Moving Beyond MDM for Custom iOS Solutions


iOS logoI’m really excited about several new iOS development and deployment projects that we’ve been working on at CG. We’re working closely with Apple on a bunch of solutions: at the most basic level, we’re building solutions for security and management of employee iPad and iPhone use; at the other end of the spectrum, we’re helping to realize visions such as a kiosk-like platform of thousands of iPads deployed in retail environments around the country.

We’ve learned a ton about what is and isn’t possible as we strategize ways to scale to thousands of units. Here are some of the challenges we’ve come across:

  • How do we deploy and support iPads – whether ten or ten thousand – in a secure, efficient, and centralized way?
  • How can we architect kiosk-like application experiences on the iPad, enabling us to design and curate the customer experience, while also allowing a true iPad experience complete with app-switching, web browsing, Facebook-checking, game-playing, and movie-watching?
  • What kind of network and server architecture is needed to support a platform of iOS devices across the globe? How do we enable caching and pushing of dynamic data to the devices – particularly large amounts of media content?

Centralized deployment and support of iOS devices

How do we deploy and support thousands of iPads or iPhones in a secure, efficient, and centralized way? Mobile Device Management (MDM) platforms like AirWatch, Casper, MobileIron – and soon, OS X Lion Server – allow us to push XML configuration profiles to iOS devices. This enables centralized inventory and basic management of the devices: from what version of iOS they have installed, to some security control over how/if users can install and delete apps. For many enterprise customers, these tools are useful for administering security policies on employee-owned iOS devices. But for custom platforms like kiosks and retail experiences, MDM is not ideal due to the need for end-user interaction. What we need is a way to easily restore iOS devices back to their “golden” state in a centrally managed way.

We’re excited about the potential of over-the-air restores and software updates coming in iOS 5, but as of today, iTunes is the only game in town for this. Working within this limitation, we’ve architected some innovative solutions that enable iOS devices to connect to iTunes virtually over USB to IP converters and a content distribution infrastructure. Until iOS 5, this is a good option to have, and I haven’t heard of anyone else embracing this approach.

Rearchitecting Apple’s iOS user experience

Put an iPad in front of someone and they’re going to tap, scroll, pinch, and squeeze the user interface. The user experience is still the leader in the tablet space – though we’ve been recently impressed by the BlackBerry PlayBook. For a project we’re working on now, we want to encourage this user experimentation and interaction, while locking down some important components of the UX. Things like App Store purchases, iTunes downloads, deleting apps, rearranging icons, and changing the home screen wallpaper will quickly affect the kiosk experience. MDM solutions can help disable some of these features, but the aforementioned need for user interaction just doesn’t work for specialized user environments.

One solution we’ve had success with is a combination of custom code to disable user customization of the Springboard, plus a WebKit-based Safari replacement for browsing that enables us to prevent user download of unauthorized content. Combine these with some configuration profile-based customization of iOS and we have a good solution for locking a customer experience down and reducing the frequency of unit restores or reimaging.

The CG approach to iOS projects

Part of what makes CG stand out as a solution provider is our deeply embedded collaboration between our application development team and our infrastructure team. As the Enterprise’s appetite for customized mobile platforms and experiences grows, we’re uniquely suited as a technology partner to build and innovate on our customers’ vision. iOS is at the core of this vision and I couldn’t be more excited to be working with these technologies today. Plus, iOS 5 is on its way and it’s shaping up to be a giant leap forward!

Thanks to CUNY’s Technology Immersion class!


CUNY Graduate School of Journalism

Last night I was joined by our VP of Dev Ops, David Rocamora, and one of our senior application developers, Evan Frohlich, for a visit to CUNY’s Entrepreneurial Journalism program. We were invited to be guest presenters in the program’s Technology Immersion class. This course presents students with the media, business, and journalistic opportunities presented by new and emerging technologies and trends. It was a great, smart group of students from a wide range of backgrounds, each with a unique idea for a business or product at the crossroads of technology and journalism. Lots of neat innovation happening there.

I spoke a bit out CG, our history, capabilities, and process, while Dave gave an excellent talk on the Cloud, and how software and infrastructure are intimately connected. (Remember what happened last week?) Evan spoke about behavior driven development, and offered some guidance on avoiding feature creep, and releasing early and often.

It was great to be back in a classroom with these guys. We can’t wait to see how the student’s business and product ideas gel, and look forward to using some of their products in the future!

Goodbye Xserve. Now what?


Today, Apple announced that the Xserve will no longer be available for purchase after January 31, 2011. What does this mean for existing and future infrastructure that relies on Mac OS X Server and Xsan?

For existing Xserve environments, Apple will continue to provide warranty service and complimentary technical support for the product. This means that all AppleCare service and support agreements should be honored until they expire.

Apple is providing an Xserve Transition Guide with information on options moving forward. They suggest that customers looking for Mac OS X Server solutions move to Mac Pro or Mac mini hardware solutions. We have had great success with these solutions for providing basic services such as file sharing, directory services, and calendaring to small- to medium-sized workgroups.

