Snow Leopard Server to offer low cost, secure mobile access to iPhone
The company's website has for some time referenced "Remote Access" as an upcoming feature of Snow Leopard Server, but only describes it as being a combination of new "push notifications to mobile users outside your firewall" and a proxy service providing "secure remote access to email, address book contacts, calendars, and select internal websites."
The recently released WWDC 2009 session previews somewhat cryptically highlight additional details about how the new proxy service works and presents its new name for the service:
The Mobile Access Server provides a path through a corporate firewall for IMAP, SMTP, HTTP, and CalDAV without using VPN. Learn about the features of, and deployment tips for, this powerful new service in Snow Leopard Server.
Currently, mobile devices usually have to first initiate a secured VPN tunnel to the company's private network before being able to access resources such as internal websites or collaboration and messaging services. A VPN works like a virtual dial up session across the open Internet, and must be manually connected before remote users can access a company's internal services.
Apple began providing advanced VPN support for business networks in iPhone 2.0, enabling iPhone users to connect to Microsoft or Cisco VPN servers. However, the company is now positioning Snow Leopard Server as an alternative way to deliver remote access services to mobile devices with less overhead and equipment, and avoiding expensive Client Access Licenses charged by Microsoft. According to sources familiar with Apple's plans, Mobile Access uses a proxy server to provide remote mobile users with "always on" security they won't need to manually connect with when needed.
A proxy server can act as a network gateway that performs content filtering or caching services to accelerate web access to internal users on a private network. In Apple's case however, it appears that Mobile Access in Snow Leopard will be used as a reverse proxy to deliver SSL certificate-based secure encryption of both email and web-based services to iPhone and iPod touch users.
It is already common for mail servers to deliver SSL encryption of POP, IMAP and SMTP traffic, and for web services to supply SSL-encrypted web access via the HTTPS protocol. Because Apple's new Address Book Server, iCal Server, and Wiki collaboration tools are all WebDAV-based, it will be simple for Apple to offer an SSL proxy that centrally secures all the email, calendar, contacts, a collaboration server access for iPhone users, making it simpler, faster, and cheaper for companies to deploy mobile remote access without configuring or supporting VPN connections.
Users will be able to access internal network resources from their iPhone or iPod touch with the same level of security that banks and online merchants use to provide SSL-encrypted website access. And because Apple designs both the server and the mobile client software, it can make the setup and configuration for using Mobile Access secured resources nearly invisible to end users.
That strategy may likely help tie the growing popularity of iPhones among corporate and government users to increased sales of Snow Leopard Server, and draw more attention toward Apple's Mac Server offerings as a much less expensive alternative to Microsoft's combination of Windows Server, Exchange Server messaging, SharePoint collaboration, and Exchange Active Sync for supporting remote access to mobile devices.
Apple performed a similar software coup when it introduced Macs running Final Cut Pro as a cheap alternative to very expensive Avid video production workstation studios. Final Cut Pro didn't need to match Avid feature for feature, it only needed to serve as a less costly option for existing video production users. By allowing them to offload many tasks to Macs, Apple's platform gained entry into an industry where Apple now maintains a major presence.
The iPhone and iPod touch are already making an impact on corporate, government and other larger organization users, with the US military now making wide use of iPod touches as general purpose devices, several universities beginning to make Apple's mobile devices a central part of their learning infrastructure, and many large Enterprises developing custom applications for iPhone users.
By offering Snow Leopard Server as a much cheaper alternative to Microsoft's server software and the Client Access Licenses companies must pay per user, Apple will send a particularly embarrassing response to Microsoft's recent ad campaigns portraying Mac hardware as "cooler and sexier" but higher priced than the low end of generic PCs using Windows. That's because while Dell can slightly undercut comparable XServe hardware costs from Apple before adding Windows Server, Microsoft's software licensing dramatically balloons the costs businesses face to deliver the same features Mac OS X Server can, which Apple bundles on its Mac servers at no extra cost.