Anand Reviews the Apple iPhone 3G
by Anand Lal Shimpi on July 16, 2008 8:00 PM EST- Posted in
- Smartphones
- Mobile
Time to Exchange?
Special Thanks to Manveer Wasson for the iPhone Exchange/Corporate VPN Testing and Analysis.
There were several pitfalls to the original iPhone firmware that left businesspeople in the dark; IPSec support, WPA2 Enterprise for WiFi, and of course Microsoft Exchange for email calendaring and contacts. When Apple announced back in March that version 2.0 of their iPhone firmware would finally add support for the aformentioned business features, we were excited to say the least. Now that the firmware is finally out, we're happy to say that Apple has delivered on it's promises. So now all you enterprise guys should ditch your BlackBerries and Blackjacks for iPhones, right? Well, not so fast...
Apple's efforts to cater to enterprise customers is definitely commendable, but it just isn't perfect for all situations. Each piece of the enterprise puzzle works well on its own. From the connectivity perspective, things are working as expected. We were able to connect to a large WPA2 Enterprise network without any issues.
The IPSec VPN however is another story. For a company that has a strict security policy, you generally will not be able to access any part of the corporate network directly through the internet (and in this case the internet would be the iPhone's 3G or Edge data connection). You would need to establish a VPN connection to your company to allow for secure communication. Configuration is quite simple. Provide your VPN server address, account name, group name and shared secret. Now go back to the Settings screen, turn on your VPN, enter your password, and you're connected! So what's the problem? Well, when we get into the world of IPSec VPN, a typical deployment is to have two-factor authentication for an extra layer of security. This basically means you need to use a special one-time use password (called a token) when authenticating to your VPN. From a computer you will generally run a software based application to generate this token based on PIN number that you would already know (for example your Domain password).
So what does all that translate to? Well it means if you want to connect using IPSec VPN on your iPhone, you'll have to generate that token from your computer. That token will also have to be generated each time you want to connect to the VPN. This pretty much defeats the purpose of being able to VPN to your corporate network from the iPhone since you probably won't have (or don't want to) fire up your computer to generate a token. This really isn't Apple's fault, but a lot of planning needs to be done on the IT side of your company before you can connect seamlessly over IPSec VPN with your iPhone. One way to remedy the problem would be for the 3rd party authentication companies to create iPhone apps that can act as software token generators. That way you can maintain the security of the two-factor authentication system without having to rely on another device to create a token. Another issue we found during testing is after locking your phone, the VPN connection is terminated. In order to re-establish the connection, a new token must be generated. Again not really a flaw with the iPhone, but another example the business experience working not-so-seamlessly.
If your IT guys are nice they may have already created a Device Configuration to do your iPhone configuration for you. Device Configuration is basically an XML script generated by the iPhone Configuration Utility that can automate typically tedious configuration tasks such as Exchange, wireless, VPN, and email settings.
In order to install the script, you simply need to browse to it from your iPhone in Safari, or open it as an email attachment. After opening the script, the user needs to click Install and they're good to go.
The last, and biggest, new business feature for the iPhone 2.0 is its support for Exchange ActiveSync. You can finally connect to your corporate Exchange servers for email, calendar, and contact syncing. Setup is again pretty straight forward. Provide your corporate email address, username, password, and the iPhone will verify your credentials. You will then be able to enter in the exchange server address. One minor issue to note here is that you are forced to enable the passcode lock. This means whenever you want to unlock your phone, you'll have to enter in the PIN. Although from a security standpoint this makes sense (if you lose your phone or if it gets stolen nobody can read the corporate email), it would be nice to at least have the option to disable it.
Now you can select which items you want to sync with Exchange: Mail, Contacts or Calendars.
Possibly the biggest flaw in Apple's Exchange integration comes into the picture when you want to sync your contacts or calendars. All of your existing contacts and calendars will be deleted if you want to sync with Exchange. If you currently sync your contacts using another method, you'll have to sacrifice that in order to use Exchange. There is no option to create a secondary contact list or calendar. It's either all or nothing folks. Hopefully Apple (or a clever 3rd party developer) will smarten up and add support for syncing multiple calendars and contact lists. Personally we like keeping our private and professional lives separate to some extent so for now we're leaving contact syncing off.
For the most part the syncing functionality worked flawlessly. Changes made on the iPhone were quickly synced to Outlook and vice versa. However the usability of having all your corporate info on your iPhone leaves much to be desired. You still cannot search or sort email on your iPhone (though you can search contacts now). Only your Inbox will have email "pushed" to it. All other subfolders have to be manually synchronized (this is done by browsing to the folder). PowerPoint attachments do show up quite nicely in Mail when they decide to work. However we should note that some slides were getting cut off from the bottom or slides with complex graphics were rendered incorrectly. On the calendaring side, you cannot create a meeting invitation but you can respond to them with either an accept, deny, or "maybe". In addition, there is no "week" view for the calendar; only list, day and month. One feature we did like is calendar invites pop up as they are received prompting you to view the details or close the notification.
