Blackberry Infinity B1367WD User Manual
  1. Manuals
  2. Brands
  3. Blackberry Manuals
  4. Software
  5. Infinity B1367WD
  6. User manual
Blackberry Infinity B1367WD User Manual

Blackberry Infinity B1367WD User Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
BlackBerry Enterprise Server
Version: 5.0 | Service Pack: 2
Policy Reference Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Infinity B1367WD and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Blackberry Infinity B1367WD

Summary of Contents for Blackberry Infinity B1367WD

  • Page 1 BlackBerry Enterprise Server Version: 5.0 | Service Pack: 2 Policy Reference Guide...
  • Page 2 Published: 2010-06-16 SWDT323212-1063796-0616124539-001...

  • Page 3: Table Of Contents

    Contents IT policy rules....................................Using IT policy rules on other devices............................Preconfigured IT policies................................New IT policy rules in this release..............................2 Descriptions of IT policy rules..............................Desktop Only items..................................Auto Backup Enabled IT policy rule............................Auto Backup Exclude Messages IT policy rule........................Auto Backup Exclude Synchronization IT policy rule......................
  • Page 4 Maximum Security Timeout IT policy rule........................... Minimum Password Length IT policy rule..........................Password Pattern Checks IT policy rule..........................Password Required IT policy rule............................User Can Change Timeout IT policy rule..........................User Can Disable Password IT policy rule........................... Global items..................................... Allow Browser IT policy rule..............................Allow Phone IT policy rule..............................
  • Page 5 BlackBerry Smart Card Reader policy group..........................Disable Auto Reconnect To BlackBerry Smart Card Reader IT policy rule..............Force Erase All Keys on BlackBerry Disconnected Timeout IT policy rule............... Force Erase Key on PC Standby IT policy rule........................Maximum BlackBerry Bluetooth Traffic Inactivity Timeout IT policy rule................ Maximum BlackBerry Disconnected Timeout IT policy rule....................
  • Page 6 Disable Serial Port Profile IT policy rule..........................Disable SIM Access Profile IT policy rule..........................Disable Wireless Bypass IT policy rule..........................Force CHAP Authentication on Bluetooth Link IT policy rule................... Limit Discoverable Time IT policy rule..........................Minimum Encryption Key Length IT policy rule........................Require Encryption IT policy rule............................
  • Page 7 Certification Authority Profile Name IT policy rule......................Certification Authority Profile Required IT policy rule....................... Certification Authority Type IT policy rule........................... Common Name Components IT policy rule........................Custom Microsoft Certification Authority Certificate Template IT policy rule..............Distinguished Name Components IT policy rule........................ Key Algorithm IT policy rule..............................
  • Page 8 Automatic Time Zone Change Detection IT policy rule..................... 100 Enable Time Zone Definitions Update IT policy rule......................100 Periodic Time Synchronization IT policy rule........................Time Zone Definitions Automatic Update Interval IT policy rule..................Time Zone Definitions Update Server IT policy rule......................102 Desktop policy group..................................
  • Page 9 Enable Wireless Message Reconciliation IT policy rule...................... Inline Content Requests IT policy rule..........................Keep Message Duration IT policy rule..........................Keep Saved Message Duration IT policy rule........................Maximum Native Attachment MFH attachment size IT policy rule................. Maximum Native Attachment MFH total attachment size IT policy rule................ Maximum Native Attachment MTH attachment size IT policy rule.................
  • Page 10 Enterprise Location Tracking Interval IT policy rule......................Enterprise Location Tracking User Prompt Message IT policy rule.................. MDS Integration Service policy group............................Allow Access to Multiple Domains IT policy rule........................ Allow Discovery By User IT policy rule..........................Disable Activation With Public BlackBerry MDS Integration Service IT policy rule............129 Disable MDS Runtime IT policy rule.............................
  • Page 11 Disable Memopad Wireless Sync IT policy rule........................Disable Phone Call Log Wireless Synchronization IT policy rule..................Disable PIN Messages Wireless Synchronization IT policy rule..................Disable SMS Messages Wireless Sync IT policy rule......................Disable Task Wireless Sync IT policy rule..........................144 Disable Wireless Bulk Loads IT policy rule...........................
  • Page 12 Enable the "Tell A Friend" Feature in BlackBerry Client for Lotus Connections IT policy rule........158 Enable the "Tell A Friend" Feature in BlackBerry Client for Lotus Quickr IT policy rule..........158 Lotus Connections Activities Server IT policy rule......................159 Lotus Connections Blogs Server IT policy rule........................
  • Page 13 Disable Forwarding Between Services IT policy rule......................Disable Geo-Tagging of Photos IT policy rule........................Disable GPS IT policy rule..............................Disable Invalid Certificate Use IT policy rule........................Disable IP Modem IT policy rule............................176 Disable Key Store Backup IT policy rule..........................176 Disable Key Store Low Security IT policy rule........................
  • Page 14 Force Multi Factor Authentication IT policy rule........................ 193 Force Notifications for Keys with Medium Security Level IT policy rule................194 Force Smart Card Reader Challenge Response while User Authentication is enabled IT policy rule......194 Force Smart Card Two Factor Authentication IT policy rule....................195 Force Smart Card Two Factor Challenge Response IT policy rule..................
  • Page 15 S/MIME Force Smartcard Use IT policy rule........................S/MIME Minimum Strong DH Key Length IT policy rule....................S/MIME Minimum Strong DSA Key Length IT policy rule....................S/MIME Minimum Strong ECC Key Length IT policy rule....................S/MIME Minimum Strong RSA Key Length IT policy rule....................S/MIME More All and Send Mode IT policy rule........................
  • Page 16 TLS Disable Weak Ciphers IT policy rule..........................226 TLS Disable Weak Digests IT policy rule..........................227 TLS Minimum Strong DH Key Length IT policy rule......................227 TLS Minimum Strong DSA Key Length IT policy rule......................228 TLS Minimum Strong ECC Key Length IT policy rule......................228 TLS Minimum Strong RSA Key Length IT policy rule......................
  • Page 17 VoIP Enable Unattended Call Transfer IT policy rule......................VPN policy group.................................... Disable VPN User Profiles IT policy rule..........................Enable VPN IT policy rule..............................242 Use VPN Xauth IT policy rule..............................242 VPN Allow Handheld Changes IT policy rule........................243 VPN Allow Password Save IT policy rule..........................243 VPN Disable Prompt for Credentials Re-Entry IT policy rule....................
  • Page 18 Disable Wi-Fi IT policy rule..............................255 Disable Wi-Fi Direct Access to BlackBerry Enterprise Server IT policy rule..............256 Disable Wi-Fi User Profiles IT policy rule..........................256 GAN Signal Quality Threshold IT policy rule........................257 GAN Signal Strength Threshold IT policy rule........................257 GAN Wi-Fi Threshold IT policy rule............................
  • Page 19 Disallow Patch Download Over International Roaming WAN IT policy rule..............Disallow Patch Download Over Roaming WAN IT policy rule..................272 Disallow Patch Download Over WAN IT policy rule......................272 Disallow Patch Download Over Wi-Fi IT policy rule......................272 WTLS Application policy group..............................273 WTLS Disable Invalid Connection IT policy rule........................
  • Page 20 Enable VPN configuration setting............................286 Suppress VPN Banner configuration setting........................286 Use VPN Xauth configuration setting..........................287 VPN Allow Handheld Changes configuration setting....................... 287 VPN Allow Password Save configuration setting....................... 288 VPN Disable Server Certificate Validation configuration setting..................288 VPN DNS Configuration configuration setting........................289 VPN Domain Name configuration setting..........................
  • Page 21 Wi-Fi Allow Handheld Changes configuration setting...................... 300 Wi-Fi Allow Password Save configuration setting......................301 Wi-Fi Band Type configuration setting..........................301 Wi-Fi BlackBerry Infrastructure Wi-Fi Access Mode configuration setting..............301 Wi-Fi Default Gateway configuration setting........................302 Wi-Fi Default KEY ID configuration setting........................303 Wi-Fi DHCP Configuration configuration setting.......................
  • Page 22 4 Descriptions of application control policy rules........................316 Are Internal Network Connections Allowed application control policy rule................316 Are External Network Connections Allowed application control policy rule................316 Are Local Connections Allowed application control policy rule....................Is Access to the Phone API Allowed application control policy rule..................Is Access to the Email API Allowed application control policy rule..................
  • Page 23 Limiting user control of third-party applications on BlackBerry devices................. 332 Preventing RIM value-added applications from running on BlackBerry devices..............332 6 Glossary......................................334 7 Provide feedback..................................340 8 Legal notice....................................341...

  • Page 24: It Policy Rules

    Policy Reference Guide IT policy rules IT policy rules You can assign IT policies to BlackBerry® devices to satisfy your organization's security policy requirements and to reflect the needs of the BlackBerry device users. For example, you can create an IT policy, configure the IT policy rules for executive-level feature and security requirements, add executives to a group, and assign the IT policy to the group.

