Blackberry blackberry enterprise server for microsoft exchange Feature and Technical Overview

Page 53

Feature and Technical Overview

BlackBerry Enterprise Solution security

You can configure an allowed list to determine which devices can access a BlackBerry Enterprise Server. A device that meets the criteria that you specify in the allowed list can associate with the BlackBerry Enterprise Server when the device activates over the wireless network.

You can define the following types of criteria:

specific device PINs

range of device PINs

specific manufacturers

specific device models

The BlackBerry Administration Service includes lists of permitted manufacturers and models of devices that you associated with the BlackBerry Enterprise Server previously.

You can permit a user to override the Enterprise Service Policy so that a device can connect to the BlackBerry Enterprise Server even if you configure the allowed list with criteria that exclude that device.

For more information, see the BlackBerry Enterprise Server Administration Guide.

Using an IT policy to manage BlackBerry Enterprise Solution security

You can use an IT policy to control and manage BlackBerry devices, the BlackBerry Desktop Software, and the BlackBerry Web Desktop Manager in your organization's environment. An IT policy consists of multiple IT policy rules that manage the security and behavior of the BlackBerry Enterprise Solution. For example, you can use IT policy rules to manage the following security features and behaviors of the device:

encryption (for example, encryption of user data and messages that the BlackBerry Enterprise Server forwards to message recipients) and encryption strength

use of a password or pass phrase

connections that use Bluetooth wireless technology

protection of user data and device transport keys on the device

control of device resources, such as the camera or GPS, that are available to third-party applications

The BlackBerry Enterprise Server includes preconfigured IT policies that you can use to manage the security of the BlackBerry Enterprise Solution. The Default IT policy includes IT policy rules that are configured to indicate the default behavior of the device or BlackBerry Desktop Software.

After a device user activates a device, the BlackBerry Enterprise Server automatically sends to the device the IT policy that you assigned to the user account or group. By default, if you do not assign an IT policy to the user account or group, the BlackBerry Enterprise Server sends the Default IT policy. If you delete an IT policy that you assigned to the user account or group, the BlackBerry Enterprise Server automatically re-assigns the Default IT policy to the user account and resends the Default IT policy to the device.

