Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
81828384858687888990
What happens when a BlackBerry Enterprise Server
and the BlackBerry Infrastructure open an initial
connection
After a BlackBerry Enterprise Server and the BlackBerry Infrastructure open an initial connection over the Internet, the
BlackBerry Enterprise Server is designed to send a basic information packet to the BlackBerry Infrastructure immediately.
A basic information packet includes version information, SRP identifiers, and other information that is required to open an
SRP connection. Both the
BlackBerry Enterprise Server and BlackBerry Infrastructure can recognize the basic information
packet. The BlackBerry Enterprise Server and BlackBerry Infrastructure can use the basic information packet to configure
the parameters of the SRP implementation.
The BlackBerry Infrastructure does not send basic information packets to the BlackBerry Enterprise Server until after the
BlackBerry Enterprise Server sends a packet to the BlackBerry Infrastructure. This process permits the BlackBerry
Infrastructure to be backward compatible with previous BlackBerry Enterprise Server versions, which close the SRP
connection if they receive unrecognized basic information packets.
How the BlackBerry Enterprise Solution protects a
TCP/IP connection between a
BlackBerry Enterprise
Server and the BlackBerry Infrastructure
After a BlackBerry Enterprise Server and the BlackBerry Infrastructure open an SRP connection, the BlackBerry Enterprise
Server
uses a persistent TCP/IP connection to send data to the BlackBerry Infrastructure. The BlackBerry Infrastructure
uses wireless network protocols (for example, GSM or EDGE) to send data to the BlackBerry device. The TCP/IP connection
between the BlackBerry Enterprise Server and BlackBerry Infrastructure is designed to be highly secure in the following
ways:
The BlackBerry Enterprise Server deletes data traffic that it receives from any source other than the messaging server,
or from the device through the BlackBerry Infrastructure or BlackBerry Desktop Software.
The BlackBerry Enterprise Server and device use BlackBerry transport layer encryption to encrypt the data that they
send to each other. No intermediate point decrypts and encrypts the data again.
No data traffic of any kind can occur between the BlackBerry Enterprise Server and either the wireless network or the
device unless the BlackBerry Enterprise Server can decrypt the data using a valid device transport key. Only the
BlackBerry Enterprise Server and device have the correct device transport key.
You must configure your organization’s firewall or proxy server to permit the BlackBerry Enterprise Server to start and
maintain an outgoing connection to the
BlackBerry Infrastructure over TCP port 3101.
Security Technical Overview Protecting communications in your organization's environment
90