Controlling Exchange ActiveSync device access using the Allow/Block/Quarantine list

MSExchange team blogged about the ABQ and how we can use it to control which devices can connect in our environment. I spoke

What is the Allow/Block/Quarantine list?

In Exchange 2010 we added a feature called the Allow/Block/Quarantine list (or ABQ for short). This feature was designed to help IT organizations control which of the growing number of Exchange ActiveSync-enabled devices are allowed to connect to their Exchange Servers. With this feature, organizations can choose which devices (or families of devices) can connect using Exchange ActiveSync (and conversely, which are blocked or quarantined).

It is important to understand that the ABQ list is not meant to displace policy controls implemented using Exchange ActiveSync policies. Policy controls allow you to control and manage device features (such as remote wipe, PIN passwords, encryption, camera blocking, etc.) whereas the ABQ list is about controlling which devices are allowed to connect (for example, there may be a lot of devices that support EAS PIN policies, but some IT departments only want to allow certain devices to connect to limit support or testing costs). The easy takeaway is that Exchange ActiveSync policies allow you to limit device access by capabilities while the Allow/Block/Quarantine list allows you to control device access by device type. If you’re curious as to what devices OS support which policies, the Wikipedia article we blogged about is a good place to look.

Read more at source: http://msexchangeteam.com/archive/2010/11/15/456931.aspx

Cheers,
Anderson Patricio
http://blogs.msexchange.org/patricio
Twitter: @apatricio

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top