Platform Architecture

NQSky EMM Platform Architecture

EMM Platform Architecture

NQSky EMM platform is designed for enterprise mobile security and can provide enterprises with the capability for security management of devices, applications, data, documents, emails and information. EMM service provides Mobile Device Management (MDM), Mobile Application Management (MAM) and Mobile Content Management (MCM) for enterprises, covering the full life cycle of three basic demands for mobile management. Besides, Mobile Security Access Gateway (MSAG), Identity Management Service (IMS) and NQSky Push Notification Service (NPNS) are innovated by NationSky to help enterprise realize advanced features, such as the transmission security of mobile apps, 3A identity authentication of single sign-on across applications as well as large-scale & efficient push service, which provides enterprise customers with a more complete mobile workflow security management system.


EMM Server

EMM 企业移动管理服务器

EMM server is the core component of NQSky EMM.

EMM server is connected to the back-end system of enterprise IT. It connects and manages other NQSky EMM components and processes the enterprise mobility management commands and policies.

EMM server provides the capability to centrally manage mobile devices, remotely configure enterprise resources and security management policy, uniformly deploy enterprise apps and securely distribute contents to mobile devices.

The open architecture allows the third-party mobile system to interact with EMM platform by calling APIs, so as to offer the intelligent management capability with higher dimensions and finer grain.

Mobile Security Access Gateway

Mobile Security Access Gateway (MSAG) offers NQSky EMM and the third-party apps (by SDK integration) the secure tunnel with encrypted transmission and management service, ensuring the security of application data and management data during the transmission and implementing the compliance management for users and devices, so as to further improve the security control capability of enterprise information.

Secure Transmission

Proprietary protocol encryption to ensure the security of data transmission.

Access Control

Only authorized apps can access the enterprise resources.

Network Protection

Prevent enterprise resources from being attacked by DDoS; a protective barrier for network security.

Mobile Identity Management Service

Mobile Identity Management Service offers NQSky EMM and the third-party applications (by SDK integration) the unified identity management service, realizing the single sign-on across applications, so as to simplify the enterprise identity management procedures and build the unified access mechanism.

▶Unified Account


The unified account management mechanism for multiple systems and multiple applications are built to realize centralized account management.

▶Unified Authentication


The unified access interface of enterprise apps realizes the unified identity authentication, single sign-on across applications as well as the convenient, secure and efficient access to the enterprise intranet and cloud based resources.

▶Unified Authorization


The access authorization mechanism is provided to centrally manage enterprise authorization policies based on user roles and application categories.

NQSky Push Notification Service

NQSky Push Notification Service is independently developed by NationSky and adopts the advanced push mechanism, which not only ensures data security but also greatly reduces the data usage and power consumption of devices. NQSky Push Notification Service supports enterprise private cloud deployment so as to meet enterprises’ confidentiality requirement.

• Low Power Consumption & Mobile Data Saving

The idle data usage is less than 3 KB per day. The average value of power consumption is 40mA per day.

• Android SDK Integration

Applications (for Android only) can acquire PN capability through integrating with NPNS SDK.

• Support Enterprise Private Cloud Deployment

The private cloud deployment satisfies the demand from customers that Intranet and Internet are isolated, which realizes the push service in the Intranet, reduces the resource consumption and supports scalable users.