mode

Restoring HTC Android 3G connection settings

Should you change the SIM in your HTC Android device, or accidentally edit or remove your GPRS / 3G connection settings, you can restore the settings back to their default values quickly and easily.

Launch the Settings from the main application menu and select Wireless & Networks:

Select Mobile Networks and then Access Point Names:

A list of configured access points will be displayed:

Press the menu button and select Reset to default:

A list of available connection profiles will be displayed based on the SIM card inserted into the device:

Select the appropriate profile for your network operator and tariff (NOTE - "PAYG" stands for Pay As You Go).

Once the settings have been installed, power the phone off and on again to re-register the device on the network. Your connection settings have now been restored.

Sending email via SMTP on Vodafone UK

UPDATE - The Vodafone 360 service will be terminated on December 31st, 2011. After this time Vodafone will not provide an SMTP service to customers. It is advised, if the below description applies to you, to switch to a free Google or Hotmail email account and use the SMTP settings for that service. Alternately there are paid SMTP relay services available, such as www.smtpauth.com

When you set up a POP or IMAP-based email account on your phone, to send email you need to also specify an outgoing SMTP mail server. Due to security concerns, most ISPs require that you use their Internet service in order to be able to use their outgoing mail server. Therefore, if setting up a Tiscali email account for example, whereas your incoming mail server would be Tiscali's, your outgoing mail server may vary depending on how you're connecting to the Internet. In the case of Vodafone UK, the outgoing mail server to use would have been "send.vodafone.net" - an SMTP server provided by Vodafone to allow their subscribers to send email messages when connected to the Vodafone data network.

This server now appears to have been retired, but it is still possible to send email via SMTP on the Vodafone UK network.

You will first need to sign up for a free Vodafone 360 account. This only takes a few moments and can be done online by browsing to www.vodafone360.com

The setting to use on your phone are then as follows:

SMTP (Outgoing) server - smtp.360.com
Username - username@360.com - where "username" is what you selected when you signed up for the 360 account
Password - your 360 password
Security - SSL / TLS
Port - 465

You should now be able to send email via SMTP.

This does not apply to BlackBerry or Exchange ActiveSync accounts which operate differently.

Setting a BlackBerry Smartphone device to 2G only mode

Should you be in an area of only intermittent or poor 3G coverage, you may wish to set your phone to 2G only mode to experience a better service until you are next in a better coverage area.

To do this, from the home screen scroll up so that the status bar is selected:

Setting a BlackBerry Smartphone device to 2G only mode

Press the action button to bring up the following menu:

Setting a BlackBerry Smartphone device to 2G only mode

Select Mobile Network Options:

Setting a BlackBerry Smartphone device to 2G only mode

Set the Network Mode to 2G

Revert the change to return to automatic mode.

For information on how to perform a manual network roam on a BlackBerry device, view this article - http://blog.brightpointuk.co.uk/performing-manual-roam-blackberry

Setting a Windows Mobile Pocket PC device to 2G only mode

Should you be in an area of only intermittent or poor 3G coverage, you may wish to set your phone to 2G only mode to experience a better service until you are next in a better coverage area.

To do this, launch the Phone application from the Start Menu. Press the Menu button and select Options:

Setting a Windows Mobile Pocket PC device to 2G only mode

Tap on the Band tab:

Setting a Windows Mobile Pocket PC device to 2G only mode

Change the Network Type option from Auto to GSM

Revert the change to return to automatic mode.

For information on how to perform a manual network roam on the Pocket PC platform, view this article - http://blog.brightpointuk.co.uk/performing-manual-roam-windows-mobile-po...

Setting a Windows Phone 7 device to 2G only mode

Should you be in an area of only intermittent or poor 3G coverage, you may wish to set your phone to 2G only mode to experience a better service until you are next in a better coverage area.

To do this, launch the Settings and select Cellular

Set the option for 3G Connection to Off

Revert the change to return to automatic mode.

For information on how to perform a manual network roam on the Windows Phone 7 platform, view this article - http://blog.brightpointuk.co.uk/performing-manual-roam-windows-phone-7

Setting an Android phone to 2G only mode

Should you be in an area of only intermittent or poor 3G coverage, you may wish to set your phone to 2G only mode to experience a better service until you are next in a better coverage area.

To do this, launch the Settings from the main application menu and select Wireless & Networks:

Select Mobile Networks and then Network Mode:

Change the selection from Auto to GSM only.

Revert the change to return to automatic mode.

For details on how to perform a manual network roam on the Android platform, read this article - http://blog.brightpointuk.co.uk/performing-manual-roam-android

Setting an iPhone to 2G only mode

UPDATE - this article does not apply to the iPhone 4S: the option to disable 3G is not present.

Should you be in an area of only intermittent or poor 3G coverage, you may wish to set your phone to 2G only mode to experience a better service until you are next in a better coverage area.

To do this, launch the Settings and select General

Setting an iPhone to 2G only mode

Select Network

Setting an iPhone to 2G only mode

Set the option to Enable 3G to Off:

Setting an iPhone to 2G only mode

Revert the change to return to automatic mode.

For information on how to perform a manual network roam on the iPhone, view this article - http://blog.brightpointuk.co.uk/performing-manual-roam-apple-iphone

Troubleshooting

Troubleshooting Cellular Data Connections

Field workers today are, quite frankly, spoiled.

The devices we use to connect to the Internet while on the move are becoming increasingly faster, easier to install and easier to use. It is easy to forget to days of dial-up connections, of manually editing initialisation strings to set your device to a precious HSCSD as opposed to plain old CSD mode…of having to actually ‘make it work’.

I thought it would be worth a blog post to remind readers that even today, sometimes things just ‘go wrong’, and you may need to troubleshoot the problem before your new all-singing, all-dancing device will connect you to the Internet.

In the event of everything not going according to plan, there are 3 main areas that could be the cause of the problem:

  • Hardware
  • Software
  • Mobile Network


Hardware

In this article I will look solely at PC cards and USB devices. Whilst Bluetooth and Infrared connections are still used, the limitations of the inter-device connection speed render them arguably unsuitable for today’s data rates, after the ‘data overhead’ of encryption and error correction is taken into account.

Before I look at how hardware installation problems are identified and resolved, it is perhaps necessary to first briefly go over how current PC hardware “hangs together”.

For the purposes of troubleshooting new plug and play hardware, suffice it to say, and this is a vastly oversimplified description, that a PC, consists of a processor (CPU or Central Processing Unit), a BIOS (Binary Input Output System), a data bus, some memory and some expansion ports.

The “heart” of the PC is the processor, which receives commands from the various input devices connected to the PC (keyboard, mouse, etc) and returns responses to the output devices (monitor, printer, etc). The processor is connected to the “data bus”, as are all the other devices that need to be able to communicate with the processor.

In order for the processor to “know” which device is communicating with it at any given time, each device is assigned its own “interrupt”, so that it can interrupt the processor from what it is doing and request its attention. Each processor will have a limited number of interrupts available. The information regarding which interrupt is used by which device is held in the BIOS, which is accessed when the PC is turned on, or “booted”. Having more than one device configured to use the same interrupt can cause devices to malfunction.

When installing new devices, it is imperative that you read the manufacturer’s documentation before proceeding. In all cases, if a device comes with a CD you should insert the CD into the PC before inserting the new hardware!

When the new hardware is inserted, Windows will normally indicate that it has detected the new hardware by displaying an icon in the system tray, and will also indicate when the installation process has completed.

As a rule of thumb, even if not prompted to do so by the manufacturer’s installation wizard, it is always a good idea to restart the PC after installing new hardware.

Once installed, verify that the new hardware is installed correctly by looking in the Device Manager. On Windows XP, this is done as follows:

  • Open the Control Panel
  • Double click the System icon
  • Click on the Hardware tab
  • Click on the Device Manager button

Normally, you should not see any items with a red X or a yellow exclamation mark, and there should not be a section entitled ‘Other Devices’ (which would indicate that the operating is unable to determine what that particular element of hardware is):

Troubleshooting cellular data connections

On Windows Vista, the Device Manager is launched as follows:

  • Open the Control Panel
  • Double click the System icon
  • Click on the Device Manager link

Troubleshooting cellular data connections

Should you see any item with either a red X or a yellow exclamation mark on it, which looks like it may be related to the new hardware you’ve just tried to install, then there has been a problem during the installation. Typically, GPRS / 3G devices will install themselves as modems and network adapters.

The first step at this point would be try completely uninstalling the software via the Add/Remove Programs applet in the Control Panel, rebooting the PC, and then reinstalling it again.

Should that not resolve the problem, then it is possible that the PC does not have enough free interrupts available to install the new hardware. If this is the case then you will first need to disable another device before installing this one. Typically infrared ports, or internal 56K modems are not used, so one or even both of these could be disabled – this will need to be done in the PCs BIOS: consult the manufacturer’s documentation for your PC before changing any settings in the BIOS.

I have assumed so far that when the new hardware was inserted, Windows detected and tried to install it. If nothing happens at all, verify that, in the case of USB devices, that the USB section in the device manager is present, and listed with no errors, and similarly the PCMCIA section for datacards.

If you’re using a laptop in a docking station, try undocking the laptop and inserting the device directly into the laptop.