  • Page 25: New It Policy Rules In This Release

    Policy Reference Guide New IT policy rules in this release Preconfigured IT policy Description Medium Security with No 3rd Party Similar to the Medium Password Security, this policy requires a complex password Applications that a user must change frequently, a security timeout, and a maximum password history.
  • Page 26 Policy Reference Guide New IT policy rules in this release BlackBerry Device Software Policy group Rule minimum requirement Chalk™ Pushcast™ Allow Chalk Pushcast Player Auto Update Prompt — Chalk Pushcast Allow Chalk Pushcast Player Roaming — Chalk Pushcast Allow Launch of Chalk Pushcast Player —...

  • Page 27: Descriptions Of It Policy Rules

    Policy Reference Guide Descriptions of IT policy rules Descriptions of IT policy rules Desktop Only items Auto Backup Enabled IT policy rule Description This rule specifies whether the automatic backup option in the backup and restore tool of the BlackBerry® Desktop Manager or BlackBerry®...

  • Page 28: Auto Backup Exclude Synchronization It Policy Rule

    Policy Reference Guide Desktop Only items • BlackBerry® Desktop Software version 3.5 or BlackBerry Web Desktop Manager version 1.0 • BlackBerry® Enterprise Server version 3.5 for Microsoft® Exchange, BlackBerry® Enterprise Server version 4.0 for IBM® Lotus® Domino®, or BlackBerry® Enterprise Server version 4.0 for Novell® GroupWise® Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this rule with the BlackBerry Web Desktop Manager only.

  • Page 29: Auto Backup Include All It Policy Rule

    Policy Reference Guide Desktop Only items If a user's computer memory is limited, save backup files to a network drive. Minimum requirements • BlackBerry® Application Suite version 1.0 • BlackBerry® Desktop Software version 3.5 or BlackBerry® Web Desktop Manager version 1.0 •...

  • Page 30: Do Not Save Sent Messages It Policy Rule

    Policy Reference Guide Desktop Only items Change this rule to Yes to prevent users from using wireless calendar synchronization. Minimum requirements • BlackBerry® Application Suite version 1.0 • BlackBerry® Desktop Software version 3.5 or BlackBerry® Web Desktop Manager version 1.0 •...

  • Page 31: Force Load Message It Policy Rule

    Policy Reference Guide Desktop Only items To turn off mandatory updates of the BlackBerry Device Software, change this rule to -1. To turn on the forced update feature, change this rule to 0 or higher. If you turn on the feature, when a user logs in and connects a BlackBerry device to a computer, the BlackBerry®...

  • Page 32: Forward Messages In Cradle It Policy Rule

    Policy Reference Guide Desktop Only items Forward Messages In Cradle IT policy rule Description This rule specifies whether a BlackBerry® device receives email messages while it is connected to a computer. The BlackBerry® Enterprise Server configures this value. Default value The default value is Yes.

  • Page 33: Message Prompt It Policy Rule

    Policy Reference Guide Desktop Only items Message Prompt IT policy rule Description This rule specifies the message that should appear when the BlackBerry® Desktop Software starts. Default value The default value is a null value. Minimum requirements • BlackBerry® Application Suite version 1.0 •...

  • Page 34: Show Web Link It Policy Rule

    Policy Reference Guide Desktop Only items Show Web Link IT policy rule Description This rule specifies whether the link icon for the Internet appears in the BlackBerry® Desktop Manager. Default value The default value is No. Usage You can use this rule when you manage BlackBerry devices that are running BlackBerry® Application Suite versions 1.0 and later. Dependencies The link icon appears only if you configure a default web address using the Web Link URL IT policy rule.

  • Page 35: Web Link Label It Policy Rule

    Policy Reference Guide Desktop Only items Web Link Label IT policy rule Description This rule specifies the name of the web link icon, if it appears in the BlackBerry® Desktop Manager. Default value The default value is Downloads. Usage Configure the label according to your organization's requirements. Dependencies If you configure this rule, you must also change the Show Web Link IT policy rule to Yes so that the web link icon appears.

  • Page 36: Device Only Items

    Policy Reference Guide Device Only Items The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. Device Only Items Allow BCC Recipients IT policy rule Description This rule specifies whether a BlackBerry® device user can include BCC recipients when composing email messages on a BlackBerry®...

  • Page 37: Allow Sms It Policy Rule

    Policy Reference Guide Device Only Items To block incoming PIN messages, in the Security policy group, configure the Firewall Block Incoming Messages IT policy rule to PIN Messages (Public) and PIN Messages (Corporate). Minimum requirements • C++ based BlackBerry® device that is running BlackBerry® Device Software version 2.5 •...

  • Page 38: Default Browser Config Uid It Policy Rule

    Policy Reference Guide Device Only Items Default Browser Config UID IT policy rule Description This rule specifies a unique ID for the browser configuration service book, which specifies the default browser configuration on a BlackBerry® device. For more information about the browser configurations that are available on a BlackBerry device, see the Browser policy group. Default value The default value is a null value.

  • Page 39: Enable Wap Config It Policy Rule

    Policy Reference Guide Device Only Items The BlackBerry® Enterprise Server for Novell® GroupWise® supports this rule in BlackBerry Device Software version 4.0 or later. Enable WAP Config IT policy rule Description This rule specifies whether a separate icon appears on a BlackBerry® device if the appropriate service books are present for the WAP Browser.

  • Page 40: Home Page Address Is Read-Only It Policy Rule

    Policy Reference Guide Device Only Items • C++ based BlackBerry device that is running BlackBerry® Device Software version 2.5 • Java® based BlackBerry device that is running BlackBerry Device Software version 3.6 • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 (internal) •...

  • Page 41: Maximum Security Timeout It Policy Rule

    Policy Reference Guide Device Only Items The default value in all other preconfigured IT policies is 30 days. Usage If you configure this rule to 0, the BlackBerry device password does not expire. Dependencies A BlackBerry device uses this rule only if the Password Required rule is configured to Yes. Minimum requirements •...

  • Page 42: Minimum Password Length It Policy Rule

    Policy Reference Guide Device Only Items • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 1.2, 2.0, 2.1, or 4.0 • BlackBerry® Enterprise Server version 3.5 Minimum Password Length IT policy rule Description This rule specifies the minimum number of characters that are required for a BlackBerry® device password. The permitted range is 4 through 14 characters.

  • Page 43: Password Required It Policy Rule

    Policy Reference Guide Device Only Items Change this rule to At least 1 alpha and 1 numeric character to require that a BlackBerry device user enter at least 1 alphabetic character and 1 numeric character. Change this rule to At least 1 alpha, 1 numeric, and 1 special character to require that a BlackBerry device user enter at least 1 alphabetic, 1 numeric and 1 special character.

  • Page 44: User Can Change Timeout It Policy Rule

    Policy Reference Guide Device Only Items • BlackBerry® Connect™ versions 1.2, 2.0, 2.1 or 4.0 • BlackBerry® Enterprise Server version 3.5 for Microsoft® Exchange, BlackBerry® Enterprise Server version 4.0 for IBM® Lotus® Domino®, or BlackBerry® Enterprise Server version 4.0 for Novell® GroupWise® Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this rule only for Java based BlackBerry devices that are running BlackBerry Device Software version 4.0 or later.

  • Page 45: Global Items

    Policy Reference Guide Global items This rule is obsolete for Java® based BlackBerry devices that are running BlackBerry® Device Software version 4.0 or later and C++ based BlackBerry devices that are running BlackBerry Device Software version 2.7. Minimum requirements • C++ based BlackBerry device that is running BlackBerry Device Software version 2.5 •...

  • Page 46: Allow Phone It Policy Rule

    Policy Reference Guide Global items Allow Phone IT policy rule Description This rule specifies whether the phone is available on a BlackBerry® device. Default value The default value is Yes. Usage Change this rule to No to prevent a user from making and receiving any calls except emergency calls. The phone icon remains on the BlackBerry device.

  • Page 47: Application Center Policy Group

    Policy Reference Guide Application Center policy group The BlackBerry Enterprise Server for Microsoft Exchange supports this rule in BlackBerry Enterprise Server versions 3.5 to 4.1 SP2. The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. Application Center policy group Disable Application Center IT policy rule Description This rule specifies whether to prevent the application center from running on a BlackBerry®...

  • Page 48: Blackberry App World Policy Group

    Policy Reference Guide BlackBerry App World policy group BlackBerry App World policy group Disable App World IT policy rule Description This rule specifies whether the BlackBerry App World™ application on a BlackBerry® device is turned off. Default values The default value is No. On the device, the BlackBerry App World application is turned on. Usage If you change this rule to Yes, the BlackBerry App World application on the device is turned off.

  • Page 49: Application Restriction List It Policy Rule

    Policy Reference Guide BlackBerry App World policy group • Java® based BlackBerry device • BlackBerry® Device Software 4.5 • BlackBerry® Enterprise Server 5.0 SP2 Application Restriction List IT policy rule Description This rule specifies a list of applications that are available on the BlackBerry App World™ storefront that you can permit or prevent a BlackBerry®...

  • Page 50: Category Restriction List It Policy Rule

    Policy Reference Guide BlackBerry App World policy group If you change this rule to Allow, a user can only purchase or download applications from BlackBerry App World that are in the categories that you specify in the Category Restriction List IT policy rule. If you change this rule to Deny, a user cannot purchase or download applications from BlackBerry App World that are included in the categories that you specify in the Category Restriction List IT policy rule.

