Installation guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL

BlackBerry Enterprise Solution Security

Protecting the BlackBerry Infrastructure connections 34

Messaging server Data traffic encryption method

Microsoft Exchange

• The BlackBerry Enterprise Server and the Microsoft Exchange Server

communicate using the same Microsoft Exchange server RPC.

• A user can use 128-bit encryption to encrypt RPC communication over

the MAPI connection between the Microsoft Exchange Server and

Microsoft Outlook. See the Microsoft product documentation for more

information on enabling encryption in Microsoft Windows.

Novell GroupWise

• The BlackBerry Enterprise Server for Novell GroupWise is designed to

use a trusted application key to open a connection to the GroupWise

server. To generate the trusted application key, the GroupWise

administrator runs the trusted application key generator, specifies

the GroupWise primary domain database location, and then specifies

the application name that the BlackBerry Enterprise Server should

use to connect to the GroupWise server. The trusted application key is

a 64-byte ASCII string.

The BlackBerry Enterprise Server connects securely to a user’s

mailbox using the trusted application name and key. The GroupWise

server verifies the trusted application name and key and permits the

BlackBerry Enterprise Server to establish a connection to the user’s

GroupWise database.

BlackBerry Mobile Data System connections

A user can use the BlackBerry Browser and third-party Java applications on the BlackBerry device to access the

Internet and your organization’s intranet and to accept and respond to push requests from BlackBerry Enterprise

Server-side push applications. The BlackBerry MDS uses standard Internet protocols such as HTTP or TCP/IP to

access data on the Internet or corporate intranet. The BlackBerry device uses standard BlackBerry encryption to

protect the online corporate data, applications, and data from the Internet that a user receives on their

BlackBerry device.

Protecting the HTTP connection

If an application on the BlackBerry device accesses servers on the Internet, you can set up an HTTP connection

that uses TLS/SSL, an HTTPS protocol, to provide additional authentication and security. The BlackBerry device

supports HTTPS communication in the following modes:

HTTPS

protocol

BlackBerry MDS encryption method Description

proxy mode

TLS/SSL

Sun® JSSE 1.4.1 cipher suite

components

• The connection service sets up the proxy

mode TLS/SSL connection on behalf of the

BlackBerry device.

• The BlackBerry device does not use proxy

mode TLS/SSL to encrypt data traffic over the

wireless network; standard BlackBerry

encryption encrypts the data traffic between

the BlackBerry device and BlackBerry

Enterprise Server. Data traffic is therefore

encrypted over the wireless network unless it

is behind the corporate firewall.

• The BlackBerry device experiences faster

response times using this protocol than with

handheld mode TLS/SSL.