Title of Invention	ENTERPRISE ACCESS CONFIGURATION FOR WIRELESS NETWORK DEVICES
Abstract	The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of the script may then be stored on an external server. When an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer then may retrieve the security file location from the external server, retrieve the security file from the internal server using the security file location, and program the security file into the wireless device.

Title of Invention

ENTERPRISE ACCESS CONFIGURATION FOR WIRELESS NETWORK DEVICES

Abstract

The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of the script may then be stored on an external server. When an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer then may retrieve the security file location from the external server, retrieve the security file from the internal server using the security file location, and program the security file into the wireless device.

Full Text	SPECIFICATION TITLE OF INVENTION ENTERPRISE ACCESS CONFIGURATION t i / FIELD OF THE INVENTION 10001] The present invention relates to the field of computer networks. More particularly, the present invention relates to enterprise access configuration for wireless remote email access. BACKGROUND OF THE INVENTION [0002] Mobile devices, such as cellular phones and personal digital assistants (PDAs) have been growing in popularity for manyyears. Laptop computers have been popular for many years. Recently, wireless email access has been made avails laptop computers, cellular phones and personal digital assistants.With wireless email access, a user may send and receive email remotely using a wireless Internet connection [0003} Enterprise users are potentially a huge market for wireless email access. Enterprises, such as large companies, have a high need for instant communication and commonly business is conducted viaemaiL There are currently two broad categories of solutions for wireless remote email access. Both, however, cause significant problems for enterprises. [0004] In thefirst scenario, an end-user purchases a wireless device to use in conjunction with a desktop compute:. Wireless email redirector software is placed on the desktop. This software monitors mail that «>mes into foe mail server destined for the user's mailbox, and then securely forwards it to his device. This solution, however, is not under control of the enterprise. For example, foe enterprise may have internal policies that require foe deletion of received email after 90 days. When the email is redirected to a wireless device, foe enterprise can no longer ensure that the email is deleted after 90 days. AMtfaer drawback of this first scenario is that it only works for email Furthermore, it requires that a desktop computer be left behind This, however, is not possible for professionals who use a single laptop computer at the office and when they travel. [0005] In the second scenario, an enterprise Information Technology (IT) manager selects and installs a solution for end-users. This entails either a dedicated mail server process or integration with a hosted Active Server Pages (ASP) service. A mail server, however, is a major IT project, possibly requiring a new dedicated forwarding server, an email server upgrade, and installation of other significant applications. For example, Microsoft™ of Microsoft Corporation requires the installation of ActiveDirectory and Exchange 2000 before installing their Mobile Information Server. It also is quite expensive. Furthermore, a hosted service may require a new supplier relationship. There also may need to be a complicated connection between the remote access provider and the wireless ASP service. Complex mail routing is required, introducing potential security risks. This solution also works only for emaiL [0006] What is needed is a solution that allows an IT manager to prepare an organization for easy and secure wireless email access, with minimal investment of time or money. BRIEF DESCRIPTION OF TOE INVENTION [0007] The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of die script maythen be stored on an external server. When an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer then may retrieve the security file location from the external sorer, retrieve the security file from tbe internal server using the security file location, and program the security file into the wireless device. BRIEF DESCRIPTION OF THE DRAWINGS [0008] The accompanying drawings, which are incorporated into and constitute a part of Ms specification illustrate one or more embodiments of the present invention and, together with the detailed description, serve to explain the principles and implementations of the invention. [0009] In die drawings; FIG. 1 is a diagram illustrating a system in accordance with a specific embodiment of the present invention. FIG. 2 is a diagram illustrating a system for accessing an enterprise in accordance with an embodiment of die present invention. FIG. 3 is a flow dtegrto iUustrating a method for wireless network device to an enterprise in accordance with an embodiment of die present invention. FIG* 4 is a flow diagram illustrating a method for accessing an enterprise from a wireless network device using a computer, in accordance with an embodiment of the present invention. FIG. 5 is a block diagram illustrating an apparatus for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention. DETAILED DESCRIPTION [0010] Embodiments of the present invention are described herein in die context of a system of computers, servers, and software. Those of ordinary skill in the art will realize that die following detailed description of the present invention is illustrative only and is not intended to be in any way limiting. Other embodiments of die present invention will readily suggest themselves to such skilled persons having the benefit of this disclosure. Reference will now be made in detail to implementations ofthe present invention as illustrated