Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

BlackBerry Enterprise Service 10

Version: 10.2
Product Overview
BlackBerry Enterprise Service 10
Published: 2015-02-24
SWD-20150218122408822
Contents
1
About this guide................................................................................................................................4
Documentation and the product lifecycle............................................................................................................................. 4
Finding your way through the documentation....................................................................................................................... 6
2
What is BlackBerry Enterprise Service 10?.........................................................................................8
Key features of BlackBerry Enterprise Service 10..................................................................................................................8
Compatibility and requirements............................................................................................................................................9
Using BlackBerry Enterprise Service 10 with BlackBerry Enterprise Server 5.........................................................................9
3
Product features.............................................................................................................................10
Key features for all device types..........................................................................................................................................10
Key features for BlackBerry 10 devices and BlackBerry PlayBook tablets............................................................................12
Key features for iOS devices and Android devices............................................................................................................... 13
BlackBerry Technical Support Services.............................................................................................................................. 14
Extending the capabilities of BlackBerry Enterprise Service 10........................................................................................... 15
4
Architecture................................................................................................................................... 16
Architecture: BlackBerry Enterprise Service 10.................................................................................................................. 16
Components used to manage BlackBerry 10 devices and BlackBerry PlayBook tablets................................................ 18
Components used to manage iOS and Android devices................................................................................................ 20
Installing BlackBerry Enterprise Service 10 on a single computer........................................................................................ 23
Installing BlackBerry Enterprise Service 10 on multiple computers..................................................................................... 24
Installing BlackBerry Enterprise Service 10 for high availability........................................................................................... 25
Primary and standby components............................................................................................................................... 26
5
Product documentation.................................................................................................................. 28
6
Glossary......................................................................................................................................... 31
7
Legal notice....................................................................................................................................32
Product Overview
About this guide
About this guide
1
BlackBerry Enterprise Service 10 helps you manage BlackBerry devices, Android devices, and iOS devices for your
organization. This guide contains an overview of BlackBerry Enterprise Service 10, including its features and architecture.
This guide also describes how to manage the product lifecycle, from evaluation and installation to day-to-day
administration and maintenance, and which guides to read for more in-depth information.
This guide is intended for senior IT professionals responsible for evaluating the product and planning its deployment, as
well as anyone who's interested in learning more about BlackBerry Enterprise Service 10. After you read this guide, you
should understand the product's capabilities and the full set of technical documentation available.
Documentation and the product lifecycle
The documentation for BlackBerry Enterprise Service 10 supports all the things that you need to do as you manage the
product through its lifecycle. The product lifecycle starts with you understanding the latest version of the product,
continues as you install and configure the product for day-to-day administration, and starts again when the next version is
available. The chart below provides a map for moving through the lifecycle, with three main milestones along the way.
4
Product Overview
About this guide
5
Product Overview
About this guide
Finding your way through the
documentation
Depending on what you need to do, different guides are useful. The table below can help you understand which guides to
use and when. For more information about the guides and additional related materials, see Product documentation.
You need to...
Tasks
Guides
Understand the product
•
•
Product Overview
•
Security Technical
Overview
•
Secure Work Space for
iOS and Android Security
Note
•
Release Notes
•
Installation Guide
•
Upgrade Guide
Install or upgrade the
product
•
Set up licenses and server
components
•
•
6
Understand the product’s features, architecture,
security, and known issues
Plan an installation or upgrade, verify requirements,
and perform all tasks related to installation and
upgrade
Manage licenses for BlackBerry Enterprise Service 10 •
domains and devices. A license was formerly known as •
a BlackBerry Client Access License or BlackBerry CAL
Configure a BlackBerry Enterprise Service 10 domain,
including the following:
•
Configure port numbers
•
Connect to a company directory
•
Configure single sign-on
•
Use gatekeeping to control which devices can
access Microsoft ActiveSync
•
Understand and install APNs certificates
Licensing Guide
Configuration Guide
Product Overview
You need to...
Do full administration of
BlackBerry 10 devices and
BlackBerry PlayBook tablets
Do full administration of iOS
devices and Android devices
About this guide
Tasks
Guides
•
Configure the components of BlackBerry Enterprise
Service 10, including high availability
•
Set up administrator accounts, set up device controls,
and manage groups
•
Use other features specific to the BlackBerry Device
Service, such as the following:
•
BlackBerry Device Service
Advanced Administration
Guide
•
BlackBerry Device Service
Policy and Profile
Reference Guide
•
Universal Device Service
Advanced Administration
Guide
Create and manage user accounts, assign and activate •
devices, and assign IT policies to manage the security
and behavior of users’ devices
BlackBerry Management
Studio Basic
Administration Guide
•
Send certificates to devices
•
Manage app availability on devices
•
Send work space wallpaper to devices
•
Set up administrator accounts, set up device controls,
and manage groups
•
Use other features specific to the Universal Device
Service, such as the following:
Do day-to-day administration •
for all device types
•
•
Send certificates to devices
•
Set up a work space to secure devices for work use
and personal use
•
Enforce your organization's requirements for
devices
Assign day-to-day management tasks to help-desk
personnel
7
Product Overview
What is BlackBerry Enterprise Service 10?
What is BlackBerry Enterprise
Service 10?
2
BlackBerry Enterprise Service 10 helps you manage mobile devices for your organization. You can manage BlackBerry
devices and BlackBerry PlayBook tablets, as well as iOS and Android devices, all from a unified interface. BlackBerry
Enterprise Service 10 is designed to help protect business information, keep mobile workers connected with the
information they need, and provide administrators with efficient tools that help keep business moving forward.