  • Page 51: Enable Wireless Service Provider Billing It Policy Rule

    Policy Reference Guide BlackBerry Messenger policy group The default value is No. A user can purchase applications from BlackBerry App World. Usage If you change this rule to Yes, a user cannot purchase applications from BlackBerry App World. Minimum requirements •...

  • Page 52: Disable Blackberry Messenger Groups It Policy Rule

    Policy Reference Guide BlackBerry Messenger policy group Change this rule to Yes to turn off the BlackBerry Messenger. This might help prevent risks that are associated with PIN messaging. For more information about PIN messaging risks, see the BlackBerry Enterprise Solution Security Technical Overview. Minimum requirements •...

  • Page 53: Disable Location Requests, Responses, And Proximity Alerts It Policy Rule

    Policy Reference Guide BlackBerry Messenger policy group Disable Location Requests, Responses, and Proximity Alerts IT policy rule Description This rule specifies whether a BlackBerry® Messenger user can make location requests, respond to location requests, or request or send proximity alerts to another BlackBerry Messenger user. Default value The default value is No.

  • Page 54: Disallow Forwarding Of Contacts It Policy Rule

    Policy Reference Guide BlackBerry Messenger policy group The default value is No. A BlackBerry Messenger user can register an email address with the BlackBerry Messenger server, even if the email address is not associated with a BlackBerry Enterprise Server. Minimum requirements •...

  • Page 55: Messenger Audit Email Address It Policy Rule

    Policy Reference Guide BlackBerry Messenger policy group The default value is No. A BlackBerry device does not enforce a security question for invitations that the BlackBerry Messenger processes. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.5 •...

  • Page 56: Messenger Audit Report Interval It Policy Rule

    Policy Reference Guide BlackBerry Messenger policy group • BlackBerry® Application Suite 1.0 • BlackBerry® Device Software 3.6 • BlackBerry® Enterprise Server 4.0 SP2 Messenger Audit Report Interval IT policy rule Description This rule specifies the amount of time (in hours) that can elapse between BlackBerry® Messenger audit reports that a BlackBerry device sends when there is new data.

  • Page 57: Blackberry Smart Card Reader Policy Group

    Policy Reference Guide BlackBerry Smart Card Reader policy group • BlackBerry® Enterprise Server 4.0 SP2 BlackBerry Smart Card Reader policy group For more information about using the BlackBerry® Smart Card Reader with computers and BlackBerry devices, see the BlackBerry® Enterprise Solution Security Technical Overview and the BlackBerry Smart Card Reader Security Technical Overview. Disable Auto Reconnect To BlackBerry Smart Card Reader IT policy rule Description This rule specifies whether a previously connected computer or BlackBerry®...

  • Page 58: Force Erase Key On Pc Standby It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group If you change this rule to Yes, a user cannot change this feature on a BlackBerry device. Dependencies A BlackBerry device uses this rule only if you configure the Maximum BlackBerry Disconnect Timeout IT policy rule. Minimum requirements •...

  • Page 59: Maximum Blackberry Disconnected Timeout It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group The default value is a null value. The secure pairing information is not deleted from the BlackBerry device. Usage If you configure this rule, the user cannot turn off this feature but can change the Inactivity Timeout field on the BlackBerry device to a lower value.

  • Page 60: Maximum Blackberry Long Term Timeout It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. Maximum BlackBerry Long Term Timeout IT policy rule Description This rule specifies the maximum time (in hours) that can elapse after a BlackBerry® device and a BlackBerry® Smart Card Reader establish secure pairing information before the BlackBerry device and the BlackBerry Smart Card Reader delete the secure pairing information.

  • Page 61: Maximum Bluetooth Range It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group • Java® based BlackBerry device • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 SP7 • BlackBerry Smart Card Reader software version 1.5.1 Maximum Bluetooth Range IT policy rule Description This rule specifies the maximum power range that a BlackBerry®...

  • Page 62: Maximum Number Of Blackberry Transactions It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group Use this rule to prevent an attacker from using a low-level Bluetooth heartbeat period to keep a Bluetooth connection between a BlackBerry device or computer and a BlackBerry Smart Card Reader open and the secure pairing keys present. If you configure this rule, the user cannot turn off the heartbeat period but can change the Connection Heartbeat Period field on a BlackBerry device or a computer to a lower value.

  • Page 63: Maximum Number Of Pc Pairings It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group • BlackBerry Smart Card Reader software version 1.5 Exceptions The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. Maximum Number of PC Pairings IT policy rule Description This rule specifies the maximum number of computers that can pair with a BlackBerry® Smart Card Reader. The permitted range is 0 through 65,535 computers.

  • Page 64: Maximum Pc Bluetooth Traffic Inactivity Timeout It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group If you do not configure this rule, the user can change the Number of Transactions field to any value. Minimum requirements • BlackBerry® Enterprise Server version 4.0 SP5 • BlackBerry Smart Card Reader software version 1.5 Exceptions The BlackBerry®...

  • Page 65: Maximum Pc Long Term Timeout It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group The default value is a null value. Usage If you configure this rule, the user cannot turn off this feature but can change the Disconnected Timeout field in the BlackBerry Smart Card Reader options on a computer to a lower value. If you do not configure this rule, the user can change the Disconnected Timeout field to any value.

  • Page 66: Maximum Smart Card Not Present Timeout It Policy Rule

    Policy Reference Guide BlackBerry Smart Card Reader policy group Maximum Smart Card Not Present Timeout IT policy rule Description This rule specifies the maximum time (in seconds) that can elapse after a user removes a smart card from a BlackBerry® Smart Card Reader before the secure pairing information is deleted from the BlackBerry device and BlackBerry Smart Card Reader.

  • Page 67: Blackberry Unite! Policy Group

    Policy Reference Guide BlackBerry Unite! policy group • Java® based BlackBerry device • BlackBerry® Device Software version 5.0 • BlackBerry Enterprise Server version 5.0 • BlackBerry Smart Card Reader version 2.0 BlackBerry Unite! policy group Disable Download Manager IT policy rule Description This rule specifies whether to prevent the Download Manager for the BlackBerry®...

  • Page 68: Allow Outgoing Calls It Policy Rule

    Policy Reference Guide Bluetooth policy group Allow Outgoing Calls IT policy rule Description This rule specifies whether a user can place outgoing calls from a BlackBerry® device using Bluetooth® technology. Default value The default value is Always. Usage Configure this rule to Always, Never, or Only when the BlackBerry device is unlocked. Minimum requirements •...

  • Page 69: Disable Audio/Video Remote Control Profile It Policy Rule

    Policy Reference Guide Bluetooth policy group Default value The default value is No. Usage Change this rule to Yes to turn off the ability to stream audio using Bluetooth technology. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.2.2 •...

  • Page 70: Disable Desktop Connectivity It Policy Rule

    Policy Reference Guide Bluetooth policy group • BlackBerry® Enterprise Server version 4.0 Exceptions The BlackBerry® Enterprise Server for Novell® GroupWise® supports this rule in BlackBerry Device Software version 4.0 and later. Disable Desktop Connectivity IT policy rule Description This rule specifies whether to prevent a BlackBerry® device from using Bluetooth® technology to connect to the BlackBerry® Desktop Software.

  • Page 71: Disable File Transfer It Policy Rule

    Policy Reference Guide Bluetooth policy group The default value in all other preconfigured IT policies is Yes. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.0.2 • BlackBerry® Enterprise Server version 4.0 SP2 Disable File Transfer IT policy rule Description This rule specifies whether to prevent a BlackBerry®...

  • Page 72: Disable Headset Profile It Policy Rule

    Policy Reference Guide Bluetooth policy group Disable Headset Profile IT policy rule Description This rule specifies whether a BlackBerry® device can use the Bluetooth® HSP. Default value The default value is No. Usage A BlackBerry device uses the Bluetooth HSP to connect to most headsets and some car kits. Minimum requirements •...

  • Page 73: Disable Pairing It Policy Rule

    Policy Reference Guide Bluetooth policy group Disable Pairing IT policy rule Description This rule specifies whether a BlackBerry® device can pair with a Bluetooth® enabled device. Default value The default value is No. Usage After a BlackBerry device pairs with a supported Bluetooth enabled device, you can use this rule to prevent the BlackBerry device from pairing with other Bluetooth enabled devices.

  • Page 74: Disable Sim Access Profile It Policy Rule

    Policy Reference Guide Bluetooth policy group The BlackBerry® Enterprise Server for Novell® GroupWise® supports this rule in BlackBerry Device Software version 4.0 and later. Disable SIM Access Profile IT policy rule Description This rule specifies whether to prevent a Bluetooth® enabled BlackBerry® device from using the Bluetooth SIM Access Profile, which might be required when a car kit initiates dialing.

  • Page 75: Limit Discoverable Time It Policy Rule

    Policy Reference Guide Bluetooth policy group • BlackBerry® Device Software version 4.2.2 • BlackBerry® Enterprise Server version 4.1 SP4 Limit Discoverable Time IT policy rule Description This rule specifies whether a BlackBerry® device user can configure the Bluetooth® discoverable mode option so that the option does not have a time limit.