in the accompanying drawings. The same reference indicators will be used throughout the drawings and die following detailed description to refer to the same or like parts. (0011] In the interestof clarity, not all of die routine features ofthe implementations described herein are shown and described It will, ofcourse, be appreciated that in die development of any such actual implementation, numerous implementation-specific decisions must be made in order to achieve the developer's specific goals, such as compliance with application- and business-related constraints, and that these specific goals will vary from one implementation to another and from one developer to another. Moreover, it will be appreciated that such a development effort might be complex and time-consuming, but would nevertheless be a routine undertaking of engineering for those of ordinary skill in the art having the benefit of this disclosure. [0012] In accordance with the present invention, the components, process steps, and/or data structures may be implemented using various typesof operating systems, computing platforms, computer programs, and/or general purpose machines. In addition, those of ordinary skill in the art will recognize that devices of a less general purpose nature, such as hardwired devices, field programmable gate arrays (FPGAs), application specific integrateddrcuits (ASICs), or the like, may also be used without departing from the scope and spirit of the inventive concepts disclosed herein, [0013] The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of the script may then be stored on an external server. When an aid-user within die organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer that may retrieve the security file location and/or the security file access protocol from the external server, retrieve the security file from the internal server using the security file location and/or the security file access protocol, and program the security file into the wireless device. [0014} FIG. 1 is a diagram illustrating a system in accordance with a specific embodiment of the present invention. A person capable of understanding the remote access procedures and security parameters for an organization (for purposes of this application, known as an "IT manager") may place a script containing general security parameters and access policies in a file on an appropriate internal server 100 using an FT computer 102. The file may haveread-only access to prevent unauthorized changes. A "wizard" may be provided to simplify the creation of this configuration script Many different types of servers may be used as an internal sever 100 including, but not limited to, file servers, database servers, or web servers. [0015] The location of the script may then be stored on an external server 104. This server may be owned by any of a variety of companies. The location may be represented through a Microsoft UNC, Internet URI^ and XQL database query or any other meam appropriate to identify the server and file. Each file may be associated with an email domain that covers email addresses routed to the organization (e.g., [email protected]). The security file access protocol may also be stored on the external sever 104. [0016] Independently, an end-user within die organization may decide to purchase a wireless network device 106 that he desires to access email with. He may query the external server to determine whether his email address is supported 104. Ifso, hemay purchase the wireless network device and attack it to a laptop behind a firewall At this time, if the email address is not supported, die operator of the external server may decide to support the email address by configuring the systemtoworic with fee email address. For example, the user may have email address [email protected]. If a previous employee with that company was configured to work with the system, then it may be that all employees with that company have been configured and all that is necessary is for the user to retrieve that configuration. However, if this is the first employee with that company to attempt access, the external server may configure that employee, at which point all employees with the email domain company.com will be configured. [0017] The laptop 108 may then retrieve the security file location and/or security file access protocol from die server, retrieve the security file, and then program the security file into the wireless device, which has been coupled to the laptop. He also may then enter die remaining personal security parameters (e.g., personal account name and password). The device may now access fee corporate network directly when outside the firewall, using these parameters. This solution allows any form of access to be configured: push messaging, enterprise-based instant messaging, intranet web browsing, intranet file access, intranet application access, virtual private network (VPN) access, VPN key distribution, etc. [0018] FIG. 2 is a diagram illustrating a system for accessing an enterprise in accordance with an embodiment of the present invention. After the wireless device 200 has been configured, email access may be coordinated using a virtual private network (VPN) server 202 which allows access to an email server 204. [0019] FIG. 3 is a flow diagram illustrating a method for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention. At 300, an email address may be recdved from a user having the wireless network device. This email address may then be checked against a database having domains currently supported by the enterprise to determine whether a security file exists. If one does not, the system may choose to deny die request for access or to create a security file imique to a domain covering the email address. At 302, a security file location and/or a security file access protocol may be retrieved from a server external to the enteiprise. At 304, a security file may be retrieved from a server internal to the enterprise using