It is also important to note that when installing new hardware you will need administrative rights on the PC – so if you’re using a company machine you may need to get the network administrator to install it for you.

Of course, if you have checked all of the above and the device still fails to install correctly, it is possible that either the device or the PC is faulty. Try another PC if possible, if the device fails to install on that machine also, then consult the vendor.


Software

Once the new hardware is installed, the appropriate accompanying software needs to be used to initiate the Internet connection. This software may need to be configured with the correct connection settings for your network operator. You should not need to change any of the default settings, other than the Access Point Name (APN), Username and Password. The settings for the most common UK networks are as follows:

Vodafone

APN – internet

Username – web

Password – web

Orange

APN – orangeinternet

Username - (leave blank)

Password - (leave blank)

O2

APN – mobile.o2.co.uk

Username – web

Password – web

T-Mobile

APN – general.t-mobile.uk

Username - (leave blank)

Password - (leave blank)

Three

APN – three.co.uk

Username - (leave blank)

Password - (leave blank)

Provided that the correct settings have been entered, if the connection fails, make a note of the error message that is returned.

An error along the lines of ‘the answering modem failed to respond’ could mean that the APN has not been entered correctly and that the settings should be double checked.

It may also be the case that although the settings are correct, the SIM is not enabled for the service that is being accessed, and a call will need to be made to the network operator to get the service activated.

An error indicating that the modem is busy, or is already in use, could indicate an interrupt conflict, or could mean that another application is running that is trying to access the device – fax software which has been configured to automatically answer incoming faxes can cause this. For USB devices, try to disable any software that may be set to monitor USB connections – synchronisation software for a PDA, imaging software for a scanner, USB printer management software, for example.

Should everything appear to be configured correctly, but the connection still fails, it is time to roll up your sleeves, as it were.

Close the software for the mobile device.

Launch an application called HyperTerminal.

Depending on which version of Windows you are running, this application lies in a different place in the Start menu, so it is easier to launch it by clicking on Start and selecting Run. In the Run dialogue, type in:

hypertrm.exe

and press enter. This will launch the HyperTerminal application. If this is the first time you are running the application, you may be prompted to set the program as the default Telnet application, just click OK. You may also be prompted to complete your telephone number details, just complete the area code field and click OK.

HyperTerminal will now launch, and you will be prompted to enter a name for the session. Just type in ‘Test’ and click OK.

You will now be prompted to enter a telephone number, just enter 0. You will also be prompted to select a connection device, here it is vital that you select the GPR / 3G modem that you wish to troubleshoot. Click OK.

On the next screen you will be prompted to Dial, DO NOT dial, just click Cancel.

You will now be presented with a blank screen and a flashing cursor.

It is now possible to issue what are known as “AT” commands to the device (so called because they all begin with the letters AT). Type in the following commands to ascertain the status of the device:

AT (enter)

Should return OK. If you are not able to see what you are typing on the screen, type in

ATE1 (enter)

This should return OK, and will turn on the ‘echo’ so that you can now see what you type on the screen.

Typing in

AT+COPS? (enter)

Should return the network operator. NOTE - if this command returns an error, it may be necessary to activate the radio on the device. This can be done by entering

AT+CFUN=1

Which should return OK after a few moments. Now trying issuing AT+COPS? again. Should you still not be registered with the network operator, it may be necessary to enter a PIN code to enable the SIM card. This can be checked by typing

AT+CPIN?  (enter)

This will return whether or not the SIM requires a PIN code

+CPIN: READY

indicates that a PIN code is required. To enter a PIN code type

AT+CPIN=xxxx

(where xxxx is your 4-digit PIN)

+CPIN: SIM PIN

indicates that there is no PIN code required

+CPIN: error

indicates that the SIM cannot be read

If the device does not require a PIN to unlock it, and still does not register on the network, it may be that the device is locked to a particular network and cannot be used with your SIM card. This can be checked by typing:

AT+CLCK=”PN”,2  (enter)

This will return whether the device is network-locked or not:

0 – unlocked

1 – locked

If the device does not require a PIN, and is not network-locked, and yet still does not register with a network operator, then you can query the registration status of the device by typing:

AT+CGREG? (enter)

This will return the network registration status:

0 - not registered, not searching

1 - registered, home network

2 - not registered, searching

3 - registration denied by network

4 - unknown

A response of 0 would indicate that the device tried to find a network but was unable to. This might indicate a faulty aerial on the device, or a lack of available signal.

A response of 1 would indicate that the device believes that it is registered.

A response of 2 would indicate that the device is still searching for a network. This might mean that you simply need to be patient, or may mean that there is insufficient signal available.

A response of 3 would indicate that either the device or the SIM has been ‘blacklisted’ by the network. This could indicate that the device is stolen, the bill has not been paid, etc. In any case, a call should be made to the network operator to establish why.

Provided that the device is registered on the network, it is possible that the device is registered for voice communications, but not for data. This can be verified by typing:

AT+CGATT? (enter)

This will return whether the card is attached to the packet data network or not

0 - detached

1 - attached

It is possible force a connection to the data network by typing:

AT+CGATT=1 (enter)

Provided that you are registered on the network and are attached to the packet data network, you can then enter the APN of your network provider. This is done by typing:

AT+CGDCONT=1,”IP”,”APN”  (enter)

(where APN is the Access Point Name for the network operator, as defined above)

This will return OK (Note – IP needs to be capital letters for most devices)

Once the APN has been defined, it is now possible to initiate the connection. This is done by typing:

ATD*99# (enter)

The device will now connect to the Internet. If you see the word CONNECT in the Terminal window, then the connection has been established.

If the connection fails then it is possible that the SIM card is not enabled for the service that is being accessed and you will need to contact your network operator to get the service activated.

If you have run through all of the above, and are able to connect to the Internet, but once connected you are not able to view any web pages, or send and receive email, then it is possible that DNS server settings need to be configured.

DNS is the Domain Name System and is responsible for converting the “friendly” names of web addresses (www.bbc.co.uk, for example), which are meaningless to computers, to their corresponding IP addresses (212.58.251.195), which they do understand. If the PC is not able to contact a DNS server, it will not be able to resolve the web addresses that you enter.

A DNS issue is easy to identify: if entering www.bbc.co.uk into a web browser does not display the BBC Homepage, but yet entering 212.58.251.195 does, then it is a DNS issue.

Similarly, for email issues, if you are not able to send or receive email, try substituting the “friendly” name of the email server for its IP address.

The IP address of a server can be identified (on a PC which IS able to contact a DNS server), as follows:

  • Click on Start and select Run
  • In the Run dialogue, type in CMD and press Enter
  • A Command Window will be displayed. At the prompt, type in:
  • ping www.bbc.co.uk (enter) (where www.bbc.co.uk is the server address you wish to resolve).

The IP address will be returned:

Troubleshooting cellular data connections

It is not normally necessary to manually configure DNS server settings, but should you identify that this is the problem, then your network provider will need to provide you with the correct settings to use. Alternately, Google now provides an external DNS service:

8.8.8.8
8.8.4.4

These addresses will need to be entered within the manufacturer’s connection software.


Mobile Network

If you have run through all of the above troubleshooting and both the device and SIM appear to be working correctly, then it is possible that there is a fault with the mobile network, or for some reason your account has been altered by the vagaries of the customer service department. In either case, a call to the network will be necessary!


Addendum

If you are experiencing an issue whereby you are connected to the Internet and can browse web pages, and are able to receive emails, but are not able to send emails, it is likely that you will need to change the SMTP server address in your email application.

If you use a POP/SMTP-based email solution rather than an Exchange or Domino-based solution, most SMTP servers are configured to only allow emails to be sent through them from a known list of IP addresses, to prevent SPAM. You may well be able to send emails from home via your broadband connection, but not when connected to the Internet via your mobile network provider.

In this situation you will need to create a new mail profile (or edit your existing one if you are willing to each time you need to), and set the SMTP server address to the SMTP server provided by your network provider - if they have one (most do, if they do not I would advise moving provider). Customer services will be able to provide this information.

Troubleshooting Email Connections

If you are unable to send or receive emails for any reason, there are 5 main areas to look at:

  • Software configuration
  • DNS
  • Firewall
  • Server issues
  • Mobile network operator


Software configuration

There are 4 principle different types of email account:

  • POP
  • IMAP
  • HTTP
  • Exchange

There are other types which also warrant mentioning: where I have listed Exchange, there are other equally ubiquitous email products available, such as Lotus Domino or Novell Groupwise. This article will only look at Microsoft Exchange as being the most popular, but the same troubleshooting techniques apply to the other products.

POP is the Post Office Protocol, often referred to as POP3 as it is now in its third version. Using POP, emails are stored on a central server in an individual mailbox. A POP client will download any mails that are waiting in the mailbox and, once downloaded will usually then delete the mails from the server. POP is the original "remote access" mail protocol and is limited in its functionality. The user is not able to view mails until they have been downloaded to the client, and the mail will not be removed from the server until it has been fully downloaded.

POP is only a mail retrieval protocol: it cannot be used to send email; mails are sent using a different protocol - SMTP (Simple Mail Transfer Protocol).

When creating a POP email account, most email client software will require at the very least 4 pieces of information:

  • Username
  • Password
  • Incoming Mail Server (POP Server)
  • Outgoing Mail Server (SMTP Server)

The software will also require other information such as your name and your email address, but it is only these 4 pieces of information that are necessary for the correct functioning of the POP account:

Troubleshooting email problems

IMAP is the Internet Message Access Protocol (also referred to as the Internet Mail Access Protocol), and is currently in version 4, so is referred to as IMAP4.

Using IMAP, users can access mails on the server directly, without having to first download them before being able to view them. As with POP, IMAP can only be used to retrieve mail, mail is sent using SMTP.

Setting up an IMAP account requires the same information as a POP account, with the only difference that the Incoming Mail Server needs to be set to the address of the IMAP server rather than a POP server.

HTTP mail accounts are those mail accounts that are typically access through a web browser, such as Hotmail (or Windows Live, or whatever latest name change the service has undergone by the time this article is being read!). HTTP is the HyperText Transfer Protocol, the protocol used by the World Wide Web to retrieve web pages across the Internet. Typically, when setting up an HTTP mail account, the service will be listed explicitly (thus Hotmail will be listed as "Hotmail" rather than just plain "HTTP Mail", the following information is required:

  • Email address
  • Username
  • Password

Troubleshooting email problems

Exchange (or corporate, in-house server-based mail platforms) can be set up by the company's IT department, but are not complicated to configure in terms of the amount of settings required. Typically a connection will need:

  • Server address
  • Username
  • Password
  • Domain

Troubleshooting email problems

When setting up a connection to Exchange, provided that you are running Exchange 2003 or later, it is possible to configure Outlook (and other mail clients, such as Entourage for MacOS), to access the Exchange Server via HTTP (or HTTPS, depending on how the server has been configured). Normally, the server address in this scenario is the same address as that used for Outlook Web Access (OWA), ie logging into your mailbox via a web browser.


DNS

Should all of the account settings be correct, and you receive an error message along the lines of "the mail server could not be reached" when trying to send or receive email, it could be a DNS issue. As we looked at last week, DNS is the Domain Name System and is the technology by which "friendly" names of web sites and mail servers (such as www.bbc.co.uk), which means absolutely nothing to a computer, is converted to an IP address (such as 212.58.251.195). Should a DNS server not be available to the PC, or be misconfigured, then the PC will not be able to "resolve" the address of the mail server. In this case, it is necessary to either adjust the DNS server settings, or enter the IP address of the mail server in the email client rather than the friendly name so that a DNS server is not required.

Below are the addresses of two DNS servers I have found to be useful in the past:

195.129.12.115
158.43.128.72

You can find out the IP address of a mail server (on a PC that has DNS configured correctly), by opening a command window and typing in:

ping (server address)

The IP address of the mail server will be returned:

Troubleshooting email problems

Enter this information in the account settings of the email software, replacing the "friendly" name.


Firewall

Provided that all of the settings are correct, and DNS is able to resolve the name of the mail server to its IP address without issue, if you are still not able to reach the mail server, then it may be a firewall configuration problem. The following ports need to be open on the firewall for email to function correctly:

  • POP - 110
  • IMAP - 143
  • SMTP - 25
  • HTTP - 80
  • HTTPS - 443


Server Issues

Should all of the above not be the cause of the problem, then it is time to "roll up the sleeves" and troubleshoot the authentication and mail submission process with the email server directly, at the command level. I will look at troubleshooting the POP and SMTP protocols as the most common.

POP

Open up a command window on your PC and establish a Telnet connection to the mail server. To do this, in the command window, type in:

telnet (server address) 110

(where is the name or IP address of the POP server):

The server will indicate that it is ready by returning an OK response:

Troubleshooting email problems

You can now send your username to the server by issuing this command:

USER SP (username)

Troubleshooting email problems

You will now be prompted to enter your password, the command to do this is:

PASS SP (password)

An OK response indicates that you are now successfully logged in.

If you do not get the prompts listed above then again verify the DNS and firewall configuration, or contact your service provider as the server may not be available, you may be using the incorrect username or password or your account may have been disabled for some reason.

IMPORTANT - it is important to be aware that logging into a POP server via a Telnet session sends your password to the mail server in plain text, without encryption. In the unlikely event that your session was intercepted, the "hacker" would be able to see your password as it was typed in.

Once logged in, you can query the mailbox. The following command will return the number of messages in the mailbox and the total size of them:

STAT

The response will be in the form:

+OK n xxxx

(where x is the number of messages and xxxx is the size on bytes)

To display information on individual messages, use the LIST command:

LIST SP

The response will display the individual messages in the mailbox, the unique message identifier (UID) and its size.

To retrieve an individual message, use the following command:

RETR SP (message number)

(where the message number is the UID value returned by the LIST command)

This will cause the entire message to be downloaded to the client. Once downloaded, to delete the message, use the following command:

DELE SP (message number)

SMTP

Open up a command window and establish a telnet session with the mail server. To do this, use the following command:

telnet (server address) 25

(where server address is the name or IP address of the email server)

The server will respond and indicate that it is ready and waiting for the next command (SMTP code 220):

Troubleshooting email problems

Now you will need to indicate the domain that you wish to send an email from. Use the following command:

helo (domain)

The server will respond with an SMTP code 250, indicating that it is ready and waiting for the next command. You will now need to enter the email address that you are using to send the message. Use the following command:

mail from:(sender_email_address)

The server will respond with an SMTP code 250, indicating that it is ready and waiting for the next command. You will now need to enter the email address that you wish to send a message to. Use the following command:

rcpt to:(recipient_email_address)

The server will respond with an SMTP code 250, indicating that it is ready and waiting for the next command. You can now type in the text of the message you wish to send. Issue the following command, followed by the text of the message:

data
(body of message)

When you have finished typing the text of the message, press Enter, then type in a single "." followed by Enter:

Troubleshooting email problems

You will be notified that the message has been queued for submission.

After a few moments the email will be delivered:

Troubleshooting email problems

SMTP is the protocol by which most email platforms exchange mail: the POP and IMAP protocols are reserved for mail retrieval. The above troubleshooting procedure can be applied to any SMTP-compliant mail server. If you are unsure as to what server address to use when troubleshooting an SMTP-related mail issue, then you can find out using the nslookup command:

Open a command window and type in:

nslookup

The command prompt will change. Now set the query type to MX (Mail eXchange):

set type=mx

Now type in the domain that you wish to query, for example:

devicewire.com

The mx record details for the domain will be returned:

Troubleshooting email problems


Troubleshooting Exchange Connections

There are several different ways of connecting to an Exchange Server:

"locally" via a MAPI connection (either via a LAN or VPN connection)

Over the Internet via na HTTP or HTTPS connection

Via a web browser using Outlook Web Access

(or, of course, Exchange also supports POP and IMAP connections)

It is beyond the scope of this article to go into the vagaries of troubleshooting VPN connections, but if you are using an HTTP(S) connection from a mail client, such as Outlook, to retrieve email, then the server address to use is the same as that used for Outlook Web Access (indeed, this means of retrieving mail is effectively a Server ActiveSync connection, the same protocol that Windows Mobile PDAs use to "push" email from Exchange). Should the connection not be successful, try opening a web browser and entering the same server address. Should the page not be displayed again verify DNS. If you are unable to login then verify account information.


Mobile Network Operator

It is important to be aware of SMTP relaying restrictions. To try to combat SPAM (unsolicited emails), most SMTP servers are not simply open to the Internet at large, allowing anyone to send email messages through them: instead they are firewalled to only accept emails from specified IP addresses. Therefore, to send an email via Tiscali's SMTP server, you would have to be connected to the Internet using a Tiscali connection.

When users change their method of connecting to the Internet, quite often they will find that they can receive emails, but are no longer able to send them.

Thus, when at home, or in the office, email will function correctly. But when out of the office, connected to the Internet via a 3G connection, it may be necessary to edit the email account settings and change the SMTP mail server address (as Tiscali's SMTP server will not allow mail relaying from the IP address you will have been given by the mobile network operator).

Your network operator will be able to provide you with the details of the correct server address to use, here are a few:

Orange - smtp.orange.net

O2 - mail.o2.co.uk

Vodafone - send.vodafone.net / mail.vodafone.co.uk

Three - smtp.three.co.uk

Troubleshooting Fax Connections

Sending and receiving faxes over a cellular connection is rapidly becoming a 'black art' as more and more MNOs either drop support for "mobile-originate" or "mobile-terminate" fax altogether, or forget to train their customer services staff on the network's fax capabilities.

In order to use your mobile phone, datacard, USB modem (in conjunction with a PC fax application) or embedded cellular fax device (such as the Possio device range http://www.possio.com) to send and receive faxes, you will need to have your SIM card enabled for fax service with the operator. There is usually no cost to have this done, but it is something you will have to specifically request from the operator as it is not enabled by default.

When you are enabled for fax service, you should be assigned an additional telephone number, distinct from that SIM's voice number. It is this number that people who wish to send you a fax should dial: the distinct number lets the receiving device know that it should expect a fax call on that number rather than a regular voice call.

Sending faxes

If you are unable to send faxes, the most common problem is that either you have not been enabled for fax by your operator, or your device simply does not support fax at all.

