White Papers
Understanding OpenManage Mobile (OMM) and Quick Sync Security (PowerEdge 14th Gen servers and
MX Chassis)
9
Technical support and resources
2.2 Alert Push notification security
Alerts sent by using push notifications pass through several systems before reaching a mobile device.
However, each step is secured as shown in Figure 1.
Alert Push Notification Security
1. OME transmits alerts to Dell OpenManage Mobile Cloud Services (OMCS) via HTTPS as identified by
using a PKI certificate.
2. Based on the platform, alerts are sent by using HTTPS to Google Cloud Messaging (GCM), or by
using a binary protocol over TLS to the Apple Push Notification Service (APNS). Google and Apple
servers are also identified by a certificate.
3. Android and Apple devices connect to Google and Apple servers respectively over a secure
channel and retrieve the alert push notifications.
Only limited information such as the number of new alerts is available outside the OMM application.
Potentially-sensitive information such as alert message contents are not shown on the device notification bar,
app icons, or other mobile display areas.
Each mobile device supplies an application- and device-specific registration token to each OME server
when it subscribes for alerts. The token is sent to and used by OMCS to identify the device to GCM and
APNS.
Without that token, no other service can send push notifications to that OMM instance.
Apple and Google use certificates and/or API keys to identify OMCS as being associated with the OMM app.
Similarly, OMCS identifies OME instances by using API key. OMM tracks the OME instances it is subscribed
to, so that it can discard alerts from subscriptions that have been removed. This helps prevent spurious or
unwanted notifications.
Dell EMC does not persist the contents of alerts within OMCS.
OpenManage
Essentials
Server
Apple Push
Notification
Service
Google Cloud
Messaging
OpenMange
Mobile Cloud
Services
OpenManage
Mobile
OpenManage
Mobile
(iOS)