the security file location and/or the security file access protocol. The server internal to the enterprise may be, for example, a web server, file server, database server, etc. At 306, the security file may be programmed into the wireless network device. At 308, any remaining security parameters may be forwarded to file wireless network device. At 310, communication may be received from the wireless network device to an access server internal to fee enterprise, the communication sent using a configuration stored in the security file. The access server may be, for example, an email saver, a push messaging servo:, an instant messaging server, an intranet web browsing server, an intranet file access server, and intranet application access server, a virtual private network (VPN) access server, a VPN key distribution server, etc. [0020] FIG. 4 is a flow diagram illustrating a method for accessing an enterprise from a wireless network device using a conpite,inacc fiom a server internal to the enterprise using the security file location and/or security file access protocol llie sewer internal to the enterprise may be, for example file server, database saver, etc. At 406, the wireless network device may be coupled to the computer. At 408, the security file may be programmed into the wireless network device At 410, any remaining security parameters may be forwaded to the wirelessnetwork device network device. At 412, communication may be sent fiom the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in the security file. The access server may be, for example, an email server, a push messaging server, an instant messaging server, an intranet web browsing server, an intranet file access server, and intranet application access server, a virtual private network (VPN) access server, a VPN key distribution server, etc. (0021] FIG. 5 is a block diagram illustrating an apparatus for configuring access froma wireless netwoik device to an enterprise in accordance with an embodiment of the present invention. A security file location external server retriever 500 may retrieve a security file location from a server external to the enterprise. A security'file access protocol retriever 502 may retrieve a security file access protocol from the server external to the enterprise, A security file internal server retriever 504 coupled to fee security file location external server retriever 500 and to the security file access protocol retriever 502 may retrieve a security file from a server internd to the ent^rise using the security fik location and/or the security file access protocol The server internal to the enterprise may be, for example, a webserver,^ A security file wireless network device programmer 506 coupled to the security file internal server retriever 504 may program the security file into the wireless network device* A remaining security parameters wireless network device forwarder 508 coupled to the security file internal server retriever 504 may forward any remaining security parameters to the wireless network device. J0022] While embodiments and applications of this invention have been shown and described, it would be apparent to those skilled in fee art having &eb«efit of ttxis disclosure that many more modifications than mentioned above are possible without departing from the inventive concepts herein- The invention, therefore, is not to be restricted except in fee spirit of the appended claims. CLAIMS What is claimed is: 1. A method for configuring access from a wireless network device to an enterprise, comprising: retrieving a security file location from a servo: external to the enterprise; retrieving a security file from a server internal to the enterprise using said security file location; programming said security file into the wireless network device; and forwarding any remaining security parameters to the wireless network device. 2. The method of claim 1, further comprising: retrieving a security file access protocol from said server external to the enterprise. 3. The method of claim 2, wherein said retrieving a security file ftirther includes retrieving a security file from a server mtaroal to die enterprise using said security file location and said security file access protocol 4. The method of claim 1, further comprising: receiving an email address from a user having the wireless network device; and wherein said security file is unique to a domain covering said email address. 5. The method of claim 1, wherein said saver internal to the enterprise is a web server. 6. The method of claim 1, wherein said server internal to the enterprise is a file server. 7. The method of claim I, wherein said servo: internal to the enterprise is a database server. S. The method of claim 1, further comprising: receiving communication from said wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file. 9. The method of claim 8, wherein said access server is an email server. 10. The method of claim 8, wherein said access server ia a push messaging server* 11. The method of claim 8, wherein said access saver is an instant messaging saver. 12. The method of claim 8, wherein said access server is an intranet web browsing server. 13. The method of claim 8, wherein said access server is an intranet file access servo-, 14. The method of claim 8, wherein said access server is an intranet application access server. 15. The method of claim 8, wherein said access server is a virtual private network (VPN) access servo1. 16. The method of claim 8, wherein said access server is a VPN key distribution server. 17- A mdhod for accessing an enterprise firom a wireless network device by using a computer, comprising: retrieving a security file location fromaserver external to fee enterprise; retrieving a security file fiom a saver internal to fee enterprise using said security file location; coupling fee wireless network device to fee computer, and programming said security file into the wireless network device. 