BlackBerry Enterprise Service 10 includes the following components:
Component
Description
BlackBerry Device Service
Provides advanced administration for BlackBerry 10 devices and BlackBerry
PlayBook tablets
Universal Device Service
Provides advanced administration for iOS and Android devices
BlackBerry Management Studio
Provides a unified interface to administer common tasks for BlackBerry 10
devices, BlackBerry PlayBook tablets, BlackBerry 7.1 and earlier devices, iOS
devices, and Android devices
BES10 Self-Service
Provides a console to users so that they can perform some self-service tasks.
For example, users can create activation passwords, remotely change the
password on their device, or delete data from the device.
Key features of BlackBerry Enterprise
Service 10
The table below describes some of the key features for BlackBerry Enterprise Service 10.
8
Feature
Description
Management of most types of devices
BlackBerry Enterprise Service 10 supports all types of BlackBerry devices
and tablets, as well as iOS devices and Android devices.
Product Overview
What is BlackBerry Enterprise Service 10?
Feature
Description
Single, unified interface
BlackBerry Management Studio is a single, web-based interface where you
can view all devices in one place and access the most common
management tasks across multiple domains. These tasks include creating
and managing groups, managing device controls, and activating mobile
devices.
Trusted and secure experience
Device controls give you precise management of how devices connect to
your network, what capabilities are enabled, and what apps are available.
Whether the devices are owned by your organization or your users, you can
protect your organization's information.
Balance of work and personal needs
BlackBerry Balance and Secure Work Space technology are designed to
ensure that personal and work information are kept separate and secure on
devices. If the device is lost or the employee leaves the organization, you
can delete only work-related information or all information from the device.
Additional security features are available depending on the device type.
Compatibility and requirements
You can find up-to-date information about compatibility, including device types, operating systems for devices, and
operating systems for computers that host BlackBerry Enterprise Service 10, in the compatibility matrix at
blackberry.com/go/serverdocs. Hardware and software requirements for BlackBerry Enterprise Service 10 are provided in
the Installation Guide and Upgrade Guide.
Using BlackBerry Enterprise Service 10 with
BlackBerry Enterprise Server 5
BlackBerry Enterprise Service 10 is designed to work with your existing deployment of BlackBerry Enterprise Server 5 and
minimize the need to purchase additional hardware. You can install BlackBerry Enterprise Service 10 on the same
computer as the BlackBerry Enterprise Server 5.0 SP4.
You can use BlackBerry Management Studio as a single, unified interface for basic administration of all the devices that are
connected to BlackBerry Enterprise Service 10 and BlackBerry Enterprise Server 5.
9
Product Overview
Product features
Product features
3
The following topics describe key features for different device types, including BlackBerry 10 devices, BlackBerry
PlayBook tablets, iOS devices, and Android devices.
Key features for all device types
Feature
Description
Browser-based
administration
You can open the administration consoles in a browser on a computer that can access the
computer that hosts BlackBerry Enterprise Service 10. You can share administrative duties
with multiple administrators who can access the administration consoles at the same time.
A simplified administration console, BlackBerry Management Studio, is available for
performing common day-to-day tasks for all device types.
Integrate a company
directory
By default, administrators who log in to an administration console must provide usernames
and passwords. You can use unique usernames and passwords or you can use company
directory authentication, which permits administrators to log in to an administration console
using the same information that they use to log in to their computers. Microsoft Active
Directory and LDAP company directories such as IBM Domino Directory and Novell eDirectory
are supported in both the BlackBerry Device Service and Universal Device Service consoles.
You can configure single sign-on so that administrators and BES10 Self-Service users do not
need to provide their usernames and passwords each time that they access a console.
Activate devices
When you activate a device, you associate the device with your organization's environment so
that users can access work data on their devices. You can allow users to activate devices
themselves or you can activate devices for users and then distribute the devices. All device
types can be activated over the wireless network, and some devices can be activated over a
wired connection.
Manage devices
You can manage multiple devices for each user account and view the device inventory for your
organization. You can perform the following actions if the actions are supported by the device:
•
10
Lock the device or change the device password
Product Overview
Feature
Product features
Description
•
Delete information from the device
•
Connect the device securely to your organization's messaging environment, using
Microsoft ActiveSync for email and calendar support
•
Control how the device can connect to your organization's network, including Wi-Fi and
VPN settings
•
Control the capabilities of the device, such as setting rules for password strength and
disabling functions like the camera
•
Manage app availability on the device, including specifying app versions and whether the
apps are required or optional
•
Install certificates on the device and optionally configure SCEP to permit automatic
certificate enrollment
•
Block unauthorized devices from using Microsoft ActiveSync to access work email
Manage groups of users
Groups simplify the management of users. You can use groups to share administrative roles,
device controls, and other configuration settings among similar user accounts so that you can
set the properties for the group at one time instead of setting the properties individually for
each user account.
Control which devices
can access Microsoft
ActiveSync
You can configure Microsoft Exchange to block devices from using Microsoft ActiveSync
unless the devices are explicitly added to an allowed list in Microsoft Exchange. Using
gatekeeping in BlackBerry Enterprise Service 10 lets you control which devices are added to
the allowed list. When a device is added to the allowed list, a user can access work email and
other information on the device.
View reports of user and
device information
The reporting dashboard allows you to have a high-level overview of your BlackBerry
Enterprise Service 10 environment. For example, you can view the number of devices in your
organization sorted by wireless service provider. You can drill down into a report to get
additional details, export the information to a .csv file, view user details, and perform
administrative tasks.