  • Page 76: Require Led Connection Indicator It Policy Rule

    Policy Reference Guide Bluetooth policy group This rule specifies whether a BlackBerry® device uses Bluetooth® encryption for all connections. Default value The default value is No. Usage If you change this rule to Yes to require Bluetooth encryption for all connections, you might restrict compatibility with some Bluetooth enabled devices.

  • Page 77: Require Password For Enabling Bluetooth Support It Policy Rule

    Policy Reference Guide Browser policy group • BlackBerry® Device Software version 4.1 • BlackBerry® Enterprise Server version 4.0 SP3 Require Password for Enabling Bluetooth Support IT policy rule Description This rule specifies whether a user must type the BlackBerry® device password to turn on Bluetooth® technology. Default value The default value is No.

  • Page 78: Allow Hotspot Browser It Policy Rule

    Policy Reference Guide Browser policy group Allow Hotspot Browser IT policy rule Description This rule specifies whether a Wi-Fi® enabled BlackBerry® device can access a hotspot browser. Default value The default value is Allow. Usage Change this rule to Disallow to prevent a Wi-Fi enabled BlackBerry device from accessing a hotspot browser. Change this rule to Only for Hotspot Login to permit access only for the purpose of authenticating to the hotspot.

  • Page 79: Disable Javascript In Browser It Policy Rule

    Policy Reference Guide Browser policy group This rule specifies whether to prevent a user from configuring intervals for automatic synchronization of the bookmark list in the BlackBerry® Browser. Default value The default value is No. Minimum requirements • Java® based BlackBerry device •...

  • Page 80: Download Themes Url It Policy Rule

    Policy Reference Guide Browser policy group Download Themes URL IT policy rule Description This rule specifies a web address that provides additional themes for a BlackBerry® device. Default value The default value is a null value. Minimum requirements • Java® based BlackBerry device •...

  • Page 81: Mds Browser Domains It Policy Rule

    Policy Reference Guide Browser policy group • Java® based BlackBerry device • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 (internal) • BlackBerry® Device Software version 4.0.2 • BlackBerry® Enterprise Server version 4.0 SP2 MDS Browser Domains IT policy rule Description This rule specifies a list of web addresses that a BlackBerry®...

  • Page 82: Mds Browser Javascript Enabled It Policy Rule

    Policy Reference Guide Browser policy group MDS Browser JavaScript Enabled IT policy rule Description This rule specifies whether JavaScript® in the BlackBerry® Browser is turned on. Default value The default value is No. Usage Change this rule to Yes to render web pages that use JavaScript correctly. Minimum requirements •...

  • Page 83: Mds Browser Use Separate Icon It Policy Rule

    Policy Reference Guide Camera policy group The default value is BlackBerry Browser. Minimum requirements • Java® based BlackBerry device • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 (internal) • BlackBerry® Device Software version 3.6 • BlackBerry® Enterprise Server for Microsoft® Exchange version 3.6 •...

  • Page 84: Disable Video Camera It Policy Rule

    Policy Reference Guide Certification Authority Profile policy group Disable Video Camera IT policy rule Description This rule specifies whether the video camera feature on a BlackBerry® device is turned on. Default value The default value is No. The video camera is available on the BlackBerry device. Usage Change this rule to Yes to turn off the video camera feature.

  • Page 85: Certificate Enrollment Delay It Policy Rule

    Policy Reference Guide Certification Authority Profile policy group • Java® based BlackBerry device • BlackBerry® Device Software version 5.0 • BlackBerry® Enterprise Server version 5.0 Certificate Enrollment Delay IT policy rule Description This rule specifies the time (in hours) that a BlackBerry® device can wait before it initiates the certificate enrollment process. The BlackBerry device selects a time randomly within this specified time period to start the certificate enrollment process so that the BlackBerry®...

  • Page 86: Certificate Authority Port It Policy Rule

    Policy Reference Guide Certification Authority Profile policy group This rule specifies the name of the certification authority server that is required in the certification authority profile (for example, http://<server>.<domain>). The previous name of this rule was Certificate Authority Host. Default value The default value is a null value.

  • Page 87: Certification Authority Profile Required It Policy Rule

    Policy Reference Guide Certification Authority Profile policy group If you change this rule after the BlackBerry® Enterprise Server sends the certification authority profile to a BlackBerry device, and you resend the IT policy, the BlackBerry device restarts the certificate enrollment process. Minimum requirements •...

  • Page 88: Common Name Components It Policy Rule

    Policy Reference Guide Certification Authority Profile policy group The previous name of this rule was Certificate Authority Type. Default value The default certification authority type is Microsoft® Enterprise. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 5.0 •...

  • Page 89: Distinguished Name Components It Policy Rule

    Policy Reference Guide Certification Authority Profile policy group The default value is a null value. Usage You must use the exact value that the administrator for the certification authority configures for the Microsoft enterprise certificate authority. Dependencies If you configure this rule, a BlackBerry® device does not use the Microsoft Certification Authority Certificate Template rule. A BlackBerry device uses this rule only if the Certification Authority Type rule is configured to Microsoft Enterprise.

  • Page 90: Key Algorithm It Policy Rule

    Policy Reference Guide Certification Authority Profile policy group Key Algorithm IT policy rule Description This rule specifies the algorithm that a BlackBerry® device uses to generate a public-private key pair. Default value The default value is RSA® algorithm. Minimum requirements •...

  • Page 91: Rsa Certification Authority Certificate Id It Policy Rule

    Policy Reference Guide Certification Authority Profile policy group The default value is User certificate template. Dependencies If you configure the Certification Authority Type rule to Microsoft Stand-alone or RSA®, a BlackBerry® device does not use this rule. Minimum requirements • Java®...

  • Page 92: Certificate Synchronization Policy Group

    Policy Reference Guide Certificate Synchronization policy group This value maps to the jurisdiction ID (for example, 15c128ec4b2a798c09427072efeddb5d96aa4664) that the administrator of the RSA certification authority provides. Dependencies A BlackBerry® device uses this rule only if you configure the Certification Authority Type IT policy rule to RSA. Minimum requirements •...

  • Page 93: Chalk Pushcast Policy Group

    Policy Reference Guide Chalk Pushcast policy group This rule specifies whether a user can stop the BlackBerry® Desktop Software from starting the random number generator on a BlackBerry device automatically. Default setting The default value is Yes. Minimum requirements • BlackBerry Desktop Software version 4.3 •...

  • Page 94: Allow Launch Of Chalk Pushcast Player It Policy Rule

    Policy Reference Guide Chalk Pushcast policy group If the Chalk Pushcast Player can connect to the Chalk Pushcast Software over a Wi-Fi® network, the Chalk Pushcast Player can download content when the device is roaming even if you change the value for this rule to No. A device user can change the value to No on the Chalk Pushcast Player.

  • Page 95: Chalk Pushcast Player Host Url It Policy Rule

    Policy Reference Guide Chalk Pushcast policy group • BlackBerry Enterprise Server 5.0 SP2 Chalk Pushcast Player Host URL IT policy rule Description This rule specifies the URL of the server (for example, https://server01.rim.net) that hosts the Chalk™ Pushcast™ Software. The Chalk Pushcast Player uses the FQDN to connect to the Chalk Pushcast Software.

  • Page 96: Restrict Chalk Pushcast Player To Wi-Fi It Policy Rule

    Policy Reference Guide Common policy group Restrict Chalk Pushcast Player to Wi-Fi IT policy rule Description This rule specifies whether the Chalk™ Pushcast™ Player on a BlackBerry® device can download content from the Chalk™ Pushcast™ Software when the BlackBerry device is not connected to a Wi-Fi® network. You can implement this rule so that a BlackBerry device user who does not have a wireless service plan can access the Chalk Pushcast Software over the Wi-Fi network.

  • Page 97: Confirm On Send It Policy Rule

    Policy Reference Guide Common policy group Note: Where applicable, if you do not configure this rule, a BlackBerry device uses the settings that the application control policy rules specify, or the software configurations that the BlackBerry device configuration tool defines. If application control data does not exist, by default the BlackBerry device opens internal and external connections through the firewall.

  • Page 98: Disable Mms It Policy Rule

    Policy Reference Guide Common policy group This rule specifies whether a BlackBerry® device user can use Kodiak™ PTT on a supported BlackBerry device. Default value The default value is No. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.2 •...

  • Page 99: Disable Voice Note Recording It Policy Rule

    Policy Reference Guide Common policy group • BlackBerry® Device Software version 4.2 • BlackBerry® Enterprise Server version 4.0 SP6 Disable Voice Note Recording IT policy rule Description This rule specifies whether the voice note recording feature on a BlackBerry® device is turned on. Default value The default value is No.

  • Page 100: It Policy Notification It Policy Rule

    Policy Reference Guide Common policy group IT Policy Notification IT policy rule Description This rule specifies whether warnings about IT policy changes appear to a BlackBerry® device user. Default value The default value is No. Minimum requirements • C++ based BlackBerry device that is running BlackBerry® Device Software version 2.7 •...

  • Page 101: Set Owner Info It Policy Rule

    Policy Reference Guide Common policy group • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 • BlackBerry® Enterprise Server version 4.0 Exceptions The BlackBerry® Enterprise Server for Novell® GroupWise® supports this rule only for Java based BlackBerry devices. Set Owner Info IT policy rule Description This rule specifies the owner information that appears on a BlackBerry®...