18. The method of claim 17, further comprising: retrieving a security file access protocol from said server external to the enterprise. 19. The method of claim 18, wherein said retrieving a security file further includes retrieving a security file from a server internal to the enterprise using stud security file location and said security file access protocol 20. The method of claim 17, further comprising: forwarding any remaining security parameters to the wireless network device. 21. The method of claim 17, further comprising: sending an email address from a user having the wireless network device to a server internal to the enterprise. 22. The method of claim 17, further comprising: sending communication from the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file. 23. An apparatus for configuring access from a wireless network device to an enterprise, comprising: a security file location external saver retriever; a security file internal server retriever coupled to said security file location external server retriever; a security file wireless networkdevice programmer coupled to said security file internal saver retriever, and a remaining security parameters wireless network device forwarder coupled to said security file internal server retriever. 24. The method of claim 23, further comprising a security file access protocol retriever coupled to said-securityjiie internal server retriever. 25. An apparatus for configuring access from a wireless network device to an enterprise, comprising: means for retrieving a security file location from a server external to the enterprise; means for retrieving a security file from a server internal to the enterprise using said security file location; . means for programming said security file into the wireless network device; and means for forwarding any remaining security parameters to the wireless network device. 26. Hie apparatus of claim 25, further comprising: means for retrieving a security file access protocol from said servo- external to the enterprise. 27. The apparatus of claim 26, wherein said means for retrieving a security file father includes means for retrieving a security file from a server internal to the enterprise using said security file location and said security file access protocoL 28. The apparatus of claim 25, further comprising: means for receiving an email address from a user having the wireless network device; and means for wherein said security file is unique to a domain covering said email address. 29. The apparatus of claim 25, wherein said server internal to the enterprise is a web server. 30. The apparatus of claim 25, wherein said server internal to fhe enteiprise is a file server. 31. The apparatus of claim 25, wherein said server internal to the enterprise is a database server. 32. The apparatus of claim 25, further comprising; means for receiving communication from said wireless network device to an access server internal to die enterprise, the communication sent using a configuration stored in said security file. 33. The apparatus of claim 32, wherein said access server is an email server. 34. The apparatus of claim 32, wherein said access server is a push messaging server. 35. The apparatus of claim 32, wherein said access server is an instant messaging server. 36. The apparatus of claim 32, wherein said access server is an intranet web browsing server. 37. The apparatus of claim 32, wherein said access server is an intranet file access server. 38. The apparatus of claim 32, wherein said access server is an intranet application access server. 39. The apparatus of claim 32, wherein said access server is a virtual private network (YPN) access server. 40. The apparatus of claim 32, wherein said access servo- is a VPN key distribution server. 41. An apparatus for accessing an enterprise from a wireless network device by using a computer, comprising; means for retrieving a security file location from a server external to the enterprise; means for retrieving a security file from a server internal to the enterprise using said security file location; means for coupling the wireless network device to the computer; and means for programming said security file into die wireless network device. 42. The apparatus of claim 41, further comprising: means for retrieving a security file access protocol from said server external to flie enterprise, 43. The apparatus of claim 42, wherein said means for retrieving a security file further includes means for retrieving a security file from a server internal to the enterprise using said security file location and said security file access protocol 44. The apparatus of claim 41, further comprising: means for forwarding any remaining security parameters to the wireless network device. 45. The apparatus of claim 41, further comprising: means for sending an email address from a user having the wireless network device to a server internal to the enterprise. 46. The apparatus of claim 41, further comprising: means for sending communication from die wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file. 47. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perfonn a nusthod for configitting access from a wireless network device to an enterprise, comprising: retrieving a security file location from a server external to the enterprise; retrieving asecurity file from a saver internal to the enterprise using said security file location; programming said security file into the wireless network device; and forwarding any remaining security parameters to die wireless network device. 48. A program storage device readable by a machine, t^^ instaklions executable by ttema^ a wireless networic device by using a conpitff, cxxipising: retrieving a security ffle location from a sender external to the enterprise; retrieving a security file from a server internal to the enterprise using said security file location; coupling the wireless networic device to the ComputerLand programming said security file into the wireless networic device.

Full Text

SPECIFICATION
TITLE OF INVENTION ENTERPRISE ACCESS CONFIGURATION
t
i
/
FIELD OF THE INVENTION 10001] The present invention relates to the field of computer networks. More particularly, the present invention relates to enterprise access configuration for wireless remote email access.
BACKGROUND OF THE INVENTION [0002] Mobile devices, such as cellular phones and personal digital assistants (PDAs) have been growing in popularity for manyyears. Laptop computers have been popular for many years. Recently, wireless email access has been made avails laptop computers, cellular phones and personal digital assistants.With wireless email
access, a user may send and receive email remotely using a wireless Internet connection
[0003} Enterprise users are potentially a huge market for wireless email access. Enterprises, such as large companies, have a high need for instant communication and commonly business is conducted viaemaiL There are currently two broad categories of solutions for wireless remote email access. Both, however, cause significant problems for enterprises.
[0004] In thefirst scenario, an end-user purchases a wireless device to use in conjunction with a desktop compute:. Wireless email redirector software is placed on the desktop. This software monitors mail that «>mes into foe mail server destined for the user's mailbox, and then securely forwards it to his device. This solution, however, is not under control of the enterprise. For example, foe enterprise may have internal policies that require foe deletion of received email after 90 days. When the email is redirected to a wireless device, foe enterprise can no longer ensure that the email is deleted after 90 days. AMtfaer drawback of this first scenario is that it only works for email Furthermore, it requires that a desktop computer be left behind This, however, is not

possible for professionals who use a single laptop computer at the office and when they travel.
[0005] In the second scenario, an enterprise Information Technology (IT) manager selects and installs a solution for end-users. This entails either a dedicated mail server process or integration with a hosted Active Server Pages (ASP) service. A mail server, however, is a major IT project, possibly requiring a new dedicated forwarding server, an email server upgrade, and installation of other significant applications. For example, Microsoft™ of Microsoft Corporation requires the installation of ActiveDirectory and Exchange 2000 before installing their Mobile Information Server. It also is quite expensive. Furthermore, a hosted service may require a new supplier relationship. There also may need to be a complicated connection between the remote access provider and the wireless ASP service. Complex mail routing is required, introducing potential security risks. This solution also works only for emaiL
[0006] What is needed is a solution that allows an IT manager to prepare an organization for easy and secure wireless email access, with minimal investment of time or money.
BRIEF DESCRIPTION OF TOE INVENTION [0007] The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of die script maythen be stored on an external server. When an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer then may retrieve the security file location from the external sorer, retrieve the security file from tbe internal server using the security file location, and program the security file into the wireless device.
BRIEF DESCRIPTION OF THE DRAWINGS [0008] The accompanying drawings, which are incorporated into and constitute a part of Ms specification illustrate one or more embodiments of the present invention and, together with the detailed description, serve to explain the principles and implementations of the invention.

[0009] In die drawings;
FIG. 1 is a diagram illustrating a system in accordance with a specific embodiment of the present invention.
FIG. 2 is a diagram illustrating a system for accessing an enterprise in accordance with an embodiment of die present invention.
FIG. 3 is a flow dtegrto iUustrating a method for wireless network device to an enterprise in accordance with an embodiment of die present invention.
FIG* 4 is a flow diagram illustrating a method for accessing an enterprise from a wireless network device using a computer, in accordance with an embodiment of the present invention.
FIG. 5 is a block diagram illustrating an apparatus for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention.
DETAILED DESCRIPTION [0010] Embodiments of the present invention are described herein in die context of a system of computers, servers, and software. Those of ordinary skill in the art will realize that die following detailed description of the present invention is illustrative only and is not intended to be in any way limiting. Other embodiments of die present invention will readily suggest themselves to such skilled persons having the benefit of this disclosure. Reference will now be made in detail to implementations ofthe present invention as illustrated in the accompanying drawings. The same reference indicators will be used throughout the drawings and die following detailed description to refer to the same or like parts.
(0011] In the interestof clarity, not all of die routine features ofthe implementations described herein are shown and described It will, ofcourse, be appreciated that in die

development of any such actual implementation, numerous implementation-specific decisions must be made in order to achieve the developer's specific goals, such as compliance with application- and business-related constraints, and that these specific goals will vary from one implementation to another and from one developer to another. Moreover, it will be appreciated that such a development effort might be complex and time-consuming, but would nevertheless be a routine undertaking of engineering for those of ordinary skill in the art having the benefit of this disclosure.
[0012] In accordance with the present invention, the components, process steps, and/or data structures may be implemented using various typesof operating systems, computing platforms, computer programs, and/or general purpose machines. In addition, those of ordinary skill in the art will recognize that devices of a less general purpose nature, such as hardwired devices, field programmable gate arrays (FPGAs), application specific integrateddrcuits (ASICs), or the like, may also be used without departing from the scope and spirit of the inventive concepts disclosed herein,
[0013] The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of the script may then be stored on an external server. When an aid-user within die organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer that may retrieve the security file location and/or the security file access protocol from the external server, retrieve the security file from the internal server using the security file location and/or the security file access protocol, and program the security file into the wireless device.
[0014} FIG. 1 is a diagram illustrating a system in accordance with a specific embodiment of the present invention. A person capable of understanding the remote access procedures and security parameters for an organization (for purposes of this application, known as an "IT manager") may place a script containing general security parameters and access policies in a file on an appropriate internal server 100 using an FT computer 102. The file may haveread-only access to prevent unauthorized changes. A "wizard" may be provided to simplify the creation of this configuration script Many