Apple has definitely taken big strides in appealing to the enterprise customer with the iPhone 3G. For the business user looking to connect to your corporate network and occasionally browse through your emails, this update will be more than sufficient. Having all my corporate meetings sync'd to the iPhone's calendar is also very handy. However there are sacrifices you'll have to make for this functionality. Choosing between personal and Exchange contacts and calendaring is a tough choice to make. For the corporate power users tethered to their BlackBerries, you'll want to stick with the two-phone solution.
Facebook
Twitter
RSS
55 Comments
View All Comments
Sunrise089 - Friday, July 18, 2008 - link
Wow I wish I had first comment here so I could get a response.In Anand's otherwise near-perfect review, he talked about Exchange support but didn't cover my #1 iPhone question: does Exchange support work without the $45 Enterprise Data plan? I can't for the life of my get a conclusive answer if the Enterprise plan is required for exchange, or just required if the iPhone is going to be purchased or paid for through a business.
araczynski - Friday, July 18, 2008 - link
i'm still holding out for the day the iphone comes with some real screen resolution.if the N810 can do much better than this, why can't the almighty apple?
sleepr0 - Friday, July 18, 2008 - link
Lets see:- The 3G doesn't fit the old cradle and the cradle is not included - $15.
- Old cover doesn't fit - $20.
- Unlimited data up $10/month.
- Text up $5/month.
- Cellular triangulation works nearly as well as GPS.
- 3G not significantly faster than Edge and all the new users will take a load off of the Edge network, freeing up bandwidth and making Edge a bit faster.
- Battery life worse.
I'll wait for Version 3, thanks.
wvh - Thursday, July 17, 2008 - link
Why do you buy a new phone when you are happy with your old one – it has pretty much the same functionality anyway? What is wrong with all those people who buy something just because Apple (or whoever) releases it? All these morons queueing up, did they all accidentally happen to break their phone the day before?It's a nice in-depth article, no remarks there, I've just heard enough already about this consumer hype. It's just talking people into fake needs.
Blast me for being negative, but you know I'm right.
michael2k - Friday, July 18, 2008 - link
The problem is that people aren't happy with their old one, and it doesn't have the same functionality, so that is why they queue for the iPhone. So essentially all your base assumptions are wrong.There is nothing wrong with these people; there is something wrong with the RZRS et al they already own, because they were broken the minute they bought them. No accident, they were just made that way.
Giacomo - Friday, July 18, 2008 - link
No, actually you aren't right. You could be, if we were here to make free-philosophy, but that's not the case, we're here to talk about hardware (and related).So then, you are accusing the mass of an excess of "hype" around the iPhone, and well, while it's definitely true that many of those people will buy it for "trendy" purposes, there are surely others (like me) who are about to buy it because they just like it and could benefit from it. In my particular case, I have lost my iPod Mini (...) and my cellphone is at its 4th year of life, with the keyboard almost died (intense 20.000+ sms usage in these years). The iPhone, by simply being, to me, an iPod which calls and writes sms, is great to have both the devices in the "main" pocket.
Full comfort over the whole year (no matter what clothes I'm wearing, the front/right pocket does ALWAYS have my cellphone inside, and thanks to the iPhone, the iPod as well), a brilliant keyboard for my heavy SMS usage, and I could be happy without anything else. Plus, there's something else actually, and I'll surely enjoy.
If we had to think like you in your post, we should all tell you: Why do you read Anandtech? You can live with a 5 years old PC without problems nor upgrades, if you just use some Office, browse the web and check your mail. If you game, well, that's energy consuming, money-wasting, time-wasting, and you should quit. But, of course, none in here would say that to you, neither would I.
Regards
Giacomo
scottwilkins - Thursday, July 17, 2008 - link
First, I've had AT&T for years. Never stepped in a store, and never talked with them about a purchase. They were very helpful and darn quick about replacing my wife's phone when it died. AT&T is the easiest to work with (and I work with most of them because I support a lot of folks on different networks) Plus, the AT&T signal in the places I go beats out all others hands down. So for you to say their signal is bad is very objective and quite stupid, since you did it only probably in one room and not overall.Also, your indications that other phones can't do what the iPhone can do are all false. One thing the iPhone CAN'T do that many many other phones can do is change. It can't change it's interface to suit other purposes, it can't change it's battery, and it can't change carriers. The 3G's only add over the old iPhone is 3G and GPS. All other features are software, and now available on the original iPhone. So an upgrade is useless until you contract is up.
Apple is a closed box. I prefer freedom.
michael2k - Thursday, July 17, 2008 - link
Uh, with a soft interface and touchscreen, the iPhone is just about the only device where it's interface can change as needed; you get two buttons when in Camera mode, 20+ in Calculator mode, 26+ in note-taking mode, etc.Ryl3x - Thursday, July 17, 2008 - link
I will buy at lunch. I read alot of reviews over the web including sites that dedicate themselves to phones. I found this to be one that i could relate to. Thanks.DeesTroy - Thursday, July 17, 2008 - link
My younger brother works for Garmin. You almost certainly won't get voice directions, at least not for free. The licensing agreements with the few companies that make the maps used in mapping software (e.g. Navteq) are very specific about what you can and can't do with the maps they provide. The mapping companies currently charge significantly more if you want to do voice directions. Nokia's purchase of Navteq makes a huge lot of sense given what one can do with maps, a GPS, and Internet all in one package. All of this is probably part of the reason that Garmin is getting into the phone business with the nuvifone.