To verify either of these, the best tool to use on a Windows PC is HyperTerminal, which is included as part of the operating system. Other platforms will most likely have a suitable terminal application - consult the documentation.

HyperTerminal can be launched by running 'hypertrm.exe' from the Run dialogue on the Start Menu.
When running HyperTerminal for the very first time, you may be prompted to enter telephony dialing properties such as your local area code - enter anything, it is not important for our troubleshooting purposes.

Enter a name for the session, 'Test' will do.

You will be prompted to enter a telephone number, enter 0

You will also be prompted to select a connection device from a drop-down menu. Here you should select your cellular data device. If your device is not listed it may be because either that it is not installed correctly (in which case you should resolve that issue first) or that your device is not 'presented' to Windows as a modem, but a network adapter - in which case it will not be compatible with your fax application.

Provided that your device is listed, select it and click Next. On the next screen you will be prompted to Dial. DO NOT click dial, simply click Cancel.

You will now be presented with a blank screen with a flashing cursor - you have established a terminal session with your modem.

Verify that you can communicate with your modem by typing in:

AT (enter)

You should hopefully receive an 'OK' response.

Now verify that you are indeed 'talking' to the correct device by typing in:

ATI (enter)

You should receive details of the device including manufacturer and model number. If you receive details of the PC's other modem devices then you inadvertently selected the wrong device earlier, you should close HyperTerminal and start again.

Provided that you are indeed talking to the cellular device, verify that the device is registered on the mobile network and has a decent signal strength:

AT+COPS? (enter)

Should return the name or 5-digit "SID" of the network operator.

To verify that your device supports fax at all, type in:

AT+FCLASS? (enter)

You should hopefully see something along the lines of:

+FCLASS=0,1,2,2.0

Which indicates that your device does indeed support fax. If you see only:

+FCLASS=0

Then that would indicate that your device is not fax-capable.

Provided that your device is fax-capable, set the device to fax mode by entering:

AT+FCLASS=2 (enter)

Now try dialling another fax device by entering:

ATDxxxxxxxx (enter)

where xxxxxxx is the number to be dialled.

If your device immediately returns a response of 

"NO CARRIER"

then your SIM card is not fax-enabled by the operator.

If you see a response from the receiving fax machine (which will consist of the name and number of the answering machine) then you have successfully established a fax connection.

Should the above troubleshooting indicate that your device is fax capable, but you cannot send faxes from within your fax application, verify that the number entered is correct (and that the fax application is not adding any area code or other dialling digits itself) and also that the fax application is configured to use the correct modem device rather than an internal device.

Receiving Faxes

Receiving faxes is a lot more complicated than sending faxes over a cellular connection. Even if you have no intention of sending a fax from your device, but only want to receive faxes, when troubleshooting fax reception issues, you should always verify that you can send faxes first using the above troubleshooting procedure as any failures will indicate where the problem lies clearer than troubleshooting the other way around.

Provided that you can send faxes successfully, you are enabled for fax. Receiving faxes requires that your SIM card be assigned an incoming fax number, distinct from the voice number, as mentioned above.
When troubleshooting fax reception, you should first ring the fax number and make sure that it is in service. You should also try ringing the number when your device is not powered on: if the call is still answered and you hear fax tones, then the network operator has assigned you a "fax mailbox" rather than a direct incoming fax line to your SIM.
Provided that your device appears to be fax-enabled, but when dialling the number your device rings but the fax application never answers the call, ensure that the fax application iss et to 'auto-answer' and that it is set to monitor the correct modem device for incoming faxes - this is often configured separately from the sending options.

If you do not have a fax application, but you wish to verify that your SIM and device can receive faxes, you can use HyperTerminal. HyperTerminal will not receive the fax as it is merely a terminal application, but it will answer the call and prove the functionality.

Start a HyperTerminal session to your device using the instructions above.

Once connected, set the device to fax mode with the command:

AT+FCLASS=2 (enter)

Now set the device to wait for an incoming call answr after 2 rings with the command:

ATS0=2 (enter)

Now try sending your device a fax on its incoming fax number.

Hopefully you should see HyperTerminal answer the call and display the information of the sending fax device.
If HyperTerminal does not answer the call, but does indicate that a call is incoming (by displaying "RING" on the screen), then that would indicate that the device is not recognising the call as a fax call, which might indicate that the mobile operator has not assigned a fax line, but rather either an additional voice line or a data line. This should be addressed with the mobile operator.

Configuring Windows XP Fax software

Open the Control Panel and double click on the icon for Printers and Faxes

If Faxing has not been previously configured you will see an option to Set up Faxing on the top left hand corner of the screen. You may be prompted for the Windows XP CD to install the necessary software.

If faxing has been configured you will see a Fax printer listed:

Troubleshooting fax connections

To configure faxing, right click on the icon for the Fax printer and select Properties

Click on the Devices tab

Troubleshooting fax connections

A list of installed modems will be displayed.

The fax software does not allow much configuration. Modems can either be enabled or disabled to send or receive faxes.

To configure a device highlight the appropriate modem and click on Properties

Troubleshooting fax connections

To enable sending on a device tick the option to Enable device to send

To enable receiving on a device click on the Receive tab and tick the option to Enable device to receive

Troubleshooting fax connections

You will have the option to receive faxes manually, or automatically after x amount of rings.

Click OK

To enable automatic reception of faxes click on the Tracking tab

Troubleshooting fax connections

Ensure that monitoring is enabled on the correct modem

Note – if monitoring is enabled, this may render the modem unusable by other applications.

Troubleshooting Fixed Cellular Terminals

Fixed Cellular Terminals (FCTs), are devices typically used with private telephone systems for least-cost routing purposes. Essentially a mobile phone, these devices can be connected to a trunk port on a PBX to route calls made from desk extensions to mobile numbers over the cellular network rather than via the landline provider, a mobile-to-mobile call being cheaper than a landline-to-mobile call.

Digicom 2G GSM FCT

These devices can also be used to provide voice and fax telephone services in remote or temporary locations where fixed line services may be costly or not required, such as a port-a-cabin on a building site.

When troubleshooting PBX connectivity or routing issues, the PBX should be addressed last - firstly verify that the FCT itself is working correctly. People are typically confused by these devices but when troubleshooting them it is important to treat them exactly like a mobile phone and not to forget the basics.


LEDs

What are the lights on the unit doing? Unlike a phone these devices do not typically have screens so you cannot tell at a glance what they are doing, you will need to note down the LED sequence and consult the user manual to see what that means. Check the following:

  • the SIM is inserted correctly
  • the device is receiving adequate signal
  • the device is registered with the mobile network
  • the SIM is live

The easiest way to verify that the FCT itself is working correctly is to connect an analogue handset (ie, a desktop phone) directly into the unit and verify that you both receive a dial tone and can place a call successfully. If you receive any sort of recorded message from the operator then you should pay attention to what it says and if necessary contact customer services.


Connectivity

Provided that a connected handset works correctly, verify that the FCT has been connected to the PBX correctly. The vast majority of devices only work in trunk mode: it is not possible to connect the unit to an extension port and assign the unit an extension number. Rather devices must be connected to an analogue extension ports and routing entry created to pas all numbers beginning "07xxx" via that trunk.


Call Termination

One area that can sometimes require additional configuration is that of call termination - situations can arise whereby one call can be placed through the FCT successfully, but following the termination of that call, the trunk is then available for a following 30 seconds or so following the termination of that call - meaning that no subsequent calls can be routed over that trunk until it then becomes available again. This is typically caused by the fact that the FCT is not receiving or is not correctly interpreting the termination command being sent by the PBX.
PBXs are typically configured to signal the termination of a call either by reversing the polarity of the circuit, or by sending a specific tone. If calls are not being closed correctly, then the precise configuration of what the PBX is sending needs to be ascertained, and then determined whether or not that is supported by the FCT.


Other problems and solutions

Typically FCTs live in server rooms or comms cabinets and are not checked on a regular basis. Should a device suddenly no longer route calls or provide a dial tone, check the LEDs on the unit. If a unit has been receiving SMS messages (spam messages, wrong numbers or network marketing updates) and these have not been being cleared down, should the internal memory on the unit fill up, the unit will no longer be able to place calls until these messages are deleted. This usually involves connecting a phone to the unit and entering a system command on the keypad.

Troubleshooting Mobile VPN Connections

Establishing a virtual private network (VPN) connection from a cellular device can be quite a complicated affair and when troubleshooting issues it is necessary to understand what is happening in the background to be able to identify what might be going wrong.


A crash course on VPN technologies

VPN technology is used to extend private networks beyond the boundaries of their physical cabling – to grant remote users access to local network resources by 'fooling' the network into believing that the remote client is connected locally. This is accomplished by 'encapsulating' the data packets generated by the client – that is to say, the client generates a request for a local resource, and that request ‘packet’ is then ‘wrapped up’ in a larger packet with the necessary information to enable the request to be routed over the Internet. At the VPN server, the Internet addressing information is removed and the ‘local’ packet delivered to the local network resource. The process is then repeated in reverse to deliver the response from the local network back to the remote client. This process of encapsulating packets with 'local' addresses into larger packets with 'routable' addresses so that they can cross the Internet is known as tunneling.
Because the packets are traversing the Internet to get to their destination, and could potentially be intercepted on their route to the destination, the contents of the packet are encrypted for security.