different types of servers may be used as an internal sever 100 including, but not limited to, file servers, database servers, or web servers.
[0015] The location of the script may then be stored on an external server 104. This server may be owned by any of a variety of companies. The location may be represented through a Microsoft UNC, Internet URI^ and XQL database query or any other meam appropriate to identify the server and file. Each file may be associated with an email domain that covers email addresses routed to the organization (e.g., [email protected]*). The security file access protocol may also be stored on the external sever 104.
[0016] Independently, an end-user within die organization may decide to purchase a wireless network device 106 that he desires to access email with. He may query the external server to determine whether his email address is supported 104. Ifso, hemay purchase the wireless network device and attack it to a laptop behind a firewall At this time, if the email address is not supported, die operator of the external server may decide to support the email address by configuring the systemtoworic with fee email address. For example, the user may have email address [email protected]. If a previous employee with that company was configured to work with the system, then it may be that all employees with that company have been configured and all that is necessary is for the user to retrieve that configuration. However, if this is the first employee with that company to attempt access, the external server may configure that employee, at which point all employees with the email domain company.com will be configured.
[0017] The laptop 108 may then retrieve the security file location and/or security file access protocol from die server, retrieve the security file, and then program the security file into the wireless device, which has been coupled to the laptop. He also may then enter die remaining personal security parameters (e.g., personal account name and password). The device may now access fee corporate network directly when outside the firewall, using these parameters. This solution allows any form of access to be configured: push messaging, enterprise-based instant messaging, intranet web browsing, intranet file access, intranet application access, virtual private network (VPN) access, VPN key distribution, etc.

[0018] FIG. 2 is a diagram illustrating a system for accessing an enterprise in accordance with an embodiment of the present invention. After the wireless device 200 has been configured, email access may be coordinated using a virtual private network (VPN) server 202 which allows access to an email server 204.
[0019] FIG. 3 is a flow diagram illustrating a method for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention. At 300, an email address may be recdved from a user having the wireless network device. This email address may then be checked against a database having domains currently supported by the enterprise to determine whether a security file exists. If one does not, the system may choose to deny die request for access or to create a security file imique to a domain covering the email address. At 302, a security file location and/or a security file access protocol may be retrieved from a server external to the enteiprise. At 304, a security file may be retrieved from a server internal to the enterprise using the security file location and/or the security file access protocol. The server internal to the enterprise may be, for example, a web server, file server, database server, etc. At 306, the security file may be programmed into the wireless network device. At 308, any remaining security parameters may be forwarded to file wireless network device. At 310, communication may be received from the wireless network device to an access server internal to fee enterprise, the communication sent using a configuration stored in the security file. The access server may be, for example, an email saver, a push messaging servo:, an instant messaging server, an intranet web browsing server, an intranet file access server, and intranet application access server, a virtual private network (VPN) access server, a VPN key distribution server, etc.
[0020] FIG. 4 is a flow diagram illustrating a method for accessing an enterprise from a wireless network device using a conpite,inacc
fiom a server internal to the enterprise using the security file location and/or security file access protocol llie sewer internal to the enterprise may be, for example file server, database saver, etc. At 406, the wireless network device may be coupled to the computer. At 408, the security file may be programmed into the wireless network device* At 410, any remaining security parameters may be forwaded to the wirelessnetwork device
network device. At 412, communication may be sent fiom the wireless network device
to an access server internal to the enterprise, the communication sent using a
configuration stored in the security file. The access server may be, for example, an email
server, a push messaging server, an instant messaging server, an intranet web browsing
server, an intranet file access server, and intranet application access server, a virtual
private network (VPN) access server, a VPN key distribution server, etc.
(0021] FIG. 5 is a block diagram illustrating an apparatus for configuring access
froma wireless netwoik device to an enterprise in accordance with an embodiment of the
present invention. A security file location external server retriever 500 may retrieve a
security file location from a server external to the enterprise. A security'file access
protocol retriever 502 may retrieve a security file access protocol from the server
external to the enterprise, A security file internal server retriever 504 coupled to fee
security file location external server retriever 500 and to the security file access protocol
retriever 502 may retrieve a security file from a server internd to the ent^rise using the
security fik location and/or the security file access protocol The server internal to the
enterprise may be, for example, a webserver,^ A security
file wireless network device programmer 506 coupled to the security file internal server retriever 504 may program the security file into the wireless network device* A remaining security parameters wireless network device forwarder 508 coupled to the security file internal server retriever 504 may forward any remaining security parameters to the wireless network device.
J0022] While embodiments and applications of this invention have been shown and described, it would be apparent to those skilled in fee art having &eb«efit of ttxis disclosure that many more modifications than mentioned above are possible without departing from the inventive concepts herein- The invention, therefore, is not to be restricted except in fee spirit of the appended claims.

