Securely Deploy Mobile Information 2001 Server (313303)

MORE INFORMATION

1. Install the master user account domain controller in the same domain as the data source.
2. Put your Mobile Information Server (MIS) servers in a separate subnet bounded by routers to isolate them from the rest of your network.
   
   This type of subnet is sometimes called a perimeter network.
3. Configure the ports on the internal router between the intranet and the perimeter network to permit them to communicate. For more information about the required port assignments, see the "Port Requirements for the Internal Firewall" topic in the Microsoft Mobile Information 2001 Server Enterprise Edition Planning and Installation Guide.
4. Configure the ports on the external router between the intranet and the perimeter network and the Internet to permit them to communicate. For more information about the required port assignments, see the "Port Requirements for the External Firewall" topic in the Microsoft Mobile Information 2001 Server Enterprise Edition Planning and Installation Guide.

1. To provide maximum security on the link between the intranet and the carrier network, connect to a carrier that has deployed Mobile Information Server Carrier Edition (MIS-CE). Although this is not required, the connection will not be as secure.
2. Negotiate with your carrier for an Internet Protocol Security (IPSec) policy that is compatible with your network's policy.
3. Set up your MIS installation to use the IPSec policy. For more information, see the "Security" section of the Mobile Information Server Enterprise Edition Administration Guide.
4. Agree with your carrier on a certification authority for user key negotiation.
5. Configure your MIS installation to use the certification authority.

1. Ask your carrier about the level of security between the carrier and mobile devices.
2. Make sure that your carrier provides connections with password encryption.
3. Make sure that your carrier encrypts data with a wireless protocol.