Manage licenses for
specific features and
device controls
You can manage licenses and view detailed information for each license type, such as usage
and expiration. The license types that your organization uses determine the devices and
features that you can manage. You must activate licenses before you can activate devices.
Users can manage their
devices with a web
application
BES10 Self-Service is a web application that provides device management features to device
users. For example, users can create activation passwords, remotely change the password on
their device, or delete data from the device.
11
Product Overview
Product features
Key features for BlackBerry 10 devices and
BlackBerry PlayBook tablets
Feature
Description
Advanced management
The BlackBerry Device Service console allows you to fully manage BlackBerry 10 devices and
BlackBerry PlayBook tablets, BlackBerry Device Service components, high availability,
administrator accounts, and device controls.
Help desk management
BlackBerry Management Studio allows you to perform basic management tasks for
BlackBerry 10 devices and BlackBerry PlayBook tablets, manage licenses, and view reports of
your system.
Manage work information For BlackBerry 10 devices and BlackBerry PlayBook tablets, BlackBerry Balance ensures that
separately on a device
personal and work information and apps are kept separate on devices by creating a personal
space and a work space and providing full management of the work space. For BlackBerry 10
devices, additional options include full control over the work space and some control over the
personal space, or you can create only a work space on the device to give your organization
full control over the entire device.
Manage work apps
For BlackBerry 10 devices, you can use BlackBerry Device Service to install and manage work
apps in the work space on devices. Work apps can only access work data and interact with
other work apps. You can configure work and personal apps differently, including their use of
network connections.
A work app can be either an internal app or a public app available from the BlackBerry World
storefront. You can specify whether internal apps are required on devices, and which
BlackBerry device models support an internal app.
Work space wallpaper
You can use the BlackBerry Device Service console to help users distinguish between the
work space and the personal space on BlackBerry 10 devices by specifying a custom image,
such as your organization's logo, for work space wallpaper.
Consolidate ports for
device traffic
Secure connectivity increases network security for BlackBerry 10 devices by sending all
device traffic from BlackBerry Enterprise Service 10 through the outbound-initiated ports
3101 and 443. This feature allows you to avoid opening a direct connection from within your
organization's firewall to the Internet for device management and third-party applications
such as the messaging server, certification authority, and other web servers or content
servers.
12
Product Overview
Product features
Feature
Description
Certificate-based
authentication
You can use the BlackBerry Device Service console to distribute client certificates to devices
using SCEP profiles. The BlackBerry Device Service helps restrict access to Microsoft
ActiveSync, Wi-Fi connections, or VPN connections to devices that use certificate-based
authentication.
Push data to devices
The BlackBerry MDS Connection Service connects apps on devices to push applications,
which are applications on your organization's application servers or web servers that push
data to apps on devices. After an app is installed on a device, the app can receive data from
push applications.
Key features for iOS devices and Android
devices
Feature
Description
Advanced management
The Universal Device Service console allows you to fully manage iOS devices and Android
devices, Universal Device Service components, administrator accounts, and device controls.
Help desk management
BlackBerry Management Studio allows you to perform basic management tasks for iOS
devices and Android devices, manage licenses, and view reports of your system.
Manage work information Secure Work Space for iOS and Android is a containerization, app wrapping, and secure
separately on a device
connectivity option. It ensures that personal and work information and apps are kept separate
on devices by creating a personal space and a work space and providing full management of
the work space. You can choose whether you want control of the work space and personal
space, or control of the work space only.
Manage work apps and
work space apps
On all managed devices, work apps are apps that your organization makes available for its
users. You can specify whether apps are required on devices, and you can view whether a
work app is installed on a device.
On work space-enabled devices, work space apps are work apps that the work space secures
with additional protections. Work space apps are secured and separated from personal apps
and data, and include an integrated email, calendar, and contacts app, an enterprise-level
secure browser, and secure document viewing and editing. A work space app can also be an
internal app that you secure and send to a work space-enabled device.
13
Product Overview
Product features
Feature
Description
Consolidate ports for
device traffic
Secure connectivity increases network security for work space-enabled devices by sending all
device traffic from BlackBerry Enterprise Service 10 through the outbound-initiated ports
3101 and 443. This feature allows you to avoid opening a direct connection from within your
organization's firewall to the Internet for device management and third-party applications
such as the messaging server, certification authority, and other web servers or content
servers.
Enforce your
You can create a compliance profile to help enforce your organization's requirements for
organization's
devices. You can send a notification to users to ask them to meet your organization's
requirements for devices requirements or you can limit users' access to your organization's resources and applications,
delete work data, or delete all data from the device.
You can create a compliance profile for the following conditions:
Certificate-based
authentication
•
Device is jailbroken or rooted
•
Non-assigned application is installed
•
Optional application is not updated
•
Required application is not installed
•
Required application is not updated
You can send certificates to devices using certificate profiles or SCEP profiles. These profiles
help restrict access to Microsoft ActiveSync, Wi-Fi connections, or VPN connections to
devices that use certificate-based authentication.
This feature also helps you control Microsoft ActiveSync, Wi-Fi connections, or VPN
connections on devices because the Universal Device Service is designed to automatically
remove profiles and certificates when a device violates one of the predefined compliance
conditions (for example, compliance conditions for jailbroken devices or rooted devices).
Certificate-based authentication does not require a proxy server between the device and your
organization's messaging server.
BlackBerry Technical Support Services
Support is a key component of your Enterprise Mobility Management strategy. Implementing BlackBerry Enterprise Service
10 is easier than ever, but having a strategic support partner is still essential to assist you in delivering your mobility
objectives. BlackBerry Technical Support Services offers a unique blend of technical expertise, rapid issue resolution and
proactive, relationship-based support to help you realize the full potential of your multi-platform management
infrastructure.
14
Product Overview
Product features
Care is the new technical support service level delivered as standard when you deploy BlackBerry Enterprise Service 10,
providing 12 x 5 electronic access to BlackBerry experts for two named contacts, with a next business day response, as
well as access to training, productivity and diagnostic tools. For customers looking for 24 x 7 telephone access, higher
levels of support and optional services, BlackBerry Technical Support Services are available to tailor a solution that delivers
the exact level of technical expertise, assistance, response and guaranteed resolution time that your business requires.
For more information visit blackberry.com/btss.
Extending the capabilities of BlackBerry
Enterprise Service 10
Feature
Description
Manage BlackBerry 7.1 and earlier
devices
•
To set up single, unified management of all devices in your organization,
you can connect BlackBerry Enterprise Service 10 to BlackBerry Enterprise
Server 5.
•
BlackBerry Management Studio allows you to manage BlackBerry 7.1 and
earlier devices that you activated on BlackBerry Enterprise Server 5.
•
To minimize hardware requirements, you can install BlackBerry Enterprise
Service 10 on the same computer as BlackBerry Enterprise Server 5.0 SP4.
•
To allow users to communicate using Enterprise IM from their BlackBerry
10 devices, you can integrate BlackBerry Enterprise Service 10 with the
BlackBerry Collaboration Service.
•
The BlackBerry Collaboration Service connects your organization’s instant
messaging server with a collaboration client on BlackBerry 10 devices.
Integrate with Enterprise IM
15
Product Overview
Architecture
Architecture
4
The following topics describe the architecture and components of BlackBerry Enterprise Service 10. The first topic
describes the basic architecture, followed by topics that focus on the components that manage particular device types.
The last topics describe the architecture of different deployment options, including advanced options such as installing
BlackBerry Enterprise Service 10 on multiple computers or with high availability.
Architecture: BlackBerry Enterprise Service
10
Component
Description
BlackBerry Enterprise Service 10
BlackBerry Enterprise Service 10 is a suite of services used to manage iOS,
Android, and BlackBerry devices in an enterprise environment.
16
Product Overview
Architecture
Component
Description
BlackBerry Enterprise Service 10
databases
The BlackBerry Enterprise Service 10 databases are a set of relational
databases that contain user account information and configuration information
(such as connection details) used by the components that manage iOS, Android,
and BlackBerry devices.
The BlackBerry Enterprise Service 10 databases consist of the following
databases:
•
The Management Database contains data used for managing iOS and
Android devices
•
The BlackBerry Configuration Database contains data used for managing
BlackBerry 10 and BlackBerry PlayBook devices
BlackBerry Infrastructure
The BlackBerry Infrastructure validates SRP and licensing information for
BlackBerry Enterprise Service 10. In addition, the BlackBerry Infrastructure
provides a secure connection between your organization and BlackBerry
devices and work space-enabled iOS and Android devices.
Company directory
User account information is obtained from the company directory. This
information is required to create user accounts. BlackBerry Enterprise Service
10 supports Microsoft Active Directory and LDAP connectivity to your company
directory.
17
Product Overview
Architecture
Components used to manage BlackBerry 10 devices
and BlackBerry PlayBook tablets
Component
Description
BlackBerry Controller
The BlackBerry Controller monitors the BlackBerry Dispatcher, BlackBerry MDS
Connection Service, and the Enterprise Management Web Service, and restarts
them if they stop responding.
BlackBerry Device Service console
The BlackBerry Device Service console, also known as the BlackBerry
Administration Service, is used to manage user accounts and the BlackBerry
devices that are associated with them.
The BlackBerry Device Service console connects to the BlackBerry
Configuration Database and to Microsoft Active Directory.
BlackBerry Dispatcher
18
The BlackBerry Dispatcher maintains an SRP connection with the BlackBerry
Infrastructure over the Internet. The BlackBerry Dispatcher is responsible for
compressing and encrypting and for decrypting and decompressing data that
travels over the Internet to and from the devices.
Product Overview
Architecture
Component
Description
BlackBerry Licensing Service
The BlackBerry Licensing Service, installed with the BlackBerry Enterprise
Service 10 management consoles, communicates with the licensing
infrastructure within the BlackBerry Infrastructure to validate licenses and
enforce license compliance.
BlackBerry Management Studio
BlackBerry Management Studio is the main console where you can perform
common management tasks for users and devices, view report information, and
manage licenses. You can also access the other management consoles from
BlackBerry Management Studio for advanced administration tasks.
BlackBerry MDS Connection Service
The BlackBerry MDS Connection Service provides a secure connection between
the Enterprise Management Agent on BlackBerry devices and the Enterprise
Management Web Service. The connection is used when the device is not
connected to your organization's Wi-Fi network or using a VPN connection.
The BlackBerry MDS Connection Service is also responsible for providing
enterprise push functionality.
BlackBerry Router
The BlackBerry Router is an optional component that can be deployed in a DMZ
if required.
The BlackBerry Router connects to the BlackBerry Infrastructure which sends
data to BlackBerry devices over mobile networks or the Internet.
BES10 Self-Service
BES10 Self-Service is a web application that permits users to activate and
manage devices.
Enterprise Management Web Service
The Enterprise Management Web Service is a set of web services that
communicates commands, configuration information, IT policies, VPN profiles,
Wi-Fi profiles, SCEP profiles, and email profiles, between the BlackBerry Device
Service console and the Enterprise Management Agent on BlackBerry devices.
19
Product Overview
Architecture
Components used to manage iOS and Android devices
Component
Description
APNs
The APNs is a service for iOS devices that Apple provides. BlackBerry Enterprise
Service 10 uses APNs to inform the iOS devices to contact BlackBerry
Enterprise Service 10 for configuration updates and to provide information for
your organization’s device inventory.
BES12 Client
The BES12 Client is installed on iOS devices and Android devices. The BES12
Client communicates with BlackBerry Enterprise Service 10.
The BES12 Client can be obtained from the App Store for iOS devices or Google
Play for Android devices.
20
Product Overview
Architecture
Component
Description
BES10 Self-Service
BES10 Self-Service is a web application that permits users to activate and
manage devices.
BlackBerry Licensing Service
The BlackBerry Licensing Service, installed with the BlackBerry Enterprise
Service 10 management consoles, communicates with the licensing
infrastructure within the BlackBerry Infrastructure to validate licenses and
enforce license compliance.
BlackBerry Management Studio
BlackBerry Management Studio is the main console where you can perform
common management tasks for users and devices, view report information, and
manage licenses. You can also access the other management consoles from
BlackBerry Management Studio for advanced administration tasks.
BlackBerry Secure Connect Service
The BlackBerry Secure Connect Service is a service responsible for providing a
single access port for activation and management traffic of iOS devices and
Android devices.
BlackBerry Work Connect Notification
Service
The BlackBerry Work Connect Notification Service is a web service responsible
for providing new or changed mail and organizer notifications to the Work
Connect app within the work space on iOS devices.
Communication Module
The Communication Module is a gateway between iOS devices and Android
devices and BlackBerry Enterprise Service 10. It is responsible for the
conversion of the proprietary protocols supported on the devices to and from the
device-agnostic format used by the Core Module.
Core Module
The Core Module is a device-agnostic module that manages all the configuration
data used to manage iOS devices and Android devices and stores it in the
Management Database. The Core Module is the only component that accesses
the Management Database.
The Core Module is responsible for communicating with Microsoft Active
Directory, the APNs, the mail server, the database server and the SCEP server.
Scheduler
The Scheduler is responsible for initiating scheduled device management tasks,
such as making available new or updated IT policy profiles, new applications,
new or updated Wi-Fi or VPN profiles to iOS devices and Android devices, or
retrieving device information.
TCP proxy server
A TCP proxy server is an optional, third-party software component that functions
as a middle-man for data that passes between the BlackBerry Secure Connect
Service and the BlackBerry Infrastructure. The BlackBerry Infrastructure sends
data to mobile networks or the Internet.
A TCP proxy server is typically used to manage how a company sends data to
external sources and receives data from those sources.
The TCP proxy server can be deployed in a DMZ if required, and can be
transparent or non-transparent. A transparent proxy does not change a request
21
Product Overview
Component
Architecture
Description
or response. A non-transparent proxy can change a request or response to
provide added service.
Universal Device Service console
22
You can use the Universal Device Service console, also known as the
Administration Console, to manage user accounts, IT policies, profiles, and apps
for iOS devices and Android devices.
Product Overview
Architecture
Installing BlackBerry Enterprise Service 10
on a single computer
You can install BlackBerry Enterprise Service 10 version 10.1 or later on a single computer, or on a computer that hosts
BlackBerry Enterprise Server 5.0 SP4.
This reduces the amount of hardware required. However, in larger environments, you can choose to install components on
separate computers to balance the work load.
There are both benefits and limitations to this type of deployment.
Benefits
Limitations
•
•
Simplified installation with minimal user intervention
•
Quick installation or upgrade
•
Reduced hardware, software, and maintenance costs
May cause performance issues when deploying a large
number of devices
If you want to deploy a BlackBerry Router or a Proxy server, you will require an additional computer. If your organization
requires the additional security of deploying the BlackBerry Router or Proxy server in a DMZ, you will also need an internal
firewall.
23
Product Overview
Architecture
Installing BlackBerry Enterprise Service 10
on multiple computers
If your organization exceeds the maximum number of users that a single computer installation can support, you can deploy
BlackBerry Enterprise Service 10 on multiple computers. To do this, you require:
•
One, or more, computers to host the management consoles
•
One, or more, computers to host the core components
•
Optionally, you can install the BlackBerry Enterprise Service 10 databases on a separate computer as well
There are both benefits and limitations to this type of installation.
Benefits
Limitations
•
Improves BlackBerry Enterprise Service 10
performance
•
Requires additional hardware
•
Balances the workload across the computers that host
the BlackBerry Enterprise Service 10 components
•
Is susceptible to network latency issues
•
Requires more administrator involvement to complete
the configuration of the BlackBerry Enterprise Service
10 domain
24
Product Overview
Architecture
All user interfaces are installed on every management console computer. All core services are installed on every core
components computer.
Installing BlackBerry Enterprise Service 10
for high availability
High availability uses redundant hardware and software to maintain functionality when elements of a system stop
responding. High availability helps you to minimize downtime by providing redundant BlackBerry Enterprise Service 10
components with an integrated health management system. Incorporating high availability into the BlackBerry Enterprise
Service 10 is the fastest way for you to restore BlackBerry Enterprise Service 10 functionality in the event of a critical
component failure.
High availability of the BlackBerry Enterprise Service 10 consists of, at a minimum, two BlackBerry Enterprise Service 10
instances and the BlackBerry Enterprise Service 10 databases mirrored across two database servers.
The primary BlackBerry Enterprise Service 10 connects to the principal BlackBerry Enterprise Service 10 databases and
accesses data from them. The name of the mirror BlackBerry Enterprise Service 10 databases is stored in the Windows
registry of the computers that host the primary and standby BlackBerry Enterprise Service 10 instances.
BlackBerry Enterprise Service 10 instances do not connect to the mirror BlackBerry Enterprise Service 10 databases until
after the principal BlackBerry Enterprise Service 10 databases stop responding.
The standby BlackBerry Enterprise Service 10 opens standby connections to the principal BlackBerry Enterprise Service
10 databases.
There are both benefits and limitations to this type of deployment.
25
Product Overview
Benefits
•
Architecture
Limitations
Ensures connectivity between the devices and the
•
organization's network at all times without administrator
or user intervention
Requires additional hardware
Primary and standby components
The computer hosting the primary BlackBerry Enterprise Service 10 contains the following components:
•
BlackBerry Controller
•
BlackBerry Dispatcher
•
BlackBerry MDS Connection Service
•
BlackBerry Secure Connect Service
•
BlackBerry Work Connect Notification Service
•
Communication Module
•
Core Module
•
Enterprise Management Web Service
26
Product Overview
•
Architecture
Scheduler
The primary computer may also host the management consoles and the BlackBerry Licensing Service, or they may be
installed on a separate computer. The following components are installed:
•
BlackBerry Management Studio
•
BlackBerry Licensing Service
•
BlackBerry Device Service console
•
Universal Device Service console
•
BES10 Self-Service
While the standby computer may also host the management consoles as well as the BlackBerry Licensing Service, they do
not fail over.
When a failover is triggered (by a change in the health metrics or a manual failover performed by you), the core
components on the primary instance fail over to the core components on the standby instance.
27
Product Overview
Product documentation
Product documentation
5
To read the following guides or other related materials, visit docs.blackberry.com/BES10.
Category
Resource
Description
Overview
Introduction to BlackBerry
Enterprise Service 10
•
Quick, visual introduction to BlackBerry Enterprise Service
10 at a high level
What's New in BlackBerry
Enterprise Service 10 Quick
Reference
•
Summary of new features, enhancements, and updates in
BlackBerry Enterprise Service 10
BlackBerry Enterprise Service
10 Product Overview
•
Introduction to BlackBerry Enterprise Service 10 and its
features
•
Finding your way through the documentation
•
Architecture
Enterprise Solution Comparison •
Chart
Comparison of what features are available across different
BlackBerry enterprise solutions
Supported Features by Device
Type
•
Comparison of what features are supported for each type of
device in BlackBerry Enterprise Service 10
BlackBerry Enterprise Service
10 Architecture and Data Flow
Quick Reference Guide
•
Descriptions of BlackBerry Enterprise Service 10
components
•
Descriptions of activation and email data flows for different
types of devices
Release notes
BlackBerry Enterprise Service
10 Release Notes
•
Descriptions of known issues and potential workarounds
Installation and
upgrade
BlackBerry Enterprise Service
10 Compatibility Matrix
•
Software that is compatible with BlackBerry Enterprise
Service 10
28
Product Overview
Category
Configuration
Product documentation
Resource
Description
BlackBerry Enterprise Service
10 Performance Calculator
•
Tool to estimate the hardware required to support a given
workload for BlackBerry Enterprise Service 10
BlackBerry Enterprise Service
10 Installation Guide
•
System requirements
•
Installation instructions
BlackBerry Enterprise Service
10 Upgrade Guide
•
System requirements
•
Upgrade instructions
BlackBerry Enterprise Service
10 Licensing Guide
•
Descriptions of different types of licenses
•
Instructions for activating and managing licenses in
BlackBerry Management Studio
•
Instructions for how to configure server components before
you start administering users and their devices
BlackBerry Enterprise Service
10 Configuration Guide
Administration
BlackBerry Management Studio •
Basic Administration Guide
Basic administration for all supported device types, including
BlackBerry 10 devices, BlackBerry PlayBook tablets, iOS
devices, Android devices, and BlackBerry 7.1 and earlier
devices
•
Instructions for creating and managing user accounts in
multiple Services
•
Instructions for managing multiple devices for each user
account
BlackBerry Device Service
•
Advanced Administration Guide
Advanced administration for BlackBerry 10 devices and
BlackBerry PlayBook tablets
•
Instructions for creating user accounts, groups, roles, and
administrator accounts
•
Instructions for activating devices
•
Instructions for creating and sending IT policies and profiles
•
Instructions for managing apps on devices
Universal Device Service
•
Advanced Administration Guide
Advanced administration for iOS and Android devices
29
Product Overview
Category
Security
Product documentation
Resource
•
Instructions for creating user accounts, groups, and
administrator accounts
•
Instructions for activating devices
•
Instructions for creating and sending IT policies and profiles
•
Instructions for managing apps on devices
•
Descriptions of IT policy rules for iOS and Android devices
BlackBerry Device Service
Policy Reference Spreadsheet
•
Descriptions of IT policy rules for BlackBerry 10 devices and
BlackBerry PlayBook tablets
BlackBerry Device Service
Solution Security Technical
Overview
•
Description of the security maintained by the BlackBerry
Device Service, BlackBerry Infrastructure, and BlackBerry
10 devices and BlackBerry PlayBook tablets to protect data
and connections
•
Description of the BlackBerry 10 OS
•
Description of the BlackBerry PlayBook OS
•
Description of how work data is protected on BlackBerry 10
devices and BlackBerry PlayBook tablets when you use the
BlackBerry Device Service
•
Description of the security maintained by the Universal
Device Service, BlackBerry Infrastructure, and work spaceenabled devices to protect work space data at rest and in
transit
•
Description of how work space apps are protected on work
space-enabled devices when you use the Universal Device
Service
Secure Work Space for iOS and
Android Security Note
30
Description
Product Overview
Glossary
Glossary
6
APNs
Apple Push Notification service
DMZ
A demilitarized zone (DMZ) is a neutral subnetwork outside of an organization's firewall. It exists
between the trusted LAN of the organization and the untrusted external wireless network and
public Internet.
LDAP
Lightweight Directory Access Protocol
SCEP
simple certificate enrollment protocol
SRP
Server Routing Protocol
TCP
Transmission Control Protocol
VPN
virtual private network
31
Product Overview
Legal notice
Legal notice
7
©2015 BlackBerry. All rights reserved. BlackBerry® and related trademarks, names, and logos are the property of
BlackBerry Limited and are registered and/or used in the U.S. and countries around the world.
Android and Google Play are trademarks of Google Inc. App Store is a trademark of Apple Inc. eDirectory is a trademark of
NetIQ Corporation or its affiliates in the United States and other countries. IBM and Domino are trademarks of International
Business Machines Corporation. iOS is a trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other
countries. iOS® is used under license by Apple Inc. Microsoft, Active Directory, ActiveSync, and Windows are trademarks of
Microsoft Corporation. Wi-Fi is a trademark of the Wi-Fi Alliance. All other trademarks are the property of their respective
owners.
This documentation including all documentation incorporated by reference herein such as documentation provided or
made available on the BlackBerry website provided or made accessible "AS IS" and "AS AVAILABLE" and without
condition, endorsement, guarantee, representation, or warranty of any kind by BlackBerry Limited and its affiliated
companies ("BlackBerry") and BlackBerry assumes no responsibility for any typographical, technical, or other
inaccuracies, errors, or omissions in this documentation. In order to protect BlackBerry proprietary and confidential
information and/or trade secrets, this documentation may describe some aspects of BlackBerry technology in generalized
terms. BlackBerry reserves the right to periodically change information that is contained in this documentation; however,
BlackBerry makes no commitment to provide any such changes, updates, enhancements, or other additions to this
documentation to you in a timely manner or at all.
This documentation might contain references to third-party sources of information, hardware or software, products or
services including components and content such as content protected by copyright and/or third-party web sites
(collectively the "Third Party Products and Services"). RIM does not control, and is not responsible for, any Third Party
Products and Services including, without limitation the content, accuracy, copyright compliance, compatibility,
performance, trustworthiness, legality, decency, links, or any other aspect of Third Party Products and Services. The
inclusion of a reference to Third Party Products and Services in this documentation does not imply endorsement by RIM of
the Third Party Products and Services or the third party in any way.
EXCEPT TO THE EXTENT SPECIFICALLY PROHIBITED BY APPLICABLE LAW IN YOUR JURISDICTION, ALL CONDITIONS,
ENDORSEMENTS, GUARANTEES, REPRESENTATIONS, OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED,
INCLUDING WITHOUT LIMITATION, ANY CONDITIONS, ENDORSEMENTS, GUARANTEES, REPRESENTATIONS OR
WARRANTIES OF DURABILITY, FITNESS FOR A PARTICULAR PURPOSE OR USE, MERCHANTABILITY, MERCHANTABLE
QUALITY, NON-INFRINGEMENT, SATISFACTORY QUALITY, OR TITLE, OR ARISING FROM A STATUTE OR CUSTOM OR A
COURSE OF DEALING OR USAGE OF TRADE, OR RELATED TO THE DOCUMENTATION OR ITS USE, OR PERFORMANCE
OR NON-PERFORMANCE OF ANY SOFTWARE, HARDWARE, SERVICE, OR ANY THIRD PARTY PRODUCTS AND SERVICES
REFERENCED HEREIN, ARE HEREBY EXCLUDED. YOU MAY ALSO HAVE OTHER RIGHTS THAT VARY BY STATE OR
PROVINCE. SOME JURISDICTIONS MAY NOT ALLOW THE EXCLUSION OR LIMITATION OF IMPLIED WARRANTIES AND
CONDITIONS. TO THE EXTENT PERMITTED BY LAW, ANY IMPLIED WARRANTIES OR CONDITIONS RELATING TO THE
DOCUMENTATION TO THE EXTENT THEY CANNOT BE EXCLUDED AS SET OUT ABOVE, BUT CAN BE LIMITED, ARE
32
Product Overview
Legal notice
HEREBY LIMITED TO NINETY (90) DAYS FROM THE DATE YOU FIRST ACQUIRED THE DOCUMENTATION OR THE ITEM
THAT IS THE SUBJECT OF THE CLAIM.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW IN YOUR JURISDICTION, IN NO EVENT SHALL RIM BE
LIABLE FOR ANY TYPE OF DAMAGES RELATED TO THIS DOCUMENTATION OR ITS USE, OR PERFORMANCE OR NONPERFORMANCE OF ANY SOFTWARE, HARDWARE, SERVICE, OR ANY THIRD PARTY PRODUCTS AND SERVICES
REFERENCED HEREIN INCLUDING WITHOUT LIMITATION ANY OF THE FOLLOWING DAMAGES: DIRECT,
CONSEQUENTIAL, EXEMPLARY, INCIDENTAL, INDIRECT, SPECIAL, PUNITIVE, OR AGGRAVATED DAMAGES, DAMAGES
FOR LOSS OF PROFITS OR REVENUES, FAILURE TO REALIZE ANY EXPECTED SAVINGS, BUSINESS INTERRUPTION,
LOSS OF BUSINESS INFORMATION, LOSS OF BUSINESS OPPORTUNITY, OR CORRUPTION OR LOSS OF DATA,
FAILURES TO TRANSMIT OR RECEIVE ANY DATA, PROBLEMS ASSOCIATED WITH ANY APPLICATIONS USED IN
CONJUNCTION WITH RIM PRODUCTS OR SERVICES, DOWNTIME COSTS, LOSS OF THE USE OF RIM PRODUCTS OR
SERVICES OR ANY PORTION THEREOF OR OF ANY AIRTIME SERVICES, COST OF SUBSTITUTE GOODS, COSTS OF
COVER, FACILITIES OR SERVICES, COST OF CAPITAL, OR OTHER SIMILAR PECUNIARY LOSSES, WHETHER OR NOT
SUCH DAMAGES WERE FORESEEN OR UNFORESEEN, AND EVEN IF RIM HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW IN YOUR JURISDICTION, RIM SHALL HAVE NO OTHER
OBLIGATION, DUTY, OR LIABILITY WHATSOEVER IN CONTRACT, TORT, OR OTHERWISE TO YOU INCLUDING ANY
LIABILITY FOR NEGLIGENCE OR STRICT LIABILITY.