  • Page 102: Date And Time It Policy Group

    Policy Reference Guide Date and Time IT policy group You can overwrite this information by sending the Set Owner Information IT administration command to a BlackBerry device. Dependencies The Set Owner Name IT policy rule is related to the Lock Owner Info IT policy rule. Minimum requirements •...

  • Page 103: Periodic Time Synchronization It Policy Rule

    Policy Reference Guide Date and Time IT policy group This rule specifies whether a BlackBerry® device can update time zone definitions over the wireless network after a user requests a time zone definitions update. Default value The default value is No. A BlackBerry device cannot update time zone definitions after a user requests a time zone definitions update.

  • Page 104: Time Zone Definitions Update Server It Policy Rule

    Policy Reference Guide Desktop policy group The permitted range between automatic updates is 1 to 365 days. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 5.0 • BlackBerry® Enterprise Server version 5.0 SP1 Time Zone Definitions Update Server IT policy rule Description This rule specifies the FQDN of the web server that a BlackBerry®...

  • Page 105: Allow External Device Software Servers It Policy Rule

    Policy Reference Guide Desktop policy group Allow External Device Software Servers IT policy rule Description This rule specifies whether the BlackBerry® Device Software can receive updates from software servers that are hosted outside your organization. Default value The default value is No. The BlackBerry Device Software cannot receive updates from software servers that an external organization hosts.

  • Page 106: Desktop Allow Desktop Add-Ins It Policy Rule

    Policy Reference Guide Desktop policy group This rule specifies whether a BlackBerry® device can synchronize email messages in personal folders over a serial connection or USB connection. Default value The default value is Yes. A BlackBerry device can synchronize email messages in personal folders over a serial connection or USB connection.

  • Page 107: Desktop Password Cache Timeout It Policy Rule

    Policy Reference Guide Desktop policy group Change this rule to No to prevent users from switching to an unapproved BlackBerry device. The Enterprise Service Policy overrides this rule. For more information about using the Enterprise Service Policy, see the BlackBerry Enterprise Solution Security Technical Overview.

  • Page 108: Disable Media Manager It Policy Rule

    Policy Reference Guide Desktop policy group This rule specifies whether the Check for updates link in the BlackBerry® Desktop Manager is available. Default value The default value is No. Minimum requirements • BlackBerry® Desktop Software version 4.5 • BlackBerry® Enterprise Server version 4.1 SP5 Disable Media Manager IT policy rule Description This rule specifies whether the media manager tool of the BlackBerry®...

  • Page 109: Force Updates For Application Loader Tool It Policy Rule

    Policy Reference Guide Desktop policy group Force updates for application loader tool IT policy rule Description This rule specifies whether a BlackBerry® device user must update the application loader tool manually when an updated version is available and the user is updating the BlackBerry® Device Software using BlackBerry® Desktop Manager. Default value The default value is Yes.

  • Page 110: Device Iot Application Policy Group

    Policy Reference Guide Device IOT Application policy group The default value is a null value. Minimum requirements • BlackBerry® Desktop Software version 4.5 • BlackBerry® Enterprise Server version 4.1 SP5 Device IOT Application policy group Device Diagnostic App Disable IT policy rule Description This rule specifies whether to prevent a user from sending diagnostic reports from a BlackBerry®...

  • Page 111: Documents To Go Policy Group

    Policy Reference Guide Documents To Go policy group This rule specifies one or more PINs that should receive diagnostic reports. Separate multiple PINs with a comma (,). Default value The default value is a null value. Minimum requirements • Java® based BlackBerry® device •...

  • Page 112: Hide Documents To Go Premium Feature Menus It Policy Rule

    Policy Reference Guide Email Messaging policy group • BlackBerry® Enterprise Server version 4.1 SP5 Hide Documents To Go Premium Feature Menus IT policy rule Description This rule specifies whether to hide the premium features of the DataViz® Documents to Go® application that are not available on a BlackBerry®...

  • Page 113: Attachment Viewing It Policy Rule

    Policy Reference Guide Email Messaging policy group • BlackBerry® Device Software 4.2 • BlackBerry Enterprise Server 4.0 SP6 Attachment Viewing IT policy rule Description This rule specifies whether a BlackBerry® device user can view supported attachments in messages and calendar entries. Default value The default value is Yes.

  • Page 114: Disable Form Submission It Policy Rule

    Policy Reference Guide Email Messaging policy group The message that the confirmation dialog box displays informs users that they might expose their email addresses if they download an image from the Internet. If you change this rule to Yes, BlackBerry device users must verify whether they want to download an image each time they click the Get Images link in an HTML-formatted email message.

  • Page 115: Disable Rich Content Email It Policy Rule

    Policy Reference Guide Email Messaging policy group This rule specifies whether to prevent a BlackBerry® device user from forwarding and replying to received IBM® Lotus® Domino® encrypted email messages from a BlackBerry device. By default, a BlackBerry device user with support for reading IBM Lotus Domino encrypted email messages on a BlackBerry device can forward or reply to encrypted email messages that were received, decrypted, and decompressed on the BlackBerry device.

  • Page 116: Inline Content Requests It Policy Rule

    Policy Reference Guide Email Messaging policy group When a user moves or deletes email messages on a BlackBerry device or in the email application on a computer, or marks messages as opened or unopened, the BlackBerry Messaging Agent reconciles the changes over the wireless network. Default value The default value is Yes.

  • Page 117: Keep Saved Message Duration It Policy Rule

    Policy Reference Guide Email Messaging policy group This rule specifies the maximum time (in days) that a BlackBerry® device keeps messages. The permitted range is -1 through 180 days. Default value The default value is -1. A BlackBerry device keeps messages indefinitely. Usage Configure this rule to 0 or -1 to keep messages on a BlackBerry device indefinitely.

  • Page 118: Maximum Native Attachment Mfh Total Attachment Size It Policy Rule

    Policy Reference Guide Email Messaging policy group This rule specifies the maximum size (in bytes) of an attachment that a BlackBerry® device user can send from a BlackBerry device. This rule controls attachments that are larger than 60 KB, which is the maximum amount of data that a device can send to a BlackBerry®...

  • Page 119: Maximum Native Attachment Mth Attachment Size It Policy Rule

    Policy Reference Guide Email Messaging policy group Maximum Native Attachment MTH attachment size IT policy rule Description This rule specifies the maximum size (in KB) of a single standard attachment that a user can download to a BlackBerry® device. The permitted range is 0 through 1,048,576 KB. Default value The default value is 10,240 KB.

  • Page 120: Require Notes Native Encryption For Outgoing Messages It Policy Rule

    Policy Reference Guide Enterprise Voice Client policy group This rule specifies the disclaimer that appears at the beginning of all email messages that a user sends from a BlackBerry® device. Default value The default value is a null value. Minimum requirements •...

  • Page 121: Disable Enterprise Voice Client It Policy Rule

    Policy Reference Guide Enterprise Voice Client policy group This rule specifies whether a BlackBerry® device can use the DTMF call format for outgoing calls if the outgoing calls using a protocol format fail because of inadequate wireless coverage levels. The DTMF call format uses weaker authentication than the protocol call format.

  • Page 122: External Display Policy Group

    Policy Reference Guide External Display policy group This rule specifies whether the BlackBerry® device accepts incoming calls only if they are sent through the BlackBerry® Enterprise Server. Default value The default value is No. Usage This rule is obsolete in BlackBerry Enterprise Server 4.1 SP4 and later. Minimum requirements •...

  • Page 123: Firewall Policy Group

    Policy Reference Guide Firewall policy group The default value is No. Dependencies A BlackBerry device uses this rule only if the Display Notification Details IT policy rule is configured to Only when unlocked or Always. Minimum requirements • Java® based BlackBerry Pearl 8220 device •...

  • Page 124: Restrict Outgoing Cellular Calls It Policy Rule

    Policy Reference Guide Instant Messaging policy group • Java® based BlackBerry device • BlackBerry® Device Software version 4.3 • BlackBerry® Enterprise Server version 4.1 SP5 Restrict Outgoing Cellular Calls IT policy rule Description This rule specifies whether a BlackBerry® device firewall blocks calls that a BlackBerry device user makes unless the phone numbers use a fixed dialing pattern.

  • Page 125: Disable Automatic Login It Policy Rule

    Policy Reference Guide Instant Messaging policy group This rule specifies whether a BlackBerry® device user can add a contact to a BlackBerry device by searching the contact list when the user uses a collaboration client (such as the BlackBerry® Client for use with Microsoft® Office Communications Server 2007). Default value The default value is No.

  • Page 126: Disable Emailing Conversation It Policy Rule

    Policy Reference Guide Instant Messaging policy group • BlackBerry® Enterprise Server version 5.0 SP1 Disable Emailing Conversation IT policy rule Description This rule specifies whether a user can send an instant messaging conversation in an email message from a BlackBerry® device. Default value The default value is No.

  • Page 127: Disable Saving Conversation It Policy Rule

    Policy Reference Guide Instant Messaging policy group If you change this rule to No, a BlackBerry device might require additional software to deliver messages when the BlackBerry device is offline. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.5 •...

