5.9 Mobile Module

To enable mobile data archiving the following tasks must be completed, in order:

For the newer application supporting Android 4.4+

The Retain Router should be installed in the DMZ area of the host network. The Mobile Router or the Retain Server, whichever is to be used, requires a TLS certificate signed by a 3rd party for trusted communications. The Router must be available to the Internet and the Retain Server. The Router and Worker may be installed on the same machine, or apart.

It is recommended to use a Mobile Device Management (MDM) system to distribute Retain Service to devices. When using an MDM to distribute the Retain app, the system can be set to not allow app removal. The MDM will need the package name for Retain Service, which should be set to com.gwava.retain.mobile. Consult the MDM’s documentation for instructions.

MDMs that have been tested with Retain include:

The application sends collected information, approximately every hour, to the Retain Router. No data will be archived until the application is registered and configured.

There are a few things that need to be configured.

The module needs to be enabled on this page to make it active in the Retain system.

The module can be given a name.

The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page. See that section for more information.

The Create Users tab allows for automatic user accounts, and associated passwords mailed to the designated address or addresses.

After the module configuration has been saved, the Mobile, Profile, and Device Management menu pages will become be available.

The Worker is only required for legacy Android application support and is not necessary with the current application. The following information is only necessary for supporting older application systems.

The Mobile worker is a special worker configuration which contacts the Retain Router with all the information it needs to function. This includes the configuration settings for the data path and connection information. In general, the Mobile Worker is configured the exact same as most workers in the Retain system, however there is one setting for the Mobile Worker which is specific to the Mobile Module; the data path. The data path is essential for the worker to function with the Mobile Module. An existing worker may be used with the Mobile Module, however, it must have the bootstrap file re-uploaded once the data path has been configured.

The mobile data is delivered to the Retain Server through a router service, which must be informed how to contact the Retain Server. While the Router is gathering information between jobs, the mobile data is stored. The stored location is specified by the data path. This is why the Router and the worker must have direct and constant access to the data path; the data path stores the message data collected by the Router and retrieved by the Worker.

To ensure connection to both the data path and the Retain Server are correct, the Connection and the Module Specific tabs must be reviewed and configured. The Connection tab holds the connection address which the Retain Worker will use to contact the Retain Server. Depending on where the Server and the Worker are located in the network, and because the Worker may be installed alongside the Router in the DMZ, the connection information must be accurate to allow a clean connection to the Retain Server. An IP Address will work, but the DNS hostname of the Retain Server is also recognized and supported.

The port and address must be open or forwarded through security and firewalls from the Worker to the Server. In addition, the Retain Server will not accept connections without the password set here. The password is randomized and doesn’t need to be changed.

Once the Mobile Worker has been configured, save the changes. Once the settings have been saved, the worker will be created, and the configuration saved to the bootstrap file. The bootstrap file must be uploaded to the Retain Worker before the Worker will function. Select the ‘Download File’ link to save the configuration file. Browse to the worker’s page, and upload the configuration file. Once uploaded, the worker automatically reads the configuration and checks with the Retain Server for jobs.

The Mobile Profile allows the administrator to dictate what types of message data is collected from registered mobile devices. The profile is universal, and once configured works for the entire mobile system.

The Mobile Profile is fairly straight-forward. To enable message data collection for the mobile system, the profile must be activated.

Under Message Settings, the different types of messages which can be archived from Mobile devices are listed and configured. The message source and type are available for selection or exclusion.

Finally, the Miscellaneous tab allows for configuring attachments. Attachment size and general attachment settings can be configured here. If there is a maximum limit, set it in the field below.

The attachment size limit is listed in KB. If the size limit is configured to -1, then there is no limit and all attachments will be archived no matter the size.

There can only be one profile for the Mobile module. Once a profile has been created, the option to create a new profile will be disabled and grayed-out. If a new profile is desired, the existing profile must first be deleted. If there is no profile active in the system, the option to create a new profile will be active.

Once the module, worker, and profile have been configured, devices must be added through Device Management. Device Management

The Retain Router has its own web page. This page can be used to test the connection to the Retain Server, as well as verify that communication is open and that devices registered in the Retain Server are listed in the Retain Router.

To access the Router page, open a browser and enter the connection URL.

http://Retain_Router_IP_or_Domain/RetainRouter

For example: http://192.168.1.21/RetainRouter

Devices which are active are listed along with daily statistics. The daily statistics are reset every night.

This page is mainly an informational page.

Job configuration is only required for legacy Android application support and is not necessary with the current application. The following information is only necessary for supporting older application systems.

Core Settings

The core settings tab contains information on the schedule, profile, and worker utilized for the mobile module, as well as the data expiration date.

The Data Expiration is an option to place a time stamp on data in the Retain database, which allows for ease of automation for the deletion manager. In addition, devices such as NetApp, Centera, and Hitachi HCAP may use this number to enforce hardware level protection of the stored item so that no one, including Retain, may delete the item before its expiration date. Job Expiration is not retroactive for messages in the database, and only applies to messages archived by the job that it is active for. In order to have messages with custom job or folder expiration dates properly expire, the deletion management date scope must be set to delete messages with an Expiration Date older than 1 day.

When a job is run, the notification option allows the administrator to be emailed a summary of each running job if desired.

For notification to function correctly, the SMTP information for the desired SMTP server must be fully filled-out. How much information is required varied depending on the mail system used.

Status

The Status tab displays the status of any currently running jobs, as well as the stats of the last completed job.

This tab is informational only for the Mobile module.

The Retain registration email template (…\RetainServer\WEB-INF\classes\config\mobile\registeruser.html) has many variables which allow for a customized registration email. There are a few variables which must remain unchanged, but the rest may be removed or modified, as desired, to adapt the email to any organization.

This is a quick description of the different variables, and which can be modified. They are distinguished by double brackets “[[“and “]]”. The Retain Server code that sends out the email sets these variables with the product specific and user specific information.

Typically, only #1 will want to be changed – for use in mobile device management software. If an admin wishes to make the registration email to look like it is coming from their company, they should modify #’s 1-2, 6-9. However, variables 6-9 may be simply removed if the admin doesn’t want users to know what they are using.

The registration code and information in that variable must not change. This information is generated by the device management page when the device is added.

The following variables must not change.

Do not modify the following: