Table of Contents
Advertisement
BlackBerry Enterprise Solution
BlackBerry Infrastructure
The BlackBerry Infrastructure is designed to communicate with the BlackBerry Enterprise Server using a RIM-
proprietary protocol called Server Routing Protocol (SRP). SRP is a point-to-point protocol that runs over TCP/IP.
BlackBerry Enterprise Server
The BlackBerry Enterprise Server is designed to establish a secure, two-way link between a BlackBerry device
user's work email account and that user's BlackBerry device. The BlackBerry Enterprise Server uses this link to
complete message delivery within the protection of your organization's firewall.
Messaging server
The BlackBerry Enterprise Solution is designed to interoperate with messaging servers such as Microsoft
Exchange, IBM Lotus Domino, and Novell GroupWise. The BlackBerry Enterprise Solution is designed to use
existing messaging server security without altering the normal functionality of the messaging server. The
messaging server continues to receive, deliver, and store all email messages, while the BlackBerry Enterprise
Server acts as a conduit to transfer these messages to and from the BlackBerry device.
BlackBerry Configuration Database
The BlackBerry services that do not connect to the messaging server directly access the configuration
information that a SQL database (the BlackBerry Configuration Database) stores. BlackBerry services that might
otherwise require access to the messaging server can access encryption keys and passwords through the
BlackBerry Configuration Database to perform many tasks.
The BlackBerry Configuration Database stores the following information:
•
BlackBerry Enterprise Server names
•
unique SRP authentication keys and unique SRP IDs, or UIDs, that each BlackBerry Enterprise Server uses in
the SRP authentication process to establish a connection to the wireless network
•
IT policy private keys of the IT policy public and private key pair that the BlackBerry Enterprise Server
generates for each BlackBerry device
•
PIN of each BlackBerry device
•
read-only copies of each unique BlackBerry device master encryption key
•
BlackBerry device user lists
•
information contained in the message header that the BlackBerry Enterprise Server sends, for example,
message ID, date, and message status, (BlackBerry Enterprise Server for IBM Lotus Domino only)
•
a semi-permanent reference to user data using the GroupWise MessageID in the MBMailSync,
MBCalendarSync, MBPIMSync, and MBFolderSync database synchronization tables (BlackBerry® Enterprise
Server for Novell® GroupWise® only)
Protecting the BlackBerry Configuration Database
Your environment might benefit from configuring the Microsoft® SQL Server™ for optimal security of the
BlackBerry Configuration Database and protection of the stored BlackBerry device user encryption keys.
www.blackberry.com
34
Advertisement
Table of Contents