  • Page 128: Maximum File Transfer Size (Mb) It Policy Rule

    Policy Reference Guide Location Based Services policy group Maximum File Transfer Size (MB) IT policy rule Description This rule specifies the maximum size (in bytes) of files that a collaboration client can send to an instant messaging server. The permitted range is 0 through 6 MB. Default value The default value is 6 MB.

  • Page 129: Enable Enterprise Location Tracking It Policy Rule

    Policy Reference Guide Location Based Services policy group This rule specifies whether the BlackBerry® Maps feature is turned on. Default value The default value is No. Minimum requirements • BlackBerry® Application Suite version 1.0 • BlackBerry® Enterprise Server version 4.0 SP6 Enable Enterprise Location Tracking IT policy rule Description This rule specifies whether a BlackBerry®...

  • Page 130: Enterprise Location Tracking User Prompt Message It Policy Rule

    Policy Reference Guide MDS Integration Service policy group Enterprise Location Tracking User Prompt Message IT policy rule Description This rule specifies the message that a BlackBerry® device displays to notify a user that the BlackBerry® Enterprise Server is tracking the location of the BlackBerry device. Default value The default value is "Your location is now being tracked at the server."...

  • Page 131: Disable Activation With Public Blackberry Mds Integration Service It Policy Rule

    Policy Reference Guide MDS Integration Service policy group The default value is Yes. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.5 • BlackBerry® Enterprise Server version 5.0 • BlackBerry® Application Suite version 1.0 Disable Activation With Public BlackBerry MDS Integration Service IT policy rule Description This rule specifies whether to prevent a BlackBerry®...

  • Page 132: Disable User-Initiated Activation With Public Blackberry Mds Integration Service It Policy Rule

    Policy Reference Guide MDS Integration Service policy group Disable User-Initiated Activation With Public BlackBerry MDS Integration Service IT policy rule Description This rule specifies whether to prevent a BlackBerry® device user from initiating a connection with the BlackBerry MDS Integration Service.

  • Page 133: Queue Limit For Inbound Application Messages It Policy Rule

    Policy Reference Guide MDS Integration Service policy group The default value is 1. Usage Change this rule to 1 to permit a BlackBerry device that is running BlackBerry MDS Runtime version 1.1 or later to communicate with all versions of the BlackBerry MDS Integration Service. Change this rule to 2 to permit a BlackBerry device that is running BlackBerry MDS Runtime version 1.1 or later to communicate with BlackBerry MDS Integration Service version 4.1 SP2 or later only.

  • Page 134: Verify Blackberry Mds Integration Service Certificate It Policy Rule

    Policy Reference Guide Memory Cleaner policy group Verify BlackBerry MDS Integration Service Certificate IT policy rule Description This rule specifies whether the BlackBerry® MDS Runtime verifies the BlackBerry MDS Integration Service certificate. Default value The default value is No. The BlackBerry MDS Integration Service permits unauthenticated connections from a BlackBerry device that is running BlackBerry MDS Runtime version 1.1 or later.

  • Page 135: Force Memory Clean When Holstered It Policy Rule

    Policy Reference Guide Memory Cleaner policy group Force Memory Clean When Holstered IT policy rule Description This rule specifies whether a BlackBerry® device cleans its memory while in the BlackBerry device holster. Default value The default value is No. Minimum requirements •...

  • Page 136: On-Device Help Policy Group

    Policy Reference Guide On-Device Help policy group This rule specifies the maximum time (in minutes) that a BlackBerry® device can be inactive before the BlackBerry device cleans its memory. The permitted range is 1 through 60 minutes. Default value The default value is 60 minutes. Dependencies A BlackBerry device uses this rule only if you configure the Force Memory Clean When Idle IT policy rule to Yes.

  • Page 137: On-Device Help Links It Policy Rule

    Policy Reference Guide Password policy group On-Device Help Links IT policy rule Description This rule specifies links to add to the index page of the help on a BlackBerry® device. Default value The default value is a null value. Usage Specify links using the following format: <uri1|label1|>...<|urix|labelx>...

  • Page 138: Forbidden Passwords It Policy Rule

    Policy Reference Guide Password policy group Configure this rule to permit a user to notify you that a BlackBerry device might have been stolen. Instruct users how to use the duress password feature. To prevent an unlocked BlackBerry device that was stolen from receiving a response to the duress notification, the email address that you specify should be active and you should not configure an out-of-office reply for it.

  • Page 139: Periodic Challenge Time It Policy Rule

    Policy Reference Guide Password policy group The default value in the Default and Basic password security IT policies is 0. The BlackBerry device does not check for reused passwords. The default value in all other preconfigured IT policies is 6. Minimum requirements •...

  • Page 140: Set Maximum Password Attempts It Policy Rule

    Policy Reference Guide Password policy group Set Maximum Password Attempts IT policy rule Description This rule specifies the number of password attempts that a user can make before a BlackBerry® device permanently deletes all of the application data. The permitted range is 3 through 10 attempts. Default value The default setting is 10 password attempts.

  • Page 141: Suppress Password Echo It Policy Rule

    Policy Reference Guide By default, the maximum security timeout interval is 60 minutes. Minimum requirements • Java® based BlackBerry device • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 1.2, 2.0, 2.1, or 4.0 • BlackBerry Device Software version 3.6 •...

  • Page 142: Pim Synchronization Policy Group

    Policy Reference Guide PIM Synchronization policy group PIM Synchronization policy group Disable Address Wireless Synchronization IT policy rule Description This rule specifies whether wireless data synchronization for the address book on a BlackBerry® device is turned off. Default value The default value is No. Minimum requirements •...

  • Page 143: Disable Blackberry Messenger Wireless Synchronization It Policy Rule

    Policy Reference Guide PIM Synchronization policy group The BlackBerry device does not report its IT policy time, model name, BlackBerry® Device Software version, phone number, or SIM information to the BlackBerry® Enterprise Server, although you can verify this information on the BlackBerry device. If you apply this rule, the user account name no longer appears in the SyncDeviceMgmtSummary table in the BlackBerry Configuration Database.

  • Page 144: Disable Enterprise Activation Progress It Policy Rule

    Policy Reference Guide PIM Synchronization policy group • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 (internal) • BlackBerry® Enterprise Server version 4.0 Exceptions The BlackBerry® Enterprise Server for Novell® GroupWise® supports this rule only for Java based BlackBerry devices. Disable Enterprise Activation Progress IT policy rule Description This rule specifies whether the Home screen displays enterprise activation progress.

  • Page 145: Disable Phone Call Log Wireless Synchronization It Policy Rule

    Policy Reference Guide PIM Synchronization policy group Disable Phone Call Log Wireless Synchronization IT policy rule Description This rule specifies whether wireless data synchronization for call logs is turned off. Default value The default value is No. Minimum requirements • Java®...

  • Page 146: Disable Task Wireless Sync It Policy Rule

    Policy Reference Guide PIM Synchronization policy group If you change this rule to No, the BlackBerry® Enterprise Server logs all SMS text messages in unencrypted format to the log file that you specify. Make sure that the log file is in a location that restricts internal and external user access. Minimum requirements •...

  • Page 147: Pgp Application Policy Group

    Policy Reference Guide PGP Application policy group If a BlackBerry device is disconnected from the computer during the initial data transfer, the BlackBerry® Desktop Software sends the remaining data over the wireless network. Minimum requirements • C++ based BlackBerry device that is running BlackBerry® Device Software version 2.7 •...

  • Page 148: Pgp Allowed Encrypted Attachment Mode

    Policy Reference Guide PGP Application policy group If you configure the FIPS Level IT policy rule to 2, a BlackBerry device uses AES (256-bit), AES (192-bit), AES (128-bit), and Triple DES encryption. Minimum requirements • Java® based BlackBerry device • PGP®...

  • Page 149: Pgp Blind Copy Address It Policy Rule

    Policy Reference Guide PGP Application policy group PGP Blind Copy Address IT policy rule Description This rule specifies an email address that is added as a BCC recipient to all encrypted PGP® messages that a BlackBerry® device sends. Default value The default value is a null value.

  • Page 150: Pgp Force Encrypted Messages It Policy Rule

    Policy Reference Guide PGP Application policy group PGP Force Encrypted Messages IT policy rule Description This rule specifies whether a BlackBerry® device encrypts all PGP® protected messages that it sends. Default value The default value is No. Usage If you apply this rule, you might override secure email policy settings on the PGP Universal Server. Minimum requirements •...

  • Page 151: Pgp Minimum Strong Dsa Key Length It Policy Rule

    Policy Reference Guide PGP Application policy group The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. PGP Minimum Strong DSA Key Length IT policy rule Description This rule specifies the minimum DSA key size (in bits) to use with PGP® protected messages. The permitted range is 512 through 1024 bits.

  • Page 152: Pgp More All And Send Mode It Policy Rule

    Policy Reference Guide PGP Application policy group • BlackBerry® Device Software version 4.1 • BlackBerry® Enterprise Server version 4.0 SP2 Exceptions The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. PGP More All and Send Mode IT policy rule Description This rule specifies the mode that a BlackBerry®...

  • Page 153: Pgp Universal Policy Cache Timeout It Policy Rule

    Policy Reference Guide PGP Application policy group • BlackBerry® Enterprise Server version 4.0 SP2 Exceptions The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. PGP Universal Policy Cache Timeout IT policy rule Description This rule specifies the length of time (in hours) that a BlackBerry® device caches the PGP® Universal Server address. The permitted range is 4 through 48 hours.

