Manualshelf

Installation guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
21222324252627282930
BlackBerry Enterprise Solution Security
BlackBerry architecture component security 26
See the BlackBerry Enterprise Server Feature and Technical Overview for more information on the BlackBerry
Enterprise Server architecture.
BlackBerry Infrastructure
The BlackBerry Infrastructure is designed to communicate with the BlackBerry Enterprise Server using a RIM-
proprietary protocol called Server Routing Protocol (SRP). SRP is a point-to-point protocol that runs over TCP/IP.
BlackBerry Enterprise Server
The BlackBerry Enterprise Server is designed to establish a secure, two-way link between a user’s corporate email
account and that user’s BlackBerry device. The BlackBerry Enterprise Server uses this link to complete message
delivery within the protection of the corporate firewall.
Messaging server
The BlackBerry Enterprise Solution is designed to interoperate with messaging servers such as Microsoft
Exchange, IBM Lotus Domino, and Novell GroupWise. The BlackBerry Enterprise Solution is designed to use
existing messaging server security without altering the normal functionality of the messaging server. The
messaging server continues to receive, deliver, and store all corporate email messages, while the BlackBerry
Enterprise Server acts as a conduit to transfer these messages to and from the BlackBerry device.
BlackBerry configuration database
The BlackBerry services that do not connect to the messaging server directly access the configuration
information that a SQL database (the BlackBerry configuration database) stores. BlackBerry services that might
otherwise require access to the messaging server can access encryption keys and passwords through the
BlackBerry configuration database to perform many tasks.
The BlackBerry configuration database stores the following information:
BlackBerry Enterprise Server names
unique SRP authentication keys and unique SRP IDs, or UIDs, that each BlackBerry Enterprise Server uses in
the SRP authentication process to establish a connection to the wireless network
IT policy private keys of the IT policy public and private key pair that the BlackBerry Enterprise Server
generates for each BlackBerry device
PIN of each BlackBerry device
read-only copies of each unique BlackBerry device master encryption key
user lists
information contained in the message header that the BlackBerry Enterprise Server sends, for example,
message ID, date, and message status, (BlackBerry Enterprise Server for IBM Lotus Domino only)
a semi-permanent reference to user data using the GroupWise MessageID in the MBMailSync,
MBCalendarSync, MBPIMSync, and MBFolderSync database synchronization tables (BlackBerry Enterprise
Server for Novell GroupWise only)
Protecting the BlackBerry configuration database
Your environment might benefit from configuring the Microsoft SQL Server for optimal security of the BlackBerry
configuration database and protection of the stored user encryption keys.
www.blackberry.com