Specifications

11. The Enterprise Management Agent and Enterprise Management Web Service perform the following actions:

a Establish a mutually authenticated TLS connection by verifying both the client certificate and the server certificate

for the Enterprise Management Web Service using the enterprise management root certificate

b Generate the device transport key using ECMQV and the authenticated long-term public keys from the client

certificate and the server certificate for the Enterprise Management Web Service

12. The Enterprise Management Agent stores the device transport key in its keystore.

13. The Enterprise Management Web Service performs the following actions:

a Stores the device transport key in the BlackBerry Configuration Database

b Sends the IT policy, SRP information, profiles, and software configurations to the device over TLS

connecting the device to a computer using a USB cable and logging in to the BlackBerry Web Desktop Manager.

When a user begins activation of a BlackBerry Balance device, if the device has an existing work space, the BlackBerry

Web Desktop Manager displays a warning message to indicate that the work data and work apps on the device will be

deleted. When the user confirms that the device should be activated, the existing work space is deleted and a new work

space is created.

When a user begins activation of a work space only device, the BlackBerry Web Desktop Manager displays a warning

message to indicate that all data on the device will be deleted. When the user confirms that the device should be activated,

all data is deleted and the device restarts before the new work space is created.

For more information, see the BlackBerry Web Desktop Manager User Guide.