  • Page 154: Phone Policy Group

    Policy Reference Guide Phone policy group • PGP® Support Package for BlackBerry® smartphones version 4.1 • BlackBerry® Application Suite version 1.0 • BlackBerry® Device Software version 4.1 • BlackBerry® Enterprise Server version 4.0 SP2 Exceptions The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. Phone policy group Outgoing Call Redirection IT policy rule Description...

  • Page 155: Rim Value-Added Applications Policy Group

    Policy Reference Guide RIM Value-Added Applications policy group • To configure a device to forward 411 calls to your organization's help desk, type remap0,411,+15191231234,0,0. • To forward an international phone number to a toll free phone number, type remap0,+447700001111,18770001111,0,0. To use this rule to forward multiple phone numbers, use semi-colons (;) to separate the forwarding information. For example, remap0,*,1519,7,7;remap0,411,+15191231234,0,0;remap0,*,4567,6,6.

  • Page 156: Allow Tivo For Blackberry Application It Policy Rule

    Policy Reference Guide RIM Value-Added Applications policy group This rule specifies whether a user can change the URL for the BlackBerry® Social Networking Application Proxy for IBM® Lotus® Quickr™ on a BlackBerry device. Default value The default value is Yes. A BlackBerry device user can change the URL that you specify in the BlackBerry Social Network Application Proxy URL for Lotus Quickr IT policy rule.

  • Page 157: Blackberry Social Network Application Proxy Url For Lotus Quickr It Policy Rule

    Policy Reference Guide RIM Value-Added Applications policy group If you configure this rule, you can use the Allow Edits to BlackBerry Social Networking Application Proxy for Lotus Connections IT policy rule to control whether the BlackBerry device user can change this web address. If you do not configure this rule, a user can configure the web address for the server on the BlackBerry device.

  • Page 158: Disable Blackberry Wallet It Policy Rule

    Policy Reference Guide RIM Value-Added Applications policy group The default value is No. A device can run eBay for BlackBerry smartphones. Minimum requirements • Java® based BlackBerry device • BlackBerry® Enterprise Server 5.0 SP2 Disable BlackBerry Wallet IT policy rule Description This rule specifies whether to prevent BlackBerry®...

  • Page 159: Disable Lotus Connections It Policy Rule

    Policy Reference Guide RIM Value-Added Applications policy group If you change this rule to Yes, the device cannot run the Feeds application. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software 6.0 • BlackBerry® Enterprise Server 5.0 SP2 Disable Lotus Connections IT policy rule Description This rule specifies whether to prevent IBM®...

  • Page 160: Enable The "Tell A Friend" Feature In Blackberry Client For Lotus Connections It Policy Rule

    Policy Reference Guide RIM Value-Added Applications policy group • BlackBerry® Enterprise Server version 4.1 SP6 Exceptions This rule does not apply to some applications such as the following: Yahoo!® Messenger for BlackBerry® devices, Windows Live™ Messenger for BlackBerry® devices, AOL® Instant Messenger™ service (AIM® service) for BlackBerry® devices, ICQ® for BlackBerry®...

  • Page 161: Lotus Connections Activities Server It Policy Rule

    Policy Reference Guide RIM Value-Added Applications policy group • BlackBerry® Enterprise Server version 4.1 SP7 Lotus Connections Activities Server IT policy rule Description This rule specifies the address of the server that hosts the IBM® Lotus® Connections Activities component. Default value The default value is a null value.

  • Page 162: Lotus Connections Dogear Server It Policy Rule

    Policy Reference Guide RIM Value-Added Applications policy group This rule specifies the address of the server that hosts the IBM® Lotus® Connections Communities component. Default value The default value is a null value. Usage If you configure this rule, users can use the specified server address only. If you do not configure this rule, users must specify the server address manually.

  • Page 163: Prevent Blackberry Podcasts It Policy Rule

    Policy Reference Guide RIM Value-Added Applications policy group If you do not configure this rule, users must specify the server address manually. This rule applies to BlackBerry® Client for IBM® Lotus® Connections 1.0 only. Minimum requirements • BlackBerry® Enterprise Server version 4.1 SP6 Prevent BlackBerry Podcasts IT policy rule Description This rule specifies whether a BlackBerry®...

  • Page 164: Prevent Uploading Of Videos To Youtube It Policy Rule

    Policy Reference Guide Secure Email policy group • Java® based BlackBerry device • BlackBerry® Device Software 6.0 • BlackBerry® Enterprise Server 5.0 SP2 Prevent uploading of videos to YouTube IT policy rule Description This rule specifies whether a BlackBerry® device user can upload videos to YouTube® using the YouTube® video uploader for BlackBerry®...

  • Page 165: Disable Certificate Address Checks It Policy Rule

    Policy Reference Guide Security policy group This rule is intended for use in organizations where users' certificates contain a long-lived email address, but users typically send email messages from a shorter-lived email address with the same username component and a different domain component. Use a comma (,) to separate multiple domain names.

  • Page 166: Allow Internal Connections It Policy Rule

    Policy Reference Guide Security policy group The default value is Yes. Minimum requirements • Java® based BlackBerry® device • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 (internal) • BlackBerry® Device Software version 3.6 • BlackBerry® Enterprise Server for IBM® Lotus® Domino® and BlackBerry® Enterprise Server for Novell® GroupWise® version •...

  • Page 167: Allow Resetting Of Idle Timer It Policy Rule

    Policy Reference Guide Security policy group The default value is No. Minimum requirements • Java® based BlackBerry device • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 (internal) • BlackBerry® Device Software version 3.6 • BlackBerry® Enterprise Server for IBM® Lotus® Domino® version 4.0 •...

  • Page 168: Allow Smart Card Password Caching It Policy Rule

    Policy Reference Guide Security policy group Allow Smart Card Password Caching IT policy rule Description This rule specifies whether a BlackBerry® device can cache the smart card password. Default value The default value is No. Usage Change this rule to Yes to cache the smart card password for the period of time that the private key timeout sets. The memory cleaner application deletes the password when the timeout expires.

  • Page 169: Allow Third Party Apps To Use Persistent Store It Policy Rule

    Policy Reference Guide Security policy group • BlackBerry® Enterprise Server for Microsoft® Exchange version 3.6 Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this rule in BlackBerry Device Software version 4.0 or later. Allow Third Party Apps to Use Persistent Store IT policy rule Description This rule specifies whether third-party applications can use the persistent store API on a BlackBerry®...

  • Page 170: Allowed Authentication Mechanisms It Policy Rule

    Policy Reference Guide Security policy group The BlackBerry Enterprise Server for Novell GroupWise supports this rule in BlackBerry Device Software version 4.0 or later. Allowed Authentication Mechanisms IT policy rule Description This rule specifies the types of authentication mechanisms that a BlackBerry® device user can turn on. Authentication mechanisms control access to a BlackBerry device.

  • Page 171: Content Protection Of Contact List It Policy Rule

    Policy Reference Guide Security policy group • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 Content Protection of Contact List IT policy rule Description This rule specifies whether a user can choose to encrypt the contact list on a BlackBerry® device when content protection is turned on.

  • Page 172: Content Protection Usage It Policy Rule

    Policy Reference Guide Security policy group The default value in the Advanced security and Advanced Security with No 3rd Party Applications IT policies is Strong. The default value in all other preconfigured IT policies is a null value. Usage Configure this rule to Strong to use a 160-bit ECC public key. This key provides good security and good performance and is adequate for most situations.

  • Page 173: Desktop Backup It Policy Rule

    Policy Reference Guide Security policy group The default value is Allowed. You or a user can turn on content protection. Usage If you or a user turns on content protection, you or the user can configure a locked device to encrypt stored user data and data that the locked device receives.

  • Page 174: Disable 3Des Transport Crypto It Policy Rule

    Policy Reference Guide Security policy group • Java® based BlackBerry device • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 Disable 3DES Transport Crypto IT policy rule Description This rule specifies whether to prevent a BlackBerry®...

  • Page 175: Disable Browsing Of Remote Shared Folders It Policy Rule

    Policy Reference Guide Security policy group • BlackBerry® Device Software 4.2 • BlackBerry Enterprise Server 4.1 SP7 Disable Browsing Of Remote Shared Folders IT policy rule Description This rule specifies whether a BlackBerry® device user can browse shared folders and files located on the servers in your organization's network using the file browser on a device.

  • Page 176: Disable External Memory It Policy Rule

    Policy Reference Guide Security policy group The default value is No. Minimum requirements • Java® based BlackBerry device • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 Disable External Memory IT policy rule Description This rule specifies whether to prevent a BlackBerry®...

  • Page 177: Disable Geo-Tagging Of Photos It Policy Rule

    Policy Reference Guide Security policy group • BlackBerry Enterprise Server version 4.0 Disable Geo-Tagging of Photos IT policy rule Description This rule specifies whether to prevent a BlackBerry® device from adding geographical co-ordinates to the metadata of stored pictures. Default value The default value is No.