There are three principle protocols employed by VPN products:

  • PPTP – Point to Point Tunneling Protocol
  • L2TP – Layer 2 Tunneling Protocol
  • IPSec – Internet Protocol Security

Each of these protocols essentially works in the same way: a packet is created with a source and destination address on the local network. That packet is then encrypted so that it cannot be read by any party that does not have the required decryption key. The encrypted packet then has the host’s Internet source address added and the external IP address of the VPN server is set as the destination.

PPTP is the oldest of the three protocols and provides security by encrypting data, but does not provide any means of verifying the identity of the sender or verifying whether the data may have been modified en route.
L2TP addresses this limitation by signing each packet with a digital certificate and adding a “hash” value or “message digest” to each packet. Essentially this involves performing a mathematical function on the data stored in the packet using the key contained in the certificate, and saving the result of that function. If the data is altered en route, when the receiving machine performs the same calculation, the resulting value will not match the original and the packet will be discarded and a request issued for a new copy.
IPSec, the commonest form of VPN protocol in use today, goes further and adds a message digest to the addressing “header” as well as just the data. This means that should your packet be intercepted en route and a hacker attempt to substitute your source address with their own (so that the VPN server then replies to them rather than you), the hash value on the address header will not match and the authentication process will fail.

This last detail is important and has implications on the ability of cellular devices to establish IPSec-based VPN connections.


Network Address Translation (NAT)

When a mobile device registers with the mobile operator using the normal ‘public’ APN (Access Point Name), it will be assigned a private IP address, normally in the range 10.x.x.x
Due to limitations of the IPv4 addressing scheme, there are not sufficient addresses available for all connected devices to have a ‘public’ IP address. Instead, connected networks typically have a single Internet-facing device with a public address and any devices that sit ‘behind’ that ‘gateway’ have private addresses. When a particular private device needs to connect to the Internet, it issues a request to the gateway using its local IP address. At the gateway, this request is edited, with the local address being substituted for the public address, and the request is then sent on its way across the Internet. The machine on the Internet, be it a web server or whatever, sends the desired response to the Internet address of the gateway, which receives it and then forwards it onto the private address of the local machine.
The process of editing the source address of a IP header is known as Network Address Translation.

A mobile network operator works in exactly the same way, and will assign connected client devices local addresses, performing NAT on all requests that are passed onto the Internet.

A moment ago we saw that the IPSec VPN protocol will perform a check on the IP header of a packet so that the VPN server can verify that the packet has not been altered en route. When the VPN packet passes through the NAT gateway, it will have its source address rewritten, substituting the local address with the external address of the gateway. Although this is not a malicious act, it will effectively cause the IP header check value to no longer match, and the VPN server will refuse to accept the packets, believing them to have been modified – which of course they have been.

This is a common cause for VPN connection issues when using the IPSec protocol from cellular devices.
There are a number of resolutions to this problem.

  • Use a public IP address: most network operators provide the ability to use a public IP address rather than a private one, that will not undergo any NAT and therefore not be subject to this issue. In most cases this is simply a question of connecting to an alternate APN rather than the default, such as ‘vpn.o2.co.uk’ in the case of O2, rather than the standard ‘mobile.o2.co.uk’. Contact your network operator for more information.
  • If your network operator does not provide a public IP address, then it is possible to get around this issue. Most modern implementations of IPSec provide for what is called ‘NAT Traversal’. Essentially this involves creating the VPN packet using the UDP transport protocol rather than TCP. UDP does not use source IP addresses when creating the data packet, only a destination address. Therefore a UDP packet can pass through a NAT gateway as there is nothing to re-write. Check within the configuration of your VPN software whether there is an option to use UDP mode, or NAT-T mode.
  • Alternatively, if neither of these are an option, verify whether your IPSec VPN can be run in tunnel-only mode rather than authentication mode. This will mean that the VPN software does not verify the integrity of the header information, which is defeating the object of having an IPSec VPN in the first place, but is an option nonetheless.
  • Finally, if none of the above are possible, then it may be necessary to use a different VPN mechanism rather than IPSec – an SSH or SSL-based VPN may be option, such as OpenVPN.


Addressing Schemes

When configuring a VPN server, it is important to remember that once authenticated, your client device will then need to be assigned an IP address on the local network in order to be able to communicate with other network resources, ideally via DHCP – it is surprising how many times this is overlooked. It is also important to use a suitable address range.
For your VPN solution to work, the client will need to recognise the remote resource being requested as residing on a network ‘behind’ the VPN server.
The majority of mobile network operators will assign connected clients an IP address in the range 10.x.x.x or 172.16.x.x (or potentially 192.168.x.x).
Therefore, if you have connected to your provider’s 3G service and have been assigned an address of, say, 10.10.0.24, you may be able to connect to your VPN server, but if you then request a connection to a server on the remote network with an address of 10.10.0.89, the client device will not know to route the request over the VPN link but will look for it on the local network.
Your internal network should therefore ideally use an addressing scheme that is suitably unlikely to be in use elsewhere.
Once connected, the VPN client will be assigned an IP address on the remote network. Similarly, in order for the remote resource to be able to reply to requests from the VPN client, the address used by the client also needs to be ‘behind’ the VPN server so that local network resources know to route responses accordingly.
The necessary routes will need to be added to the local network resources: either each machine will need a route added to it to direct requests to the VPN network to the IP address of the VPN server, or (preferably) add a route on the default gateway of the internal network.


Troubleshooting

Should your VPN connection not be established successfully from your client device, there are a number of things to check.

Firstly check the basics – are you definitely connected to the Internet and able to browse web pages? If not, address that issue first as until you can connect to the Internet you won’t be able to contact the VPN server.

If you can connect to the Internet, but cannot contact the VPN server, it may be a DNS issue. If your VPN client is configured with a name (eg vpn.domain.com), try connecting to the external IP address of the server instead.

Always check the log files, both on the client and on the server. If you receive errors relating to Security Association, or SA, failures, then it may be related to the IP address issue I looked at earlier.

Firewalls. If the VPN server sits behind a firewall, ensure that the correct ports are open – consult the documentation of your VPN server appliance. If using IPSec in UDP mode, the following ports will need to be open:

UDP 500 (IKE)
UDP 4500 (ISAKMP)

If you are able to connect to the VPN successfully, but once connected you are not able to connect to any resources, it may be an addressing or routing issue – verify that the IP address assigned to the VPN adapter does not conflict with the address assigned to the device by the mobile operator, and with your administrator that the necessary routing is configured on the local network.

If all fails, ring tech support!

What do you need from your mobile operator to set up a VPN connection?

I have written before about troubleshooting VPN connections from mobile devices should you experience problems (http://blog.brightpointuk.co.uk/troubleshooting-mobile-vpn-connections), but it has cropped up a number of times recently so I thought another post might help to better understand what the options are in terms of operator services and which is right for you based on your VPN infrastructure.

A VPN is a Virtual Private Network. People often believe a VPN is a more secure means of connecting to the Internet. VPN technology can be used to accomplish this, but typically it’s actually more basic: the point of a virtual private network is simply to provide remote access. Security is obviously a concern, but this is a feature, not the main objective when used in this scenario. VPNs extend the boundaries of a local network to remote machines by fooling the local network into believing remote machines are connecting locally by creating a virtual network connection over the Internet.

To use a typical example, field workers have a VPN client that when connected effectively puts their laptop on the corporate network regardless of where they are geographically and allows them to connect to the 'Shared' drive (or any network resource) as if they were at their desk. Yes it’s much slower, but remember you’re having to send your requests over a cellular Internet connection (measured in 100s of Kbps) rather than over the Gigabit LAN infrastructure in the office (measured in 1000s of Mbps).

When a VPN client is installed on a PC, it adds a new network adapter to the PC – a virtual adapter. Network adapters are such things as your Ethernet port (where you plug your network cable) or your WiFi card. A virtual network adapter is a piece of software that acts as a physical device and appears to the operating system as a real device.
When you connect to the VPN, the VPN server will push down a number of ‘routes’ to your computer, so that the PC knows to send normal traffic to www.google.com over the Internet via either your Ethernet or WiFi device, but to send anything for xxx.mycompany.com over the virtual adapter (and therefore to the VPN server and onward to the internal corporate network). The virtual adapter STILL USES the existing physical adapter to send traffic over your Internet connection, but it does clever stuff in the background to ‘wrap up’ traffic before sending it over the Internet to the VPN server via the ‘real’ adapter.

With me so far?

Before I can explain how VPNs work, we need to cover off how the Internet works – very basically. The Internet uses the Internet Protocol: IP.
Currently most of the Internet uses IP version 4 (IPv4). Essentially this means all machines on the Internet are assigned an address, along the lines of 212.58.253.67
In the same way that when you send a letter to 16 Alder Hills, Parkstone, Poole, UK an Internet address can be broken down in the same way, with 67=16 Alder Hills 253=Parkstone, etc etc etc
All that IP does is handle addressing. To actually send stuff to another address from your address, you need a transport protocol: TCP is the most common – that is why you often see TCP/IP written together.

In a nutshell, TCP handles the ‘what’, IP handles the ‘where’.

