Bittium Secure Suite™ - End-to-End Mobile Security with Android Devices
Full Set of Services for Device Management and Encryption
Bittium Secure Suite™ is a device management and encryption software that complements secure Bittium Tough Mobile 2 smartphones and other Android™ devices, with a full and scalable set of software and services. The software and services are both for the smartphone and server side and enable high level of security for communications, data transfer, and device management. Secure Suite requires installation of a server software, which is provided either as a dedicated IT service or hosted by the customer.
The combination of Secure Suite with Bittium Tough Mobile 2 C smartphone and Bittium Secure Call application has been approved for NATO Restricted level communications. Combination of Secure Suite and Bittium Tough Mobile 2 C has been approved for CONFIDENTIAL (NCSA-FI, TL III) level communications.
Secured Network Traffic
Efficient Control over Device Fleet
Approved Applications Only
Works in Private and Closed Networks
Highlights of Features Included
SafeMove Mobile VPN
The always-on VPN secures your network traffic, cannot be bypassed by apps or user
Mobile Device Management
Centralized remote management of Tough Mobile 2 and Android security features from the server
Mobile Application Management
Make available only the applications you approve for your organization
Device Policy
Control over 100 parametres, including lock password policy & length, device wipe, and enable/disable functionalities
Certificate Authority
Production grade CA system, automatic over-the-air renewal of certificates
Log Server & Visualization
Visual log analytics for efficient incident response and even proactive incident avoidance
Security Built In Layers Together with Tough Mobile 2
Data at rest protected with the world’s most secure mobile platform, Bittium Tough Mobile. Security is integrated deep within the hardware and source code to prevent extraction of data.
Data in transit protected with Bittium Secure Suite; encrypted network traffic, mobile device management and mobile application management.
Bittium Secure Suite optional add-ons:
- Secure VoIP calls and messaging with Bittium Secure Call™
- Analytics for monitoring field performance
- Zone for geo-fencing services
- Licenses for COTS devices
Built to Earn Your Trust
Designed to not require trust in third parties or cloud services
Source code audits of security sensitive components
Extensive quality assurance and security testing
Unique and reliable solution for processing and transferring encrypted and classified material
Related Products
Technical Specifications
Mobile VPN Features
- IPsec, IKEv2 MOBIKE
- Integrated firewall and IPsec policy
- Always-on, cannot be bypassed by apps or user
- Require successful remote attestation for VPN access
- Per-app and per-container VPN
- Extensively tested and externally audited code base
- VPN tunnel for USB tethered traffic
Mobile VPN Crypto
- CNSA/NSA suite B compatible
- SHA2-512
- AES-256, SERPENT
- Elliptic curve cryptography:
ECDH groups 19, 20, 21 (NIST) and 27, 28, 29 and 30 for IKEv2 (Brainpool) - ECDSA certificates
- Hardware accelerated crypto
Mobile Device Management
Centralized, remote management of the Tough Mobile and Android security features from the server.
- Remote policy update (push)*
- Remote wipe, lock, and password change*
- Manage trusted CA certificates*
- Factory reset protection*
- Android Enterprise support*
- SafeMove VPN policy management
- Device history and audit logs
- Wi-Fi management: SSID configuration, security policy, credentials
- Mass provisioning by operators, or self-provisioning by end users
*only for Android devices
Device Policy (Android)
- Device lock password policy:
- Altogether, it is possible to control
more than 100 parameters
- Altogether, it is possible to control
- Device wipe after failed password entry
- Device lock timeout
- Password expiration time
- Wallpaper and owner info management
- Enable/disable:
- Software from untrusted sources
- Android Debugging Bridge (ADB)
- Developer settings
- Bluetooth
- Camera
- MMS send and receive
- Location services
- iZat (Qualcomm AGPS)
- Android connectivity check
- Volume adjustment
- Application settings control
- Cell broadcasts
- Configuration of device credentials
- Configuration of mobile networks
- Tethering
- Configuration of VPN
- Configuration of Wi-Fi
- User-initiated factory reset
- Apps installation and uninstallation
- Modify accounts
- Mount external physical media (USB, SD card)
- User-initiated network settings reset
- Outgoing NFC beam
- Outgoing calls
- SMS
- Microphone volume adjustment
- USB file transfer
- USB whitelist
Certificate Authority
- Includes production grade CA system
- EST and SCEP protocols for certificate enrollment to devices
- Automatic over-the-air renewal of certificates
- Integration with external CA systems
Log Server and Visualization
- Visual log analytics for efficient incident response and even proactive incident avoidance
- Collecting and analyzing log data for keeping administrators up-to-date on what happens on device and infrastructure side
- Integrates with Bittium SafeMove® Analytics (optional)
Secure Push Messaging
Secure and scalable push system that can be easily implemented in apps. Familiar API, similar to common cloud messaging systems.
- Low power requirements
- Low latency
- Low bandwidth
- Can be hosted on customer premises
- TLS security and optionally VPN
Bittium Secure Call™ (optional)
- End-to-end encrypted voice calls
- End-to-end encrypted video calls
- End-to-end encrypted messages
- Centralized contact directory
Supported Server Platforms
- SafeMove Server Appliance
- Vmware™ virtual appliance
- Common cloud and virtualization platforms
Supported Client Platforms
- Android 9 onwards
- Windows 10 onwards
Materials
Android is a trademark of Google LLC.