Today mobile app management vendor Mocana is launching Atlas, a specialized mobile VPN appliance. Here’s are the gist of what you need to know:
Atlas is designed to work with MAP-based apps. MAP is Mocana’s mobile app management framework. It’s typically incorporated via app wrapping, but an SDK is also available. Many prominent EMM vendors use MAP for part or all of their MAM functionality, there are many ISVs that offer apps with MAP, and Mocana recently launched a MAP developer program.
Why create a mobile-specific VPN appliance? Mocana had a few reasons. First, having a dedicated box makes sense at the enterprise or service-provider scale. Second, Mocana was finding that customers were having a lot of trouble getting older VPNs set up to run smoothly with large numbers of mobile apps. Atlas, on the other hand, is designed for high numbers of mobile app connections.
Most important, there’s a lot of slick integration that can happen when the apps and VPN are designed to work together. Atlas has a certificate authority built-in, and apps prepared with MAP can have certificates pre-seeded when they’re distributed. Users can then do a simple username/password login, have single sign-on across their enterprise apps, and stay logged in. They're calling this combination of Atlas and MAP the Mocana ON experience.
You’re probably aware that these days iOS and some versions of Android already have per-app VPN capabilities built-in. However, you need to have a full MDM connection for these, and the way they typically work is more like having a device-wide VPN with a whitelist of apps that can use it. Mocana contends that this is akin to putting the entire device on the network, resulting in a more exposed network and requiring more rigorous traffic inspection. On the other hand, with MAP-based apps and Atlas they point out that the head end of the VPN already knows a lot about the endpoint (i.e. the apps) without having to do inspection. For example, it would know the province of the app, how it should behave, where it should connect to, and the state of the device (MAP includes jailbreak/root detection).
The Atlas appliance is clearly enterprise-focused, where it makes sense to have dedicated hardware, but a virtual appliance is in the works. Pricing isn’t being disclosed publicly yet.
What I like about Atlas is that since so many ISVs and and EMM vendors are using MAP, the chances for Atlas get better. And then MAP gets even more attractive, bringing some clarity to the fractured market for app-level MAM. (I wrote about this issue quite a while ago (here and here), and while OS-level MAM frameworks make it less important, it’s still relevant, especially for ISVs.)
And finally, since it’s always exciting for a company to launch their first hardware, here’s a picture of an Atlas box from when I was over at Mocana’s headquarters a few weeks ago: