BlackBerry Enterprise Server Express for Microsoft Exchange Feature and Technical Overview

BlackBerry Enterprise Server Express for Microsoft Exchange Feature and Technical Overview

Feature and Technical Overview

Wi-Fi enabled BlackBerry devices

Wi-Fi enabled BlackBerry devices

5

Wi-Fi® enabled BlackBerry® devices permit users with qualifying data plans to access BlackBerry services over a mobile network, Wi-Fi network, or both networks simultaneously.

When users can access a mobile network and Wi-Fi network simulaneously, users can perform multiple tasks over both networks. For example, a user with a BlackBerry® 8820 smartphone can send messages over a Wi-Fi network and can make a call over the mobile network at the same time.

If users' mobile network providers make UMA technology (GAN technology) available, and users have subscribed to the UMA feature, Wi-Fi enabled BlackBerry devices can access the mobile network providers' voice services and data services over a mobile network or a Wi-Fi network.

Wi-Fi enabled BlackBerry devices can open a Wi-Fi connection from an enterprise Wi-Fi network or, with a VPN session, from a home Wi-Fi network or Wi-Fi hotspot to connect directly to the BlackBerry Router.

Wi-Fi enabled BlackBerry devices are designed to open a connection to the BlackBerry® Internet Service to access the BlackBerry MDS Connection Service, BlackBerry® Messenger, and other BlackBerry devices for PIN messaging.

You can verify with your organization's wireless service provider whether your organization's service plan provides access to these services over a Wi-Fi network.

Types of Wi-Fi networks

Wi-Fi® enabled BlackBerry® devices can access BlackBerry services using enterprise Wi-Fi networks, home Wi-Fi networks, or hotspots.

Type

enterprise Wi-Fi networks home Wi-Fi networks

Description

An enterprise Wi-Fi network has multiple wireless access points to provide ubiquitous coverage, hotspot coverage, or ubiquitous and hotspot coverage. You can use a Wi-Fi enabled BlackBerry device in any coverage area.

You can configure an enterprise Wi-Fi network to require layer 2 authentication. An organization might consider an enterprise Wi-Fi network to be untrusted and require that all Wi-Fi connections to the organization's network occur through a VPN concentrator. You must configure Wi-Fi enabled BlackBerry devices to support the authentication type that your organization uses.

An enterprise Wi-Fi network permits optimized access to the BlackBerry®

Enterprise Server Express over a direct IP connection to the BlackBerry

Router.

A home Wi-Fi network uses a single access point to provide Internet access through a broadband gateway. The broadband gateway can implement NAT and permit VPN connections through the firewall. You can configure a home

45

Feature and Technical Overview

Wireless access points

Type

hotspots

Description

Wi-Fi network with layer 2 security and password authentication. You must configure BlackBerry devices to support the authentication that the home

Wi-Fi network requires.

A home Wi-Fi network permits users to access all BlackBerry services from

Wi-Fi enabled BlackBerry devices using the BlackBerry® Infrastructure.

A hotspot offered by an ISP, a mobile network provider, or a property owner can provide a Wi-Fi connection in public and semipublic areas. The network can be an open network without layer 2 security and use a captive portal for authentication. The captive portal blocks all network traffic except traffic that uses HTTP and it redirects HTTP requests to a login page.

After a user logs in to the hotspot, the captive portal permits the user to access wireless network services.

Hotspots can use a firewall and they can permit VPN connections. A hotspot permits users to access all BlackBerry services from their Wi-Fi enabled

BlackBerry devices using the BlackBerry Infrastructure.

Wireless access points

Wi-Fi® enabled BlackBerry® devices use wireless access points to connect to the Wi-Fi network. An access point must conform to the IEEE® 802.11a™, IEEE® 802.11b™, or IEEE® 802.11g™ wireless networking standard.

Type

thin access point thick access point

Description

A thin access point (or controller-based access point) is part of an enterprise

Wi-Fi network that you can manage from a central location. This type of access point requires an external controller to manage network traffic. You can administer one or more thin access points through the controller.

Thin access points with an external controller can provide a more seamless roaming experience for users with Wi-Fi enabled BlackBerry devices during data and voice sessions.

A thick access point (or intelligent or autonomous access point), has the intelligence to operate as a standalone component without a controller.

Connections that BlackBerry devices make to mobile and

Wi-Fi networks

Wi-Fi® enabled BlackBerry® devices connect to different components in the the mobile and Wi-Fi networks so that they can communicate with the BlackBerry® Enterprise Server Express and provide BlackBerry services for users.

46

Feature and Technical Overview

Connections that BlackBerry devices make to mobile and Wi-Fi networks

Component Description

BlackBerry Enterprise Server

Express

BlackBerry® Infrastructure

The BlackBerry Enterprise Server Express provides productivity tools and data from an organization's applications to BlackBerry devices over the wireless network, and processes, routes, compresses, and encrypts data.

The BlackBerry Infrastructure is designed to communicate with the BlackBerry

Enterprise Server Express using a RIM proprietary protocol SRP.

BlackBerry® Internet Service The BlackBerry Internet Service is an email and Internet service for BlackBerry

UNC/GANC devices that is designed to provide subscribers with automatic delivery of email messages, mobile access to email message attachments, and convenient access to Internet content.

The UNC/GANC is the gateway for Wi-Fi or mobile communications. The UNC/ wireless access point for a home Wi-Fi network or hotspot wireless access point for an enterprise Wi-Fi network

GANC exists in your organization’s gateway only if the wireless service provider supports UMA.

An access point for a home Wi-Fi network or hotspot permits the BlackBerry device to connect to a home Wi-Fi network or hotspot.

An access point for an enterprise Wi-Fi network permits a BlackBerry device to connect to an enterprise Wi-Fi network using strong authentication and link layer security.

47

Feature and Technical Overview

Connecting Wi-Fi enabled BlackBerry devices to the BlackBerry Enterprise Server Express over a Wi-

Fi connection

Component

wireless service provider

Wi-Fi enabled BlackBerry device

Description

A wireless service provider is a telephone company that provides services for

BlackBerry devices.

A Wi-Fi enabled BlackBerry device permits a user to access voice and data services across multiple radio technologies.

Connecting Wi-Fi enabled BlackBerry devices to the

BlackBerry Enterprise Server Express over a Wi-Fi connection

Direct connections between BlackBerry devices and the BlackBerry Router over an enterprise Wi-Fi network

Wi-Fi® enabled BlackBerry® devices can open a direct connection to the BlackBerry Router over an enterprise Wi-Fi network after you configured a Wi-Fi profile for the user accounts. You can use direct connections to the BlackBerry

Router when Wi-Fi enabled BlackBerry devices are located in your organization’s existing Wi-Fi environment. When

BlackBerry devices connect to the BlackBerry Router, they can bypass SRP connectivity and authentication to connect to the BlackBerry® Enterprise Server Express directly.

After BlackBerry devices connect to the Wi-Fi network using a Wi-Fi profile, the BlackBerry devices try to make a direct IP connection to the BlackBerry Router. With some network architectures, a VPN session might be required to complete the direct connection to the BlackBerry Router.

Wi-Fi enabled BlackBerry devices include a built-in VPN client that you can configure and assign to any Wi-Fi profile on the BlackBerry devices. If a direct connection to the BlackBerry Router is possible (with or without a VPN session), the BlackBerry Enterprise Server Express starts sending data.

Wi-Fi connection when a VPN connection or direct connection between

BlackBerry devices and the BlackBerry Router is not possible

If Wi-Fi® enabled BlackBerry® devices cannot connect directly to the BlackBerry Router (with or without a VPN connection) over a Wi-Fi network that can access the Internet (for example, a home Wi-Fi network or hotspot), the

Wi-Fi enabled BlackBerry devices open SSL connections over the Internet to the BlackBerry® Infrastructure. After the

Wi-Fi enabled BlackBerry devices connect to the BlackBerry Infrastructure, the users' provisioned data services start to send data to the Wi-Fi enabled BlackBerry devices.

Priority for connections that BlackBerry devices make over a Wi-Fi network

Wi-Fi® enabled BlackBerry® devices connect over a Wi-Fi network to the BlackBerry Router or BlackBerry®

Infrastructure using the best possible connection or combination of available connections in the following order:

• connection to the BlackBerry® Enterprise Server Express or BlackBerry MDS Connection Service over a serial,

USB, or Bluetooth® connection that uses the BlackBerry® Device Manager

• connection to the BlackBerry Router from a Wi-Fi network, with or without a VPN connection

48

Feature and Technical Overview

BlackBerry services that are available over Wi-Fi connections

• SSL connection through the Internet to the BlackBerry Infrastructure over a Wi-Fi network

• connection to the BlackBerry Infrastructure provided by a wireless service provider that uses the GSM® network,

EDGE network, or UMA

The order of connections assumes that all routes to the BlackBerry Router and Internet are available when the Wi-

Fi enabled BlackBerry devices connect to the Wi-Fi network.

BlackBerry services that are available over Wi-Fi connections

For more information about supported services and features, contact your organization's wireless service provider.

Not all BlackBerry® data plans support Wi-Fi® access to BlackBerry data services.

When you configure a Wi-Fi network to open a connection (with or without a VPN connection) to the BlackBerry

Router, you can keep all data transfers entirely within the enterprise Wi-Fi network and reduce the routing required.

BlackBerry services

services from the BlackBerry®

Enterprise

Server Express

(for example, messaging, organizer data synchronization) services from the BlackBerry®

Internet Service

(for example, messaging, browsing) services from the BlackBerry

MDS Connection

Service (for example,

X

X

X

Service provider with GSM®/EDGE network or UMA network

Wi-Fi network and service provider with

GSM/EDGE network

X

Wi-Fi network and no service provider with

GSM/EDGE network or UMA, and no UMA available

X

Enterprise Wi-Fi network and service provider with GSM/EDGE network, and no

UMA, and no

UMA available

X

Enterprise Wi-Fi network and no service provider with GSM/EDGE network, and no

UMA available

X

X

X

X

X

X

X

X

X

49

Feature and Technical Overview

BlackBerry services that are available over Wi-Fi connections

BlackBerry services

application push, application access, browsing)

BlackBerry®

Messenger

X

PIN messaging X instant X messaging using a third-party instant messaging application (for example,

Windows®

Messenger)

X BlackBerry®

Maps service provider messaging (for example, SMS) content downloading provided by a wireless service provider (for example, ring tones) web browsing provided by a wireless service provider (for example, WAP)

X

X

X

Service provider with GSM®/EDGE network or UMA network

Wi-Fi network and service provider with

GSM/EDGE network

Wi-Fi network and no service provider with

GSM/EDGE network or UMA, and no UMA available

Enterprise Wi-Fi network and service provider with GSM/EDGE network, and no

UMA, and no

UMA available

Enterprise Wi-Fi network and no service provider with GSM/EDGE network, and no

UMA available

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

50

Feature and Technical Overview

IEEE 802.11 wireless networking standards that Wi-Fi enabled BlackBerry devices support

BlackBerry services

Service provider with GSM®/EDGE network or UMA network

Wi-Fi network and service provider with

GSM/EDGE network

Wi-Fi network and no service provider with

GSM/EDGE network or UMA, and no UMA available

Enterprise Wi-Fi network and service provider with GSM/EDGE network, and no

UMA, and no

UMA available

X

Enterprise Wi-Fi network and no service provider with GSM/EDGE network, and no

UMA available

voice plan provided by a wireless service provider

X X

IEEE 802.11 wireless networking standards that Wi-Fi enabled BlackBerry devices support

Wi-Fi® enabled BlackBerry® devices support the IEEE® 802.11a™, IEEE® 802.11b™, and IEEE® 802.11g™ wireless networking standards.

Characteristics of the IEEE 802.11a wireless networking standard that Wi-Fi enabled BlackBerry devices support

Characteristic

fallback speeds frequency maximum speed nonoverlapping channels sources of interference

Description

48, 36, 24, 18, 12, 9, and 6 Mbps

5 GHz

54 Mbps up to 19

• Bluetooth® wireless technology

• some satellite systems

• 5 GHz cordless phones

23 Mbps throughput speed

Characteristics of the IEEE 802.11b wireless networking standard that Wi-Fi enabled BlackBerry devices support

Characteristic

fallback speeds frequency maximum speed nonoverlapping channels

Description

5.5, 2, and 1 Mbps

2.4 GHz

11 Mbps

3

51

Feature and Technical Overview

Security features of a Wi-Fi enabled BlackBerry device

Characteristic

sources of interference

Description

• Bluetooth® wireless technology

• microwave ovens

• 2.4 GHz cordless phones

4.5 Mbps throughput speed

Characteristics of the IEEE 802.11g wireless networking standard that Wi-Fi enabled BlackBerry devices support

Characteristic

fallback speeds frequency maximum speed nonoverlapping channels sources of interference

Description

48, 36, 24, 18, 12, 9, and 6 Mbps

2.4 GHz

54 Mbps

3

• Bluetooth® wireless technology

• microwave ovens

• 2.4 GHz cordless phones

19 Mbps throughput speed

Security features of a Wi-Fi enabled BlackBerry device

52

Feature

activation of BlackBerry® devices over an enterprise Wi-Fi® network authenticated connection with

BlackBerry Router

BlackBerry transport layer encryption

Description

Activation of BlackBerry devices over an enterprise Wi-Fi network is designed to simplify the actions of activating or updating BlackBerry devices.

For more information about activating devices that are associated with the

BlackBerry Internet Service over the wireless network, visit www.blackberry.com/go/serverdocs to see the Activating Devices That are

Associated With the BlackBerry Internet Service Over the Wireless Network

Technical Note.

An authenticated connection with a BlackBerry Router permits BlackBerry devices to open a direct connection to the BlackBerry® Enterprise Server

Express after they authenticate with the BlackBerry Router.

BlackBerry devices connected to an enterprise Wi-Fi network do not use an

SRP connection to send data to the BlackBerry Enterprise Server Express.

BlackBerry transport layer encryption is designed to encrypt messages that the BlackBerry device and the BlackBerry Enterprise Server Express send between each other after they open an authenticated connection.

Feature and Technical Overview

Security features of a Wi-Fi enabled BlackBerry device

Feature

direct access to the BlackBerry®

Infrastructure over a Wi-Fi connection encrypted communication over the

Wi-Fi network expanded groups of Wi-Fi and VPN configuration settings limited connections multiple Wi-Fi and VPN profiles proxy server software token provisioning wireless backup of Wi-Fi and VPN profiles wireless software updates

Description

Direct access to the BlackBerry Infrastructure over a Wi-Fi connection permits Wi-Fi enabled BlackBerry devices to access BlackBerry services over the Internet, even if UMA is not available.

You can verify with your organization's wireless service provider that your organization's service plan supports access to BlackBerry services over a Wi-

Fi connection.

BlackBerry devices support multiple security methods that are designed to encrypt communication over the enterprise Wi-Fi network between the

BlackBerry device and wireless access points or a network firewall on the enterprise Wi-Fi network.

Expanded groups of Wi-Fi and VPN configuration settings permit you to control Wi-Fi connections from BlackBerry devices.

Wi-Fi enabled BlackBerry devices are designed to reject incoming connections, to support limited connections in infrastructure mode only, and to prevent ad-hoc mode (also known as peer-to-peer) connections.

Multiple Wi-Fi and VPN profiles are designed to address user requirements in a variety of different environments.

The BlackBerry device supports the use of a transparent proxy server that you can configure between the enterprise Wi-Fi network and the BlackBerry device.

Software token provisioning is designed to permit you to provision and manage the seed for software token authentication (for example, for VPN connections) centrally on BlackBerry devices.

The BlackBerry Enterprise Server Express is designed to work with the RSA®

Authentication Manager to provide software token support for use with layer 2 and layer 3 authentication on supported BlackBerry devices.

Wireless backup of Wi-Fi and VPN profiles on BlackBerry devices over a Wi-

Fi connection permits users to restore the profiles, if necessary.

Wireless software updates permits users to update the BlackBerry® Device

Software without using the BlackBerry® Desktop Software or first downloading the software update to a computer.

53

Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Related manuals

Download PDF

advertisement

Table of contents