CLAIMS
What is claimed is:
1. A method for configuring access from a wireless network device to an enterprise,
comprising:
retrieving a security file location from a servo: external to the enterprise; retrieving a security file from a server internal to the enterprise using said security file location;
programming said security file into the wireless network device; and forwarding any remaining security parameters to the wireless network device.
2. The method of claim 1, further comprising:
retrieving a security file access protocol from said server external to the enterprise.
3. The method of claim 2, wherein said retrieving a security file ftirther includes retrieving a security file from a server mtaroal to die enterprise using said security file location and said security file access protocol
4. The method of claim 1, further comprising:
receiving an email address from a user having the wireless network device; and wherein said security file is unique to a domain covering said email address.
5. The method of claim 1, wherein said saver internal to the enterprise is a web server.
6. The method of claim 1, wherein said server internal to the enterprise is a file server.
7. The method of claim I, wherein said servo: internal to the enterprise is a database server.
S. The method of claim 1, further comprising:

receiving communication from said wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file.
9. The method of claim 8, wherein said access server is an email server.
10. The method of claim 8, wherein said access server ia a push messaging server*
11. The method of claim 8, wherein said access saver is an instant messaging saver.
12. The method of claim 8, wherein said access server is an intranet web browsing server.
13. The method of claim 8, wherein said access server is an intranet file access servo-,
14. The method of claim 8, wherein said access server is an intranet application access server.
15. The method of claim 8, wherein said access server is a virtual private network (VPN) access servo1.
16. The method of claim 8, wherein said access server is a VPN key distribution server.
17- A mdhod for accessing an enterprise firom a wireless network device by using a computer, comprising:
retrieving a security file location fromaserver external to fee enterprise;
retrieving a security file fiom a saver internal to fee enterprise using said security file location;
coupling fee wireless network device to fee computer, and
programming said security file into the wireless network device.

18. The method of claim 17, further comprising:
retrieving a security file access protocol from said server external to the enterprise.
19. The method of claim 18, wherein said retrieving a security file further includes retrieving a security file from a server internal to the enterprise using stud security file location and said security file access protocol
20. The method of claim 17, further comprising:
forwarding any remaining security parameters to the wireless network device.
21. The method of claim 17, further comprising:
sending an email address from a user having the wireless network device to a server internal to the enterprise.
22. The method of claim 17, further comprising:
sending communication from the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file.
23. An apparatus for configuring access from a wireless network device to an
enterprise, comprising:
a security file location external saver retriever;
a security file internal server retriever coupled to said security file location external server retriever;
a security file wireless networkdevice programmer coupled to said security file internal saver retriever, and
a remaining security parameters wireless network device forwarder coupled to said security file internal server retriever.
24. The method of claim 23, further comprising a security file access protocol
retriever coupled to said-securityjiie internal server retriever.

