Feature and Technical Overview | BlackBerry Enterprise Server process flows |
Process flow: Resending an IT policy to a BlackBerry device manually
1.You click a user account, and then click Resend IT Policy.
2.The BlackBerry Policy Service reads the current IT policy settings for the user account from the BlackBerry Configuration Database to determine which IT policy to send to the BlackBerry device.
The BlackBerry Policy Service prepares to send the IT policy using the GME protocol by adding the unique identifier and BlackBerry Enterprise Server version.
The BlackBerry Policy Service adds the unique key that the BlackBerry Domain uses to sign IT policy data packets to the IT policy data packet.
The BlackBerry Policy Service sends the IT policy data packet to the BlackBerry Dispatcher.
3.The BlackBerry Dispatcher encrypts the IT policy data packet using the device transport key of the BlackBerry device, compresses the content, and sends it to the BlackBerry Router for delivery to the BlackBerry device.
4.The BlackBerry Router sends the encrypted IT policy data packet to the wireless network over port 3101. The wireless network verifies that the PIN belongs to a valid BlackBerry device that is registered with the wireless network.
Process flow: Authenticating data on a BlackBerry device without connecting to the BlackBerry Infrastructure
1.A user connects a BlackBerry device to a computer that the BlackBerry Device Manager is running on.
2.The BlackBerry Router uses a unique authentication protocol to verify that the user is a valid BlackBerry device user.
The authentication sequence uses the same authentication information for the BlackBerry Enterprise Server and BlackBerry device that the SRP authentication sequence uses to validate the BlackBerry Enterprise Server before permitting it to connect to the BlackBerry Infrastructure. The BlackBerry Router cannot access the value of the device transport key of the BlackBerry device and BlackBerry Enterprise Server.
3.The BlackBerry device and BlackBerry Router use the BlackBerry Device Manager to send data to each other over the physical connection, behind the firewall. All the data that the BlackBerry device and BlackBerry Enterprise Server send to each other is compressed and encrypted. This data bypasses the wireless network.
The transfer of wireless data over an SRP connection is restored when the user disconnects the BlackBerry device from the computer or closes the BlackBerry Device Manager.
102