On a local network, when one machine requests something from another (say you want a document from the file server), the application doing the request (let’s say ‘Word’), creates a TCP request that says “I want this file”. The TCP request is then sent to the network adapter. The network adapter will add 2 IP addresses to the TCP request: the IP address of itself, and the IP address of the target server. You now have a TCPIP ‘packet’ that can be sent to the server. At the server, the file is retrieved and sent back to the IP address that was included in the original request.

So far so good.

There are not enough addresses available in IPv4 for all machines to have an address on the Internet. This means local networks use ‘gateways’: a single machine ‘faces’ the Internet and all machines on the local network (behind the gateway) have internal addresses (that cannot be reached from the Internet unless they go through the gateway first).
When a machine on the local network requests something from the Internet, it sends the request to the gateway. At the gateway a process known as NAT (Network Address Translation) happens. THIS IS VERY IMPORTANT.
What this means is that your PC has created a packet with its own address and the address of, say, the BBC web site. If the BBC web site receives this packet it won’t be able to send anything back because the source address is an internal address which it doesn’t know what to do with. Therefore, at the gateway, what NAT does is to REMOVE the address of your machine and ADD its own Internet address. The BBC sends the web site back to the gateway address. NAT then happens again but in reverse. The gateway’s own address is removed and the internal address of your machine added back in again, and the web page is sent back to your machine on the local network.

Now it starts to get a bit tricky.

There are 3 VPN technologies in common use: PPTP, L2TP and IPSec.

PPTP is the simplest and essentially just requires that you enter a username and password to connect. This is weak from a security point of view as anyone who gets your password can log in as you.

L2TP improves on this by requiring that you have a certificate installed on your machine as well as knowing the username and password. Therefore even if someone knows your password, they can only log in as you from a machine that has the correct certificate installed. These are also referred to as SSL-based VPNs. OpenVPN is an example of an SSL-based VPN.

IPSec goes even further and requires both a certificate and a password, but also generates a ‘digital hash’ based on your IP address. By that I mean that when the VPN TCPIP packet is created, before it is sent, the IP ‘header’ (containing both the source and destination addresses) is run through the certificate and a number stored within the packet. At the receiving end, the number is then checked against the IP header information on the received packet. This means that should someone have your password and certificate but try to ‘pretend’ to be connecting from an IP address other than their own (ie yours), the connection will fail. This is a security measure and is entirely deliberate...but it does have important repercussions on mobile connections.

Mobile networks can be treated as local networks. Yes they are physically huge and cover many geographical miles, but from a logical networking perspective all mobile devices are on a local network behind a gateway. In this case the gateway is the APN – the Access Point Node: the access point to the Internet.
In exactly the same way as an office LAN works, mobile devices are assigned an internal address and NAT occurs at the APN when requests are made to the Internet.

But hold on...

We saw a minute ago that IPSec VPNs create a ‘check’ value on all packets based on their IP header information.
We also saw that NAT removes the source address of a client request and substitutes it for the gateway’s source address.

You guessed it – if an IPSec VPN packet passes through a NAT gateway, when it is received by the VPN server the check value will no longer match the original as the header has been altered, and the VPN connection will fail. Although no intentional foul play has occurred, the VPN server doesn’t know this and will reject the packet as having been tampered with (which of course it has been).

IPSec therefore does not play well with NAT. This is the most common reason why mobile VPNs fail.

To address this issue, most network operators offer 2 APNs: one for the public Internet, and one for corporate VPN customers. The only difference between the two is that the VPN APN offers devices public IP addresses, and therefore do not undergo NAT. Sorted. There is no cost to use this APN, but you do have to request it specifically...for all SIMs.
Excellent, we have a solution. BUT – as this is not the standard APN, any device that auto-configures itself (Nokia CS-10, Sierra Wireless 889, etc) will default to the public APN and will need to be reconfigured manually by the user to use the non-standard APN. This may not be acceptable to companies with large numbers of remote workers.

But wait, I know of companies that use an IPSec VPN and they don’t have to use a special APN. How come? Now we get REALLY geeky...

We saw earlier that TCPIP creates packets with 2 IP address: a source and destination address and it is the source address that gets substituted by NAT which breaks IPSec connections.
Although TCP is the most common form of transport protocol, there is another.
UDP is another transport protocol that actually pre-dates TCP. An older protocol, the structure of UDP packets is different and does not include the source address in the IP header, only the destination address. Therefore a UDP packet can pass through a NAT gateway without being altered, and therefore can be used successfully for an IPSec VPN from a public APN.
This is a gross simplification, but I sense I’m losing you so we’ll leave it at that!
Most decent VPN products offer in their configuration the option to use UDP as a transport mechanism as opposed to TCP, or they may refer to it as ‘NAT-T’ (for NAT Traversal). This needs to be configured on the server and the client:

Cisco VPN Client supports UDP transport mode

So what have we learnt?

Many mobile operator customer services departments, when they hear the phrase 'VPN' will have a knee-jerk reaction and tell you that you must use the VPN APN – because that is what they have been taught. That is not necessarily true.
The APN you need to use depends entirely on how your VPN server is configured. If NAT-T or UDP Transport is configured (and enabled) then you can connect from ANY Internet connection.

To summarise

If your VPN does not work over the public APN, the options are (PROVIDED IT IS A PROBLEM WITH THE VPN AND NOT SOMETHING ELSE):

  • Use the VPN APN
  • Use the public APN but enable UDP or NAT-T on the VPN server appliance
  • Use L2TP (or SSL) instead of IPSec – a common example of an SSL-based VPN solution is OpenVPN (http://blog.brightpointuk.co.uk/openvpn)

Or there is another option, which is even more geeky: IPSec is basically L2TP with another module bolted on, called ‘AH Mode’, or ‘Authentication Header’. Some IPSec VPN products enable you to turn off the AH mode and just use the L2TP bit, which they may refer to as ESP mode (for Encapsulating Security Protocol). If you have the option to disabling this feature, try that.

This has been an introduction to VPN technologies and the potential pitfalls to be aware of when establishing connections. There is more troubleshooting that can be performed - for more in-depth information about DHCP and network addressing schemes read this article - http://blog.brightpointuk.co.uk/troubleshooting-mobile-vpn-connections

UK Network Operator Service Settings


O2

WAP

APN (Contract) - wap.o2.co.uk
APN (PAYG) - payandgo.o2.co.uk
Gateway IP - 193.113.200.195
Username (Contract) - o2wap
Username (PAYG) - payandgo
Password - password
Session type - Permanent / Continuous
Authentication - Normal
Security - Off
Port Number - 8080

Internet

APN - mobile.o2.co.uk
Username - mobileweb / faster / web
Password - password

MMS
APN - wap.o2.co.uk
Port - 9201
Username - o2wap
Password - password
Server: http://mmsc.mms.o2.co.uk:8002
MMSC: http://mmsc.mms.o2.co.uk:8002
MMS proxy: 193.113.200.195

Optional
DNS - 193.113.200.200 & 193.113.200.201
SMTP Email - smtp.o2.co.uk


Vodafone

WAP

APN (Contract) - wap.vodafone.co.uk
APN (PAYG) - pp.vodafone.co.uk
Gateway IP - 212.183.137.12
Username - wap
Password - wap
Session type - Permanent / Continuous
Authentication - Normal
Security - Off
Port Number - 8799

Internet

APN (Contract) - internet
APN (PAYG) - pp.vodafone.co.uk
Username - web
Password - web

MMS
APN - wap.vodafone.co.uk
Port - 9201
Username - wap
Password - wap
Server: http://mms.vodafone.co.uk/servlets/mms/
MMSC: http://mms.vodafone.co.uk/servlets/mms/
MMS proxy: 212.183.137.12:8799

Optional
DNS - 212.183.137.12
SMTP Email - smtp.360.com (read this article - http://blog.brightpointuk.co.uk/sending-email-smtp-vodafone-uk)


Orange

WAP

APN (Contract) - orangewap
APN (PAYG) - paygwap
Gateway IP - 192.168.71.35
Username - Orange
Password - Multimedia
Session type - Permanent / Continuous
Authentication - Normal
Security - Off
Port Number - 8080 or 9201

Internet

APN - orangeinternet
Username - user
Password - pass

MMS
APN - orangemms
Port - 9201
Username - orange
Password - Multimedia
Server: http://mms.orange.co.uk/
MMSC: http://mms.orange.co.uk/
MMS proxy: 192.168.224.010

Optional
DNS - 158.43.192.1 & 158.43.128.1
SMTP Email - smtp.orange.net


T-Mobile

WAP

APN - general.t-mobile.uk
Gateway IP - 149.254.1.10
Username - user
Password - wap
Session type - Permanent / Continuous
Authentication - Normal
Security - Off
Port Number - 8080 or 9201

Internet

APN - general.t-mobile.uk
Username - n/a
Password - n/a

MMS
APN - general.t-mobile.uk
Port - 9201
Username - user
Password - one2one
Server: http://mmsc.t-mobile.co.uk:8002/
MMSC: http://mmsc.t-mobile.co.uk:8002/
MMS proxy: 149.254.211.10

