The MECS (Mobile Enterprise Compliance and Security) server is a centrally managed enterprise-grade solution designed to extend security functions to corporate and personally-owned mobile devices (iOS, Android). Available with a number of modular options, the MECS features six distinct products: VPN concentrator with stateful inspection firewall, security-enhanced MDM, PKI/certificate authentication, content filter, intrusion prevention/anti-virus, and containerization (application wrapping). Deployment options are available on-premise (appliance), hosted or cloud based depending on customer need. All traffic to and from the mobile device is routed through a secure 256-bit, certificate-authenticated IPsec VPN connection and stateful inspection firewall - with the ability to split out VPN traffic for personal devices.
By design, not only is the MECS solution encrypting and securing device data traffic, it is able to provide real-time syslog of all IP traffic from every enrolled mobile device. This data can be exported for reporting, change management and real-time monitoring capabilities through any SIEM. MECS supports iPhone/iPad - iOS 6 and higher, and Android v2.2 and higher (Android 4.2 and higher required for "always on VPN"). The MECS solution for iOS is a clientless, zero footprint agent. The Android solution requires a client-installed application. Policies are created for the integrated content filter, device-level security, firewall rules, application-inspection/remediation and jailbreak/root detection/remediation.
In addition, security policies are enforced on a personal device connecting to corporate email, preserving regulatory compliance. MECS combines with a hosted virtual-desktop infrastructure, such as Citrix Receiver, to provide a secure VPN connection from iPad into the corporate application servers to keep all mission-critical data from residing on the device. Additionally, MECS offers app wrapping and fully supports Samsung Knox 2.0 APIs. It also enables the ability to harden Android devices with its own kernel modifications on almost a dozen Android phones and pads.
Documentation provided by Mobile Active Defense included an easy-to-follow admin user guide. Installation was accomplished by establishing an instance of the MAD SaaS product. The administration user ID and password were set and user groups and users were created. Policies were set and an iPad 3 was enrolled. From beginning to end it took about five minutes of actual effort to get the system up and running. The dashboard was easy to navigate. Even some of the more complex tasks were easy to perform without assistance. The console helps extend functions and restrictions of a company's security policy to mobile users. MECS allows admins to apply enterprise firewall policy rules to your mobile device users the same way you control traffic from your internal machines. In addition, the MECS URL filtering keeps users from accessing unacceptable, offensive, hostile and other policy-prohibited websites. As noted above, email protection helps keep mobile users safe from virus, spam, phishing and malware threats, while allowing them secure access to their email.
MAD offers free 24/7 customer and product support during the trial and evaluation period of its products. After purchase there is no free option for support. MAD offers 7/24/365 phone assistance for its products. The fee structure is 22 percent of the MSRP of the product being purchased for "MAD Onsite" or the appliance-based product. The cloud-based offering is 35 percent of the MSRP of the product being purchased. Additionally, MAD provides email support.
Value for money is very good.