25. An apparatus for configuring access from a wireless network device to an
enterprise, comprising:
means for retrieving a security file location from a server external to the enterprise;
means for retrieving a security file from a server internal to the enterprise using said security file location;
. means for programming said security file into the wireless network device; and
means for forwarding any remaining security parameters to the wireless network device.
26. Hie apparatus of claim 25, further comprising:
means for retrieving a security file access protocol from said servo- external to the enterprise.
27. The apparatus of claim 26, wherein said means for retrieving a security file father includes means for retrieving a security file from a server internal to the enterprise using said security file location and said security file access protocoL
28. The apparatus of claim 25, further comprising:
means for receiving an email address from a user having the wireless network device; and
means for wherein said security file is unique to a domain covering said email address.
29. The apparatus of claim 25, wherein said server internal to the enterprise is a web server.
30. The apparatus of claim 25, wherein said server internal to fhe enteiprise is a file server.
31. The apparatus of claim 25, wherein said server internal to the enterprise is a database server.

32. The apparatus of claim 25, further comprising;
means for receiving communication from said wireless network device to an access server internal to die enterprise, the communication sent using a configuration stored in said security file.
33. The apparatus of claim 32, wherein said access server is an email server.
34. The apparatus of claim 32, wherein said access server is a push messaging server.
35. The apparatus of claim 32, wherein said access server is an instant messaging server.
36. The apparatus of claim 32, wherein said access server is an intranet web browsing server.
37. The apparatus of claim 32, wherein said access server is an intranet file access server.
38. The apparatus of claim 32, wherein said access server is an intranet application access server.

39. The apparatus of claim 32, wherein said access server is a virtual private network (YPN) access server.
40. The apparatus of claim 32, wherein said access servo- is a VPN key distribution server.
41. An apparatus for accessing an enterprise from a wireless network device by using a computer, comprising;
means for retrieving a security file location from a server external to the enterprise;
means for retrieving a security file from a server internal to the enterprise using said security file location;

means for coupling the wireless network device to the computer; and means for programming said security file into die wireless network device.
42. The apparatus of claim 41, further comprising:
means for retrieving a security file access protocol from said server external to flie enterprise,
43. The apparatus of claim 42, wherein said means for retrieving a security file further includes means for retrieving a security file from a server internal to the enterprise using said security file location and said security file access protocol
44. The apparatus of claim 41, further comprising:
means for forwarding any remaining security parameters to the wireless network device.
45. The apparatus of claim 41, further comprising:
means for sending an email address from a user having the wireless network device to a server internal to the enterprise.
46. The apparatus of claim 41, further comprising:
means for sending communication from die wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file.
47. A program storage device readable by a machine, tangibly embodying a program
of instructions executable by the machine to perfonn a nusthod for configitting access
from a wireless network device to an enterprise, comprising:
retrieving a security file location from a server external to the enterprise; retrieving asecurity file from a saver internal to the enterprise using said security file location;
programming said security file into the wireless network device; and forwarding any remaining security parameters to die wireless network device.

48. A program storage device readable by a machine, t^^
instaklions executable by ttema^
a wireless networic device by using a conpitff, cxxipising:
retrieving a security ffle location from a sender external to the enterprise; retrieving a security file from a server internal to the enterprise using said
security file location;
coupling the wireless networic device to the ComputerLand programming said security file into the wireless networic device.

Documents:

1485-chenp-2005 abstract granted.pdf

1485-chenp-2005 claims granted.pdf

1485-chenp-2005 description (complete) granted.pdf

1485-chenp-2005 drawings granted.pdf

1485-chenp-2005-assignement.pdf

1485-chenp-2005-claims.pdf

1485-chenp-2005-correspondnece-others.pdf

1485-chenp-2005-correspondnece-po.pdf

1485-chenp-2005-description(complete).pdf

1485-chenp-2005-drawings.pdf

1485-chenp-2005-form18.pdf

1485-chenp-2005-pct.pdf

« Previous Patent

Next Patent »

Patent Number

227397

Indian Patent Application Number

1485/CHENP/2005

PG Journal Number

07/2009

Publication Date

13-Feb-2009

Grant Date

07-Jan-2009

Date of Filing

04-Jul-2005

Name of Patentee

SIERRA WIRELESS, INC.

Applicant Address

13811 WIRELESS WIRELESS WAY, RICHMOND, COLUMBIA V6V 3A4,

Inventors:

#	Inventor's Name	Inventor's Address
1	TOSEY, JOSEPH, PETER, ROBERT	13811 WIRELESS WAY, RICHMOND, COLUMBIA V6V 3A4,

PCT International Classification Number

H04L29/06

PCT International Application Number

PCT/CA2003/001964

PCT International Filing date

2003-12-17

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1	10/323,138	2002-12-17	U.S.A.