I am waiting for BES 10, before I implement the UDS.  I am hoping that they will provide something similar to the BES, that will control the email.

In addition to your complaints...

Android support is minimal, but it's hard to blame RIM for that, since the Android OS has so few standard security features to control.  RIM needs to build it's own email client (like IBM did, with it's own Lotus Notes Traveler), to control anything on those devices.

BDS and UDS email is all routed, without any filtering capability.

Application deployment is not dependable.

Since the devices have to connect to the Active Sync server separately, Administration of the devices now has to be done within two different applications.

BUT... I am very hopefull that BES 10 will solve some of these issues, because I don't want to look like an **bleep** for waiting... instead of jumping ship like everyone else...

For issue #1.  I just tested on an IPhone with UDS 6.1.2 and if you delete the Mobile Fusion Client from the device within 15 minutes all profiles pushed out through UDS were deleted.

Issue #1 is a problem no matter what MDM solution you use with iOS. I haven't seen one yet that will remove MDM profiles when the app is removed. But you can still push wipe commands to the device and we have a policy set if the app doesn't check in for a certain number of days to send a wipe command. We don't do this with UDS but another vendor's product.

Issue #2 can be solved be requiring some sort of authentication that is provided by the MDM solution, such as a user certificate. Our Wi-Fi and Activesync authentication requires a user cert that deployed by the MDM solution with SCEP.

One advantage that Blackberry has promised for BES 10 with iOS is to be able to do ActiveSync over the BES network with some sort of proxy service on the BES 10 server (i.e. MDS). They can do this today with Playbooks and BDS.

@-BD- I haven't see this behavior in my testing but will try it again and see what happens.

Am I understanding this correctly, the profiles can be removed after the Mobile Fusion Client has been uninstalled?  Or, are they removed during the uninstallation of the Client?

Another hypothetical related to Issue #1.  On an Android device, an app's data cache can be cleared - effectively performing a "factory reset" of the app.  I assume this action severs all communication between the device and UDS (yes/no?).  I have noticed that some of the changes pushed out to a phone are not removed, presumably because the Mobile Fusion Client made those changes within Android and they are not stored in the app per se.  For example, after clearing the Mobile Fusion app's cache I noticed the phone retained the Wi-Fi profile pushed to it. 

As an administrator, is there a mechanism in Mobile Fusion to remove these left-overs after a user clears the app's cache?

@-BD- Yup, tested it on a couple of iOS devices, and after removing the Mobile Fusion client the various profiles were automatically removed within a few minutes. Glad to see this has been resolved.

did you set any special policy setting for this ?