THE LIMITATIONS, EXCLUSIONS, AND DISCLAIMERS HEREIN SHALL APPLY: (A) IRRESPECTIVE OF THE NATURE OF
THE CAUSE OF ACTION, DEMAND, OR ACTION BY YOU INCLUDING BUT NOT LIMITED TO BREACH OF CONTRACT,
NEGLIGENCE, TORT, STRICT LIABILITY OR ANY OTHER LEGAL THEORY AND SHALL SURVIVE A FUNDAMENTAL
BREACH OR BREACHES OR THE FAILURE OF THE ESSENTIAL PURPOSE OF THIS AGREEMENT OR OF ANY REMEDY
CONTAINED HEREIN; AND (B) TO RIM AND ITS AFFILIATED COMPANIES, THEIR SUCCESSORS, ASSIGNS, AGENTS,
SUPPLIERS (INCLUDING AIRTIME SERVICE PROVIDERS), AUTHORIZED RIM DISTRIBUTORS (ALSO INCLUDING AIRTIME
SERVICE PROVIDERS) AND THEIR RESPECTIVE DIRECTORS, EMPLOYEES, AND INDEPENDENT CONTRACTORS.
IN ADDITION TO THE LIMITATIONS AND EXCLUSIONS SET OUT ABOVE, IN NO EVENT SHALL ANY DIRECTOR,
EMPLOYEE, AGENT, DISTRIBUTOR, SUPPLIER, INDEPENDENT CONTRACTOR OF RIM OR ANY AFFILIATES OF RIM
HAVE ANY LIABILITY ARISING FROM OR RELATED TO THE DOCUMENTATION.
Prior to subscribing for, installing, or using any Third Party Products and Services, it is your responsibility to ensure that
your airtime service provider has agreed to support all of their features. Some airtime service providers might not offer
Internet browsing functionality with a subscription to the BlackBerry® Internet Service. Check with your service provider for
availability, roaming arrangements, service plans and features. Installation or use of Third Party Products and Services with
RIM's products and services may require one or more patent, trademark, copyright, or other licenses in order to avoid
infringement or violation of third party rights. You are solely responsible for determining whether to use Third Party
Products and Services and if any third party licenses are required to do so. If required you are responsible for acquiring
them. You should not install or use Third Party Products and Services until all necessary licenses have been acquired. Any
Third Party Products and Services that are provided with RIM's products and services are provided as a convenience to you
and are provided "AS IS" with no express or implied conditions, endorsements, guarantees, representations, or warranties
of any kind by RIM and RIM assumes no liability whatsoever, in relation thereto. Your use of Third Party Products and
Services shall be governed by and subject to you agreeing to the terms of separate licenses and other agreements
applicable thereto with third parties, except to the extent expressly covered by a license or other agreement with RIM.
33
Product Overview
Legal notice
Certain features outlined in this documentation require a minimum version of BlackBerry® Enterprise Server, BlackBerry®
Desktop Software, and/or BlackBerry® Device Software.
The terms of use of any RIM product or service are set out in a separate license or other agreement with RIM applicable
thereto. NOTHING IN THIS DOCUMENTATION IS INTENDED TO SUPERSEDE ANY EXPRESS WRITTEN AGREEMENTS OR
WARRANTIES PROVIDED BY RIM FOR PORTIONS OF ANY RIM PRODUCT OR SERVICE OTHER THAN THIS
DOCUMENTATION.
BlackBerry Limited
2200 University Avenue East
Waterloo, Ontario
Canada N2K 0A7
BlackBerry UK Limited
200 Bath Road
Slough, Berkshire SL1 3XE
United Kingdom
Published in Canada
34
Related documents
none
none
Porting to BlackBerry using Apache Cordova
Porting to BlackBerry using Apache Cordova
Mobile Device Security
Mobile Device Security
blackberry picking seamus heaney analysis essay
blackberry picking seamus heaney analysis essay
What is positioning?
What is positioning?
Trailing Blackberry Description Economic Importance
Trailing Blackberry Description Economic Importance
Download