To implement the SEG Classic platform for your chosen email architecture, first configure the basic Classic platform related settings on the UEM console. It is only after configuring these basic settings that you are provided with an option to download the SEG installer.
- On the UEM console, navigate to Email > Settings and select Configure. The Add Email Configuration wizard displays.
- On the Platform tab of the wizard:
- Select Proxy as the Deployment Model.
- Select Classic as the Gateway Platform.
- Select the Email Type.
- If the email type chosen is Exchange, then select the version from the Exchange Version drop-down menu. If you want to deploy the SEG for Office 365, please contact Workspace ONE Support for additional information.
- Select Next.
On the Deployment tab of the wizard, configure the basic setting. Select Next.
|Friendly Name||Enter a friendly name for the SEG deployment. This name gets displayed on the MEM dashboard screen for devices managed by SEG.|
|Secure Email Gateway URL||Enter the URL for the SEG server in this field. This URL provisions email policies to the SEG server.|
|Ignore SSL Errors between SEG and email server||Select Yes to ignore the Secure Socket Layer (SSL) certificate errors between email server and SEG server.|
|Ignore SSL Errors between SEG and AirWatch server||Select Yes to ignore Secure Socket Layer (SSL) certificate errors between Workspace ONE UEM component and SEG server.|
|Use Basic Authentication||Select Yes if the SEG server is configured to enforce Basic Authentication. Workspace ONE UEM recommends using basic authentication. For more information on how to enable basic authentication, see Enable Basic Authentication.|
Always establish a valid SSL trust between Workspace ONE UEM and SEG server using certificates. Also, ensure to restart IIS (on SEG) after changing the SEG settings 'Ignore SSL Errors between SEG and email server' or 'Ignore SSL Errors between SEG and Workspace ONE UEM server'.
|Platform||Select device platform from the drop-down menu.|
|Mail Client||Select an email client from the drop-down menu.|
|Action||Select either Use Existing Profile to associate an existing profile of the chosen platform or Create New profile if the existing profile do not match your requirement.You can associate only one profile per device type and mail client.|
|Profile||if an existing profile is used for the chosen platform, select a profile from the drop-down menu.|
You have completed the email configuration steps and can view the MEM configuration details displayed on the Mobile Email Management configuration screen.
You can use the Edit, Advanced, and Test Connection options available on the Mobile Email Management Configuration screen to edit the settings, configure advanced settings, and also test the connectivity between the SEG, web, and the Workspace ONE UEM API servers. The test result shows the success or failure connectivity status from Web to SEG and from SEG to Workspace ONE UEM API. These test results, help you identify the cause of connection failure.
For more information on test connection, see the Knowledge Base article: https://support.air-watch.com/articles/115001675588
|Use Recommended Settings||By default, the Use Recommended Settings check box is enabled to capture all SEG traffic information from devices. Otherwise, specify the type and the frequency of the information that you want SEG to log for the devices.|
|Enable Real-time Compliance Sync||Enable this option to enable the UEM console to remotely provision compliance policies to the SEG Proxy server.|
|KCD authentication||Enable this if you want certificate based authentication when your SEG server and email infrastructure are in different domains|
|Required transactions||Enable or disable the required transactions such as Folder Sync, Settings etc.|
|Optional transactions||Enable or disable the optional transactions such as Get attachment, Search, Move Items etc.|
|Diagnostic||Set the number and frequency of transaction for a device.|
Set the frequency of SEG and API server interaction.
Workspace ONE UEM recommends utilizing Delta Sync for policy updates as it minimizes the amount of data sent to SEG, thereby improving the performance. Delta sync is refreshed at a default time interval of ten minutes to ensure SEG has an updated policy set. This is particularly useful when multiple SEGs are in use, as there is a maximum of ten minutes where SEG will be out of sync with the UEM console.
|Skip Attachment & Hyperlink transformations for S/MIME signed emails||Select Yes to disallow the encryption of attachments and transformation of hyperlinks through SEG for emails signed with S/MIME certificates.|
|Enable S/MIME repository lookup||
Enable this option to allow the automatic look up of the S/MIME certificate managed in a hosted LDAP directory
Configure the S/MIME lookup settings before you begin the SEG installation.
|LDAP URL||Enter the URL of your LDAP server.|
|Authentication Type||Select Anonymous or Basic authentication. In case of basic authentication, enter the User Name and Password.|
Enter the name of the LDAP attribute corresponding to the S/MIME certificate on the mail recipient object.
For example, userCertificate; binary
To download the SEG installer or test the connection later, select the icon corresponding to the MEM configuration and select Download SEG Installer and Test Connection options.