53

Page 52 Page 54
Image 53
Page 52 Page 54
Contents Feature and Technical Overview Published 2013-11-07 SWD-20131107160132924 Contents BlackBerry Enterprise Solution security 103 Date Description Document revision historyWhats New in BlackBerry Enterprise Server 5.0 SP4 Feature DescriptionEnhancements to access control Enhancements to security featuresIncreased efficiency of reconciliation ProcessOverview BlackBerry Enterprise Server Architecture BlackBerry Enterprise Server BlackBerry Enterprise Server ArchitectureFeature and Technical Overview Component Description Database and the message store databases BlackBerry Synchronization ServiceDevices BlackBerry Web Desktop ManagerComponentDescription Architecture Remote BlackBerry Collaboration ServiceMessaging data that BlackBerry devices send BlackBerry Administration ServiceBlackBerry Collaboration Service Architecture Remote BlackBerry MDS Connection Service Architecture Remote BlackBerry Router Component Description Architecture Remote BlackBerry Administration Service Enterprise Server, user accounts, and BlackBerry devices Architecture Remote BlackBerry Attachment ServiceBlackBerry device for viewing Details and user information Architecture BlackBerry Web Desktop ManagerComponent Description BlackBerry Administration Service BlackBerry Enterprise Server Components and featuresBlackBerry Mail Store Service BlackBerry Configuration PanelDomain Using the server view or component view Options for viewing the BlackBerryTable name Description Page BlackBerry Messaging Agent BlackBerry messaging and collaboration servicesContact list updates You can turn off wireless email reconciliationEmail reconciliation Appear with the same status on their BlackBerry devicesAttachment in multiple data packets If an attachment exceeds 64 KB, the BlackBerry device sendsApplication on their BlackBerry devices BlackBerry devicesCan synchronize to their BlackBerry devices BlackBerry Collaboration ServiceUsing the BlackBerry Administration Service Sessions automatically and permits new sessions to start Session managementConversations with multiple contacts Contacts on their BlackBerry devicesContact list on BlackBerry devices Formats on their BlackBerry devicesMessages to contacts directly from their contact lists User is linked to an existing contact list entryBlackBerry Synchronization Service Format Extension BlackBerry Attachment ServiceAudio Amr, .mp3, .wav, .wma Corel WordPerfect Wpd BlackBerry MDS Connection ServiceHtm, .html RtfService requests user information and caches cookies Authentication methodsProxy auto-configuration .pac file Access controlBlackBerry Browser Applications BlackBerry ApplicationsBlackBerry Java Applications Type DescriptionFeature and Technical Overview Controlling third-party applications on BlackBerry devices BlackBerry Policy ServiceBlackBerry device management BlackBerry Router Configurations on the BlackBerry device automaticallyUser account to the Default IT policy automatically Application management Computer that can access the intranetBlackBerry Web Desktop Manager Simplified administration Suite installed, to BlackBerry devicesService statistics Over the wireless networkNotifies the users when a newer Users cannot generate encryption Devices are connectedKeys Users cannot override emailUsers can synchronize the following Wireless activation Principles Description BlackBerry Enterprise Solution 6 securityConnect to the BlackBerry Enterprise Server Security features of the BlackBerry Enterprise SolutionData protection Feature and Technical Overview Encrypting user data on a locked device Extending messaging security to a BlackBerry deviceEncrypting the device transport key on a locked device Managing device access to the BlackBerry Enterprise ServerFeature and Technical Overview Delete only the organization data IT administration command DescriptionProtection, you cannot use this command Application data BlackBerry Enterprise Server High availability Feature and Technical Overview How a primary BlackBerry Enterprise Server self-demotes Feature and Technical Overview BlackBerry Configuration Database high availability BlackBerry Configuration Database mirroring Feature and Technical Overview Component High availability type Description High availability in a distributed environmentConfiguration Database Collaboration Service instanceConnection Service instance Using information that is stored in the BlackBerryTypes of Wi-Fi networks Wi-Fi enabled devicesSupport the authentication type that your organization uses Home Wi-Fi networksWireless access points Component Description Across multiple radio technologies Internet contentFeature and Technical Overview GSM/EDGE Feature and Technical OverviewWi-Fi enabled devices Characteristic Description Characteristic Description Security features of a Wi-Fi enabled device Infrastructure over a Wi-Fi connection Direct access to the BlackBerryExpanded groups of Wi-Fi and VPN Multiple Wi-Fi and VPN profilesProcess flow Sending a message to a BlackBerry device BlackBerry Enterprise Server Process flowsMessaging process flows Process flow Sending a message from a BlackBerry device Feature and Technical Overview Feature and Technical Overview Instant messaging process flows Feature and Technical Overview Feature and Technical Overview Feature and Technical Overview Feature and Technical Overview Feature and Technical Overview Feature and Technical Overview Feature and Technical Overview Process flow Viewing a message attachment Message attachment process flowsProcess flow Viewing an attachment using a link Feature and Technical Overview Organizer data process flows Feature and Technical Overview Process flow Adding a contact picture on a BlackBerry device Mobile data process flows Feature and Technical Overview Feature and Technical Overview Feature and Technical Overview Feature and Technical Overview Feature and Technical Overview 100 BlackBerry device management process flows Feature and Technical Overview Glossary10 Generic access network Enterprise ServiceGeneric access network controller Destination service to route the data toKerberos protocol Service booksMessage keys Messaging serverUnlicensed Mobile Access Universal Content StreamUniversal Serial Bus Virtual private network107 Provide feedback108 Legal notice109 Feature and Technical Overview
Top Page Image Contents