To implement the SEG Classic platform for your chosen email architecture, first configure the basic Classic platform related settings on the AirWatch Console. It is only after configuring these basic settings that you are provided with an option to download the SEG installer.

 

Procedure:

  1. On the AirWatch Console, navigate to Email > Settings and select Configure. The Add Email Configuration wizard displays.
  1. On the Platform tab of the wizard:
    • Select Proxy as the Deployment Model.
    • Select Classic as the Gateway Platform.
    • Select the Email Type.
      • If the email type chosen is Exchange, then select the version from the Exchange Version drop-down menu. If you want to deploy the SEG for Office 365, please contact AirWatch for additional information.
    • Select Next.
  2. On the Deployment tab of the wizard, configure the basic setting. Select Next.

    Setting Description
    Friendly Name Enter a friendly name for the SEG deployment. This name gets displayed on the MEM dashboard screen for devices managed by SEG.
    Secure Email Gateway URL Enter the URL for the SEG server in this field. This URL provisions email policies to the SEG server.
    Ignore SSL Errors between SEG and email server Select Yes to ignore the Secure Socket Layer (SSL) certificate errors between email server and SEG server.
    Ignore SSL Errors between SEG and AirWatch server Select Yes to ignore Secure Socket Layer (SSL) certificate errors between AirWatch component and SEG server.
    Use Basic Authentication Select Yes if the SEG server is configured to enforce Basic Authentication. AirWatch recommends using basic authentication. For more information on how to enable basic authentication, see Enable Basic Authentication.

    Gateway Username

     

    Gateway Password



    Enter the credentials to authenticate and secure traffic (including policy updates to the SEG server) between AirWatch components and SEG. If disabled, anonymous authentication is used.

     

    Always establish a valid SSL trust between AirWatch and SEG server using certificates. Also, ensure to restart IIS (on SEG) after changing the SEG settings 'Ignore SSL Errors between SEG and email server' or 'Ignore SSL Errors between SEG and AirWatch server'.

  3. On the Profiles tab of the wizard, select a profile for the device platform that you choose.

    Setting Description
    Platform Select device platform from the drop-down menu.
    Mail Client Select an email client from the drop-down menu.
    Action Select either Use Existing Profile to associate an existing profile of the chosen platform or Create New profile if the existing profile do not match your requirement.You can associate only one profile per device type and mail client.
    Profile if an existing profile is used for the chosen platform, select a profile from the drop-down menu.

  1. Select Next. The MEM Config Summary form provides a quick overview of the basic configuration that you have just created for the SEG deployment. Select Finish to save the settings.

ConfigSEG_9.0

You have completed the email configuration steps and can view the MEM configuration details displayed on the Mobile Email Management configuration screen.

  1. To download the SEG installer, click the link provided under the SEG Proxy Settings.

DldSegInstallerLink

You can use the Edit, Advanced, and Test Connection options available on the Mobile Email Management Configuration screen to edit the settings, configure advanced settings, and also test the connectivity between the SEG, web, and the AirWatch API servers. The test result shows the success or failure connectivity status from Web to SEG and from SEG to AirWatch API. These test results, help you identify the cause of connection failure.

For more information on test connection, see the Knowledge Base article: https://support.air-watch.com/articles/115001675588

  1. (Optional step) Configure the advanced settings.
    Setting Description
    Use Recommended Settings By default, the Use Recommended Settings check box is enabled to capture all SEG traffic information from devices. Otherwise, specify the type and the frequency of the information that you want SEG to log for the devices.
    Enable Real-time Compliance Sync Enable this option to enable the AirWatch Console to remotely provision compliance policies to the SEG Proxy server.
    KCD authentication Enable this if you want certificate based authentication when your SEG server and email infrastructure are in different domains
    Required transactions Enable or disable the required transactions such as Folder Sync, Settings etc.
    Optional transactions Enable or disable the optional transactions such as Get attachment, Search, Move Items etc.
    Diagnostic Set the number and frequency of transaction for a device.
    Sizing

    Set the frequency of SEG and API server interaction.

    AirWatch recommends utilizing Delta Sync for policy updates as it minimizes the amount of data sent to SEG, thereby improving the performance. Delta sync is refreshed at a default time interval of ten minutes to ensure SEG has an updated policy set. This is particularly useful when multiple SEGs are in use, as there is a maximum of ten minutes where SEG will be out of sync with the AirWatch Console.

    S/MIME Options
    Skip Attachment & Hyperlink transformations for S/MIME signed emails Select Yes to disallow the encryption of attachments and transformation of hyperlinks through SEG for emails signed with S/MIME certificates.
    Enable S/MIME repository lookup

    Enable this option to allow the automatic look up of the S/MIME certificate managed in a hosted LDAP directory

    Configure the S/MIME lookup settings before you begin the SEG installation.

    LDAP URL Enter the URL of your LDAP server.
    Authentication Type Select Anonymous or Basic authentication. In case of basic authentication, enter the User Name and Password.
    Certificate Attribute

    Enter the name of the LDAP attribute corresponding to the S/MIME certificate on the mail recipient object.

    For example, userCertificate; binary

  2. To confgure more deployments, select the Add option from the Mobile Email Management Configuration screen to configure more deployments. The Mobile Email Management Configuration screen shows the list of the configured deployments.
  3. MultiMEMSeg_9.0

    To download the SEG installer or test the connection later, select the drop-down_icon icon corresponding to the MEM configuration and select Download SEG Installer and Test Connection options.