Optional
SMTP Email - smtp-t-email.co.uk


Three

Internet

APN - three.co.uk
Username - n/a
Password - n/a

MMS
APN - mms.three.co.uk
Port - 8799
Username - (blank)
Password - (blank)
Server: http://mms.um.three.co.uk:10021/mmsc
MMSC: http://mms.um.three.co.uk:10021/mmsc
MMS proxy: 217.171.129.2


Virgin

MMS
APN - goto.virginmobile.uk
Port - 8080
Username - user
Password - (blank)
Server: http://mms.virginmobile.co.uk:8002
MMSC: http://mms.virginmobile.co.uk:8002
MMS proxy: 193.030.166.001


Tesco

MMS
APN - prepay.tesco-mobile.com
Port - 9201
Username - tescowap
Password - password
Server: http://mmsc.mms.o2.co.uk:8002
MMSC: http://mmsc.mms.o2.co.uk:8002
MMS proxy: 193.113.200.195


BT Mobile

MMS
APN - mobile.bt.uk
Port - 9201
Username - user
Password - btmms
Server: http://mms.bt.com/servlets/mms
MMSC: http://mms.bt.com/servlets/mms
MMS proxy: 212.183.137.012:8799


Asda Mobile

MMS
APN - asdamobiles.co.uk
Port - 9201
Username - wap
Password - wap
Server: http://mms.asdamobiles.co.uk/servlets/mms
MMSC: http://mms.asdamobiles.co.uk/servlets/mms
MMS proxy: 212.183.137.012:8799

What is DLNA?

DLNA Logo

DLNA is the Digital Living Network Alliance, an open community of manufacturers in the mobile and consumer electronics space that aims to standardise the mechanisms by which connected devices can interoperate with each other in areas such as media playback and image transfer: for instance a DLNA-certified camera would be able to transfer images to a DLNA-certified PC which would in turn be able to display those pictures on a DLNA-certified TV without the need for any additional hardware or software - you get the idea.

DLNA Logo

DLNA capable devices communicate via a network connection, typically WiFi in the case of mobile devices. There are currently three main categories of DLNA device types, with each main category having its own sub-categories:

So what? I hear you cry. A number of device manufacturers, including Nokia, Samsung, LG, Motorola and Sony Ericsson, have already achieved DLNA certification for a number of their devices offering effortless synchronisation between your mobile phone / PDA and your other DLNA-certified home networked appliances, and more manufacturers are seeking certification all the time. Watch this space for announcements as they arrive.

Visit www.dlna.org for more information.

Update - HTC have joined the list of DLNA-certified device manufacturers with the announcement of the Desire Z and Desire HD Android-based PDAs.

What on Earth is Augmented Reality?

Augmented Reality (AR) is the term for technology that presents the user with a 'mixed' view of the physical world combining a video image of a location together with an overlaid computer-generated view providing information about that location.

A simple example would be the practice of artificially defining pitch lines during sports television broadcasts to enable the viewer to better appreciate team territory possession or possible penalty offences.

A number of manufacturers have developed applications for their handsets harnessing this technology: Google have released an application called Goggles for the Android platform that enables the user to focus on a geographical landmark using their PDA's built-in camera, upload that image to Google, and have information about that building / natural feature returned (provided that Google's image-recognition technology can determine what it is you're looking at). The service can also be used by taking pictures of book covers, albums, you name it:

And if you don't believe the video, here it is in action:

Google Goggles Google Goggles

Google Goggles Google Goggles

There are other very impressive applications available that provide similar functionality. Wikitude (http://www.wikitude.org/) can overlay real-time facts about a given location on your device's screen when that location is focused on via the device's built-in camera:

The application also integrates with Google Maps and can be used in GPS mode to show you items of interest based on your location. When I used the application on the HTC Tattoo it automatically told me about the Bournemouth International Centre sat right on my doorstep...as well as my nearest Tesco superstore:

Wikitude for Android Wikitude for Android

TAT Augmented ID (http://www.tat.se) is a similar application but not for geographical locations or natural features, this application is for people: call up a picture of an individual and using face-recognition technology that's person's Facebook profile will be overlaid across that photo on your device's screen:

Nearest Tube (http://www.acrossair.com/apps_nearesttube.htm) is an application for the iPhone that allows you to focus on a location in London and have your nearest Tube station (that's the London Underground for non UK-residents!) displayed on-screen together with distance and direction information. A version is also available for New York.

Layar (http://layar.com) is an augmented reality application for the Android platform that allows developers to create overlaid content for specific locations, be it a 3D reconstruction of the Colosseum in Rome or the Beatles' Liverpool.

Layar's applications can be listed by most popular, or by relevance to your location. Using your device's built-in GPS capability you can take advantage of such applications as 'find my nearest pub':

Layar for Android Layar for Android

TwittARound is an application for the iPhone that allows you to focus on a location using the camera and have people's tweets overlaid across the image, together with information about who tweeted...and from how far away:

Applications are also available for sporting events such as Wimbledon to assist members of the public find the correct court for the match they want to view as well as locate bars, restaurants and rest facilities.

The future is now, and it's bigger than the real thing!

What on Earth is LTE?

The world's first test public LTE networks have been deployed by the Scandinavians in Oslo and Stockholm (by TeliaSonera) offering up to 80Mbps download speeds (http://www.theregister.co.uk/2009/12/14/lte_deployment/) which gives rise to the question: what on Earth is LTE?

LTE stands for Long Term Evolution and is the technology behind the next generation of cellular communications, or 4G. LTE promises to outstrip the data rates offered by 'fixed-line' broadband services, delivering a theoretical maximum of up to 200Mbps download speeds in its first iteration. As always, a theoretical maximum implies a certain coding scheme is being used, no one else is sat next to you, and it isn't raining (water in the atmosphere affects radio reception) - but the reality is still hugely impressive compared with current capabilities.

At the time of writing, in the UK at any rate, the mobile landscape is a mix of 2G, 2.5G and 3G services, all operating within very narrow, tightly-controlled, frequency bands. The frequencies used for these different services in Europe do not necessarily match those used for their counterparts in Asia-Pacific or the US. To fully understand the current architecture I recommend you read my introduction to mobile data here - http://blog.brightpointuk.co.uk/introduction-mobile-data-technologies

As with all cellular technologies, it is important to appreciate that the terms 2G, 2.5G, 3G and 4G refer to a type of service, NOT a specific technology. 3G services offer such features as media streaming, but encompass such technologies as EDGE and WCDMA. Therefore to say to a geek like myself that you are "connected via 3G", is akin to telling me you are watching television "through an aerial" and not whether it is an HD signal delivered via satellite, for example.
The same applies to the term 4G: it could equally apply to LTE as it might to WiMAX, but the two are different.

To understand how the faster data rates are achieved by LTE, it is necessary to understand how cellular data communications function.
In a nutshell, mobile devices are able to send and receive data over the air by adjusting the physical properties of a radio wave to denote either a binary 1 or a 0 (all data is made up of 1s and 0s). Provided that both the mobile device and the cell tower it is registered with are configured to 'look' for the same changes to the carrier signal, data can be sent and received.
This is essentially the same principle used by all communication mediums: fibre optics use light pulses; Ethernet uses copper cables; cellular devices use radio waves.
It is beyond the scope of this overview to go into high-level physics, but essentially it breaks down like this.
The properties of a radio wave can only be altered so far - you can adjust its amplitude, its frequency or its phase - or a combination of all of them. The key to achieving ever-faster data rates is to refine the extent to which a variation in a wave's properties constitutes a data value.
This is a massive simplification but essentially what this means is that whereas 2.5G systems might adjust a wave's amplitude by 1 measurement unit to denote a binary 1, 3G systems might refine the detection mechanism to mean that the wave can be altered by up to 1/4, 1/2, 3/4 and 1 measurement units. Therefore, whereas the 2.5G system can present a binary 1 or a binary 0 by changing the wave once, 3G can change the wave up to 4 times and therefore present 4 binary values between 00, 01, 10, and 11. This is achieved without needing to change the properties of the wave itself, just the processors at the sending and receiving units at each end of the wave. This also means that by changing the wave once to denote a value of 01, this is twice as fast as having to change the wave twice to denote both a 0 followed by a 1 - hence it's twice as fast. Make sense?
The ability to assign 4 values to a single carrier wave is known as Quadrature Amplitude Modification, or QAM.

LTE takes this approach much further. The same laws of physics apply - the radio wave itself is the same and can only have its physical properties adjusted in the same way. What differs is the distinct degrees to which a change in the wave's properties can be interpreted by the sending and receiving equipment as a binary data value - LTE can detect up to 16 different values (16 QAM) per wave cycle: 0000, 0001, 0010, etc et etc and is hence 4 times as fast: 0000 in one go rather than 0,0,0,0 in 4 goes. 64 QAM is also on the roadmap.
This takes increased complexity in the processors in the sending and receiving equipment - most notably in timing, and also in power (which is why early generation 3G handsets only lasted a few hours and got incredibly hot) - we are bound to see the same thing with early generation LTE kit.

Are you with me so far? Well it gets a bit involved from here on I'm afraid.

It gets much more complicated when you realise that the values being broadcast are not even 0000, 0010, 0100 or 1000, but are symbol values to represent more commonly occurring, larger bit sequences. Essentially communications between the device and the cell tower are compressed, in a manner similar to how ZIP applications can compress large files into smaller archive files.