But what about Xsan environments? Xsans could be built using Mac Pros for metadata controllers, with a few serious considerations — we lose the power redundancy and lights out management (LOM) that Xserve provides. Also, this solution will require 12U of rack space for two Mac Pro servers instead of 2U for two Xserves, which is not very appealing to customers designing server room rack elevations.

This is also an opportunity to discuss alternative SAN solutions, such as Quantum StorNext, which is compatible with Xsan. Control Group has had recent successes in deploying StorNext as an alternative to Xsan, allowing users and organizations to continue to use the Apple tools they are familiar with, such as Final Cut Pro, while leveraging a robust, Linux-based infrastructure in the server room. StorNext has a very rich feature set and does some things that are not possible with Xsan, such as hierarchical storage management.

If you remember, a few years ago Apple discontinued the Xserve RAID storage solution, the IT world panicked, and then Apple announced a partnership with Promise and the Promise Vtrak for Mac solution. Maybe Apple has similar plans for a replacement for the Xserve. Whether they do or not, there are great alternatives to discuss, so if you have questions or concerns, give us a shout.

Help Novacut Become a Reality


Not happy with the available options for collaborative video editing tools, Novacut is leveraging open-source software and developing a free video editor with a unique distributed design:

  • Distributed workflow – collaboratively edit video with other artists over the Internet
  • Distributed storage – seamlessly store and synchronize video files across multiple computers and the cloud
  • Distributed rendering – seamlessly spread rendering and encoding across multiple computers and the cloud

Projects like this can be really inspiring to see mature. In their own words:

So we’re not re-inventing the wheel. We’re re-using existing open-source components wherever possible. All the really hard work has been done for us already, for which we are very thankful. At the same time, I don’t know of another editor that has the same use-case priorities that we have. Different video editors *should* have different priorities because there are distinct use-cases worth optimizing for.

We dropped some money in the Kickstarter, maybe you’d like to too. Today is the last day to help them reach their goal of $25,000.

Contribute to the project at Kickstarter.

Centralized Storage, Transcoding, and Rendering. And 0-60 in 3.9 seconds!


Digital studios and post houses need to incorporate new storage technologies now more than ever. It’s not as simple as storing data anymore — they need a strategy for centralized storage, transcoding, rendering, backup, and archiving, not to mention a workflow that incorporates all these solutions.

One company where we helped incorporate this type of strategy is media arts firm thelab. Our latest case study on this deployment is now live on our website.

In addition to a high-performance media SAN, StorNext and StorageManager, Control Group installed a centralized rendering solution for Maya in the form of a powerful render farm. This helped thelab complete a 30-second spot for the world’s fastest production sedan, the 2010 Cadillac 2010 CTS-V, in just 25 days.

Check out the finished product, and read more about CG’s solution!

We're Celebrating Fall with Final Cut Server and Seasonal Brews!


To celebrate autumn, we’ve put together a great event with some help from Apple. We’re partnering with StudioSysAdmins, the fantastic social networking community for engineers and techs from the entertainment industry, to bring Drew Tucker down to CG to talk about Final Cut Server. Drew is the author of the just-released Apple book on Final Cut Server. Come down and join us – please email to RSVP or for more info. Check it out:

Advanced Asset Management Integration with Final Cut Server
Wednesday, September 22, 2010, 6:30–8:00pm
Control Group, 233 Broadway, 21st Floor (corner of Park Place)

Join Control Group and StudioSysAdmins as we present Drew Tucker, author of the latest title in the Apple Pro Training Series: Final Cut Server 1.5.

We will be discussing the catalyst events and changes to production workflow that can create a need for asset management, archiving, and centralized transcoding. We’ll also talk about Final Cut Server integrations like publishing video to online distribution platforms, passing assets to third party transcoding engines, and dealing with advanced review and approval workflow.

The event will take place in Control Group’s newly expanded offices in the historic Woolworth Building. Drew will remain on hand afterward to answer all of your Final Cut Server questions, and we’ll have plenty of local, seasonal beers to celebrate the autumn solstice!!!

For more information or to RSVP, please email

Control Group: Technology for Big Ideas.

Control Group is a technology services firm that provides insightful business analysis and integrated technology solutions including infrastructure, architecture, software, engineering and support for some of the most innovative companies in media and entertainment, like The Daily Show with Jon Stewart, The Colbert Report, IMG/Mercedes-Benz Fashion Week, World Wrestling Entertainment, Walker Digital Gaming and Studio Daniel Libeskind. Our whole-business perspective results in solutions that not only make our clients more efficient, but also creates true competitive advantage, while increasing bottom line and improving shareholder value.

About StudioSysAdmins

StudioSysAdmins is a social networking community dedicated to improving infrastructure, workflows and support across the Entertainment Industry. It’s an expanding community with one common site that joins Systems Administrators, Technical Directors, Pipeline Developers, Consultants, Hardware/Software Support Engineers and Hardware/Software Vendors and Resellers (VARs) that currently work in and/or support production studios in the areas of animation, visualization, visual-fx, film, and games.

Our goal is to enable the sharing of all non-proprietary information among all of our Members and to maintain open discussions between Studios, Vendors and VARs to determine standards in order to help improve support for the installation, implementation, monitoring and maintenance of hardware, software and operating systems.