So far we have looked at adjusting the properties of a wave's amplitude. It is also possible to adjust a wave's frequency at the same time as adjusting its amplitude.
"Carriers" are typically 20KHz each - meaning that any phone can transmit on any frequency within a 20,000Hz range to be identified as being on a specific carrier - this gives quite a lot of leeway for the wide variety of different phones available on the marekt to all work work properly on the network, and also provides for 'spacing' between carriers to identify them as being distinct from each other.
This is the approach taken by 2G and 2.5G systems - phones are assigned 'carrier' signals.
This involves a lot of frequency wasteage: if a phone is on a 20,000Hz range, it's only broadcasting on 1 of those Hz at any given time, meaning that 19,999Hz is being wasted. Again this is a huge simplification, but you get the idea.

What UMTS (3G) and now LTE (4G) do, is to assign all frequencies to all phones, at the same time. Each phone is assigned its own radio identifier and allowed to send and receive data across a wide range of frequencies using what is called Orthogonal Frequency Division Multiplexing (OFDM). In the same way that you can all use your company Internet feed at the same time and not get each other's traffic, the same is accomplished by OFDM. This means a hugely more efficient use of the radio network, and more concurrent users, and more speed. This is also why 4G services are referred to as "MIMO" (Multiple In, Multiple Out): they can operate across a range of frequencies rather than just one and often involve devices using multiple aerials.

How come more speed? Because each cell tower has x amount of radio to play with, if only 3 people are using that tower, they will get all of that x divided by 3. As more people join, their share of x will decrease. The important thing is that with LTE your radio allocation is now DYNAMIC. With 2.5G systems radio allocation was static: you'd get your share of x regardless of who was sharing your tower with you.

So what does that all mean for the user?

Apart from the higher data rates, not a huge amount. It is important to remember that these massive technological leaps extend between your phone and the nearest cell tower. As soon as your data hits the tower it goes down a cable into the ground and joins the landline network like everyone else. It is purely the efficiency of the radio link that is being tweaked. In terms of the setup and configuration process to be able to connect to the Internet from your LTE device, it will be the same as configuring a UMTS connection: you will need to enter the Access Point Name (APN) for your operator. Most devices can now determine the correct connection settings to use automatically based on the SIM card inserted.

Key to the development of LTE has been the ability to "hand off" from LTE networks to UMTS networks, meaning that your one device will be able to use LTE services where they are available, but will fall back to 3G service automatically when you roam outside of LTE coverage.

The future is now!

What on earth are 3G routers?

3G Routers are typically wireless access points with built in firewall and virtual server capability that take a SIM card and operate on high-speed 3G mobile networks. They can be used in a variety of scenarios to fulfil a number of different roles:

When used as an Internet router, the device connects to the 3G mobile network and shares its connection to devices sat 'behind' it, either via Ethernet or WiFi, or both. Acting as a DHCP server, clients can be granted access automatically, and a level of security can be added by restricting access to known network adapter MAC addresses as well as using WEP and WPA wireless encryption standards.

It is when these devices are used for inbound access that the devices become more 'interesting' from a geek perspective, and where a little extra knowledge is required about the type of mobile service required to enable this functionality.

When assigned a public IP address, connected 3G Routers can be accessed from any other machine on the Internet. Using their port-forwarding capabilities, multiple devices sat behind the 3G Router can be accessed on an individual application port without the need for multiple public IP addresses. This could be useful for a remote site where one or many device(s) has/have been deployed that need(s) to be monitored on a regular basis to retrieve sensor readings, for example.

Most 3G Routers also feature VPN functionality to provide site-to-site connectivity and add a layer of security to data sent across the Internet.

It is important to understand that in order for this remote connectivity to be possible, the SIM card in the 3G router must be assigned a public IP address. By default, when connecting to the Internet APN offered by the mobile operator, devices will be assigned a private IP address and a process known as NAT (Network Address Translation) occurs at the Internet gateway node. I have looked at this process in more detail in my article on Virtual Private Networks - http://blog.brightpointuk.co.uk/what-do-you-need-your-mobile-operator-se...
This means that while connections to the Internet are possible if initiated by the mobile device, it is not possible to establish an unsolicited connection to that mobile device from another node on the Internet because it does not have an address on the Internet.

There are two principle ways of obtaining a public IP address. As we saw in my article on establishing a VPN from a mobile device, most network operators provide an APN for corporate users that assigns devices public IP addresses. There is no cost to use this service, but it does have to be requested specifically from customer services in some cases.
The one issue with this approach is that whilst the address assigned to you is public, and therefore accessible across the Internet, the address assigned to you will be one of a range addresses and therefore not always the same. This is not practical if you need to connect to a specific device on a specific address at any given moment.
Most 3G Routers therefore support a service called Dynamic DNS, or DynDNS (http://www.dyndns.com).
DNS is the Domain Name Service: the system that maps 'friendly names' such as www.bbc.co.uk to their corresponding IP address understandable by PCs and routers (212.58.251.195 in the case of www.bbc.co.uk). Normally these records are static and only change very infrequently. What Dynamic DNS does is to offer a similar service, but to addresses that are constantly changing.
A user would register for a free DynDNS account and will be assigned a unique 'friendly name' of 'myaccount.dyndns.com'. A piece of software on the 3G Router connects to the DynDNS service each time the device connects to the Internet and sends details about its IP address. Therefore, regardless of what address you have ben assigned, all you need to know in order to connect to the device across the Internet, is the friendly name of 'myaccount.dyndns.com'.

Should you require a permanent single IP address, another option is to purchase an address from a service provider such as WirelessLogic (http://www.wirelesslogic.co.uk). This service allows you possess a dedicated, real-world IP address on your Orange, Vodafone or O2 SIM for a flat monthly rate on top of your existing operator tariff. You can use your SIM to connect to the operator's own Internet APN for regular usage, or you can connect to WirelessLogic's own APN and be assigned the public IP address assigned to your SIM card by that APN. Very clever stuff.

Port Forwarding

Port Forwarding is the feature supported by all 3G Routers offered by Brightpoint that allows you to access multiple devices behind the router using the same single public IP address.
Rules can be configured on the router to forward requests on specific ports to specific 'internal' address on the local network behind the router.
Therefore, if you are assigned a public IP address of 62.189.60.254 you might access a web server behind the router by typing in http://62.189.60.254 in your web browser. This would require a rule on the router to forward incoming requests on port 80 (HTTP) to the internal address of the web server.
To access the Windows-based web server itself sat behind the router via Microsoft's Remote Desktop protocol, you would type 62.189.60.254 in the remote desktop client. This would require a rule on the router to forward requests on port 3389 to the same server.
This principle can be extended to any number of hosts and ports as required, be it VNC (5900), SSH (22), FTP (21), HTTPS (443), etc etc etc.

For more details on the range of 3G routers offered by Brightpoint, visit the

sections of the blog.

If you're interested in a low-cost VPN solution for mobile or temporary sites, then OpenVPN (http://blog.brightpointuk.co.uk/openvpn) or an SSH-based solution (http://blog.brightpointuk.co.uk/deploying-ssh-based-vpn-solution) may be suitable.

Contact Brightpoint's expert sales team today on 0870 849 0225 if you're interested in learning more on anything you have read here, or use the CONTACT FORM to request a callback.

What on earth is a Femtocell?

Vodafone in the UK are offering consumers and businesses the ability to purchase their own Femtocell devices. Great, but what on Earth is it and why would I want one?

A Femtocell is effectively a very small GSM base station that can be used to extend wireless coverage to mobile devices (by wireless we are talking CELLULAR service rather than WiFi) in areas either where there is no coverage, or where coverage is poor. The Femtocell device itself connects back to the MNO’s network infrastructure via a regular broadband Internet connection.
Which begs the question – if you have a fixed-line broadband connection in place already (presumably with a broadband router that the chances are has WiFi built-in), why do you need to make your GSM phone connect to a Femtocell device rather than just turn on WiFi instead? Vodafone are not bundling any additional minutes or gigabytes if you buy your own Femtocell, so all you are doing is providing them with free additional coverage entirely at your own expense. The ability to place and receive voice calls on your mobile in an area of otherwise poor signal is a benefit, but what about from a data perspective?

The key reason (and as far as I can see the only reason), is to be able to ‘hand off’ from your Femtocell to the rest of the Vodafone network when you leave home. If you are connected to the Internet via WiFi at home or at the office via your broadband connection, when you leave the coverage range of the WiFi access point, you need to break the connection and then reconnect to the 3G network. Admittedly most devices will do this automatically, but it will involve being assigned a different IP address and effectively dropping off the 'net and popping back up again somewhere else.
If you have an unlimited data tariff, then you can leave your device connected to the same service all the time, without having to worry about WEP keys, SSIDs, etc and remembering to turn off your WiFi when you’re not at home to preserve your battery life.

NOTE - you won't be able to pick up your Femtocell and plug it in anywhere you like. You will need to tell Vodafone the IP address that you will be connecting from. Attempting to connect from an unauthorised IP address will be blocked.

A Vodafone Femtocell costs £160.

You can read more on the Vodafone web site:
http://www.vodafone.com/start/responsibility/mpmh/mobiles_health/masts_h...