  • Page 178: Disable Ip Modem It Policy Rule

    Policy Reference Guide Security policy group This rule specifies whether to prevent a user from sending an email message from a BlackBerry® device using an expired or invalid certificate. Default value The default value is No. A BlackBerry device warns the user that the certificate is expired or invalid, but it does not prevent the user from using the certificate.

  • Page 179: Disable Key Store Low Security It Policy Rule

    Policy Reference Guide Security policy group The default value is No. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 • BlackBerry® Connect™ version 4.0 Disable Key Store Low Security IT policy rule Description This rule (also known as Disable Security Data Low Security IT policy rule) specifies whether to prevent a BlackBerry®...

  • Page 180: Disable Message Normal Send It Policy Rule

    Policy Reference Guide Security policy group The default value is No. Usage This rule controls whether a BlackBerry device can transfer files from the on-board device memory or Advanced Security microSD card using the FTP channel. When you permit the device to transfer files using FTP, the device does not protect the files using content protection. The device can encrypt the data on the media card if you configure the External File System Encryption Level IT policy rule.

  • Page 181: Disable Peer-To-Peer Normal Send It Policy Rule

    Policy Reference Guide Security policy group • BlackBerry® Connect™ version 4.0 • BlackBerry® Device Software version 3.6 • BlackBerry® Enterprise Server for IBM® Lotus® Domino® and BlackBerry® Enterprise Server for Novell® GroupWise® version • BlackBerry® Enterprise Server for Microsoft® Exchange version 3.6 Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this rule in BlackBerry Device Software version 4.0 or later.

  • Page 182: Disable Public Photo Sharing Applications It Policy Rule

    Policy Reference Guide Security policy group This rule specifies whether to prevent applications from keeping the plain text form of a content-protected object in the persistent store on a BlackBerry® device (for example, the file system). Default value The default value is No. The BlackBerry device can keep the plain text form of a content-protected object in the persistent store. Usage Configure this rule only if you require that sensitive data does not persist in plain text form on a BlackBerry device.

  • Page 183: Disable Public Social Networking Applications It Policy Rule

    Policy Reference Guide Security policy group Disable Public Social Networking Applications IT policy rule Description This rule specifies whether a user can install public social networking applications on a BlackBerry® device to access public social networking services (for example, Facebook®). Default value The default value is No.

  • Page 184: Disable Smart Password Entry It Policy Rule

    Policy Reference Guide Security policy group This rule specifies whether to prevent a BlackBerry® device user from sending email messages that are encrypted using revoked certificates. Default value The default value is No. A BlackBerry device warns the user that the certificate is revoked, but it does not prevent the user from using the certificate.

  • Page 185: Disable Stale Certificate Status Checks It Policy Rule

    Policy Reference Guide Security policy group Disable Stale Certificate Status Checks IT policy rule Description This rule specifies whether a BlackBerry® device displays warnings and indicators if the user receives an email message that includes a certificate with a stale status. Default value The default value is No.

  • Page 186: Disable Untrusted Certificate Use It Policy Rule

    Policy Reference Guide Security policy group Disable Untrusted Certificate Use IT policy rule Description This rule specifies whether to prevent a BlackBerry® device user from sending an email message that is encrypted with a certificate that the BlackBerry device does not trust. Default value The default value is No.

  • Page 187: Disable Unverified Crls It Policy Rule

    Policy Reference Guide Security policy group Disable Unverified CRLs IT policy rule Description This rule specifies whether to prevent a BlackBerry® device user from accepting CRLs that are not verified on the BlackBerry MDS Connection Service when checking the status of a certificate. Default value The default value is No.

  • Page 188: Disable Weak Certificate Use It Policy Rule

    Policy Reference Guide Security policy group • BlackBerry® Enterprise Server 4.0 SP6 Disable Weak Certificate Use IT policy rule Description This rule specifies whether to prevent a BlackBerry® device user from sending an email message using a certificate that has a corresponding weak public key.

  • Page 189: Encryption On On-Board Device Memory Media Files It Policy Rule

    Policy Reference Guide Security policy group If you configure the value of this rule to Yes, a user cannot install third-party applications and a user can install only applications that RIM creates if you do not send the applications to the device using software configurations or if the user is not using the BlackBerry®...

  • Page 190: Fips Level It Policy Rule

    Policy Reference Guide Security policy group This rule specifies the level of encryption that a BlackBerry® device uses to encrypt files that it stores on a media card. Default values The default value in the Default IT policy is Not required. The default value in the Advanced Security and Advanced Security with No 3rd Party Applications IT policies is Encrypt to User Password (excluding multimedia directories).

  • Page 191: Firewall Block Incoming Messages It Policy Rule

    Policy Reference Guide Security policy group Default value The default value is FIPS 140-2 Level 1 compliance. Usage This rule is obsolete in BlackBerry® Enterprise Server versions 4.1 SP3 and later and BlackBerry® Device Software versions 4.2.1 and later. FIPS 140-2 Level 1 compliance affects the BlackBerry® Cryptographic Kernel, which is the embedded cryptographic module required for basic operation of a BlackBerry device.

  • Page 192: Firewall Whitelist Addresses It Policy Rule

    Policy Reference Guide Security policy group This rule specifies whether the BlackBerry® device firewall prevents the BlackBerry device from processing specific types of incoming messages, including SMS text messages, MMS messages, public and organization-specific PIN messages, and BlackBerry® Internet Service messages. Note: You use the default PIN encryption key to send public PIN messages that are known to all BlackBerry devices.

  • Page 193: Force Content Protection Of Master Keys It Policy Rule

    Policy Reference Guide Security policy group Force Content Protection Of Master Keys IT policy rule Description This rule specifies whether content protection for device transport keys that a BlackBerry® device stores is turned on. Default value The default value is No. Usage Content protection is designed to encrypt the device transport keys on a BlackBerry device using 256-bit AES, and to store them in the BlackBerry device memory.

  • Page 194: Force Display It Policy Viewer Icon On Homescreen It Policy Rule

    Policy Reference Guide Security policy group Force Display IT Policy Viewer Icon on Homescreen IT policy rule Description This rule specifies whether a BlackBerry® device displays the IT Policy Viewer icon in the Application folder on the device. Default value The default value is No.

  • Page 195: Force Lock When Holstered It Policy Rule

    Policy Reference Guide Security policy group This rule specifies whether BlackBerry® Pearl™ 8220 and BlackBerry® 8210 smartphones are security locked automatically when the flip is closed. Default value The default value is No. Minimum requirements • Java® based BlackBerry Pearl 8220 device •...

  • Page 196: Force Notifications For Keys With Medium Security Level It Policy Rule

    Policy Reference Guide Security policy group To use multifactor authentication on a BlackBerry device, change this rule to Yes. If multiple authentication mechanisms are permitted, a lock icon appears on the BlackBerry device to indicate that a user cannot change it. Minimum requirements •...

  • Page 197: Force Smart Card Two Factor Authentication It Policy Rule

    Policy Reference Guide Security policy group If you change this rule to Yes, and the BlackBerry Smart Card Reader or Advanced Security SD card is lost or stolen, a user must delete all device data permanently. Dependencies You must configure the Force Smart Card Two-Factor Authentication IT policy rule to Yes to use this rule. Minimum requirements •...

  • Page 198: Force Smart Card Two Factor Challenge Response It Policy Rule

    Policy Reference Guide Security policy group Force Smart Card Two Factor Challenge Response IT policy rule Description This rule specifies whether the user must choose a smart card certificate to use with smart card two-factor authentication. This feature is designed to increase the security of smart card two-factor authentication, but when it is turned on, a BlackBerry® device requires more time to unlock.

  • Page 199: Lock On Proximity Authenticator Disconnect It Policy Rule

    Policy Reference Guide Security policy group If you change this rule to 0, a BlackBerry device cannot cache the key store password and cannot reduce the number of password prompts. Minimum requirements • Java® based BlackBerry device • BlackBerry® Application Suite version 1.0 •...

  • Page 200: Login Disclaimer It Policy Rule

    Policy Reference Guide Security policy group Not all smart card reader drivers support smart card removal detection. Default value The default value is No. Usage If you change this rule to Yes, to use a BlackBerry device, users might require an authenticator module for the smart card and must have a smart card driver and a BlackBerry Smart Card Reader driver installed on the BlackBerry device.

  • Page 201: Maximum Smart Card User Authenticator Certificate Status Check Period It Policy Rule

    Policy Reference Guide Security policy group Maximum Smart Card User Authenticator Certificate Status Check Period IT policy rule Description This rule specifies the maximum length of time (in minutes) that can elapse between status checks of the user authentication certificates that a BlackBerry® device uses with smart cards. During each period, the BlackBerry device requests the status of the certificate.

  • Page 202: Message Classification Title It Policy Rule

    Policy Reference Guide Security policy group This rule specifies the set of message classifications that are available to apply to email messages sent using the BlackBerry® Enterprise Server. Default value The default value is a null value. Minimum requirements • Java®...

  • Page 203: Minimal Signing Key Store Security Level It Policy Rule

    Policy Reference Guide Security policy group When you configure this rule, all keys must use the security level that you configure as the minimum, but a user can configure a higher security level on the BlackBerry device. Minimum requirements • Java®...

  • Page 204: Require Secure Apb Messages It Policy Rule

    Policy Reference Guide Security policy group Default value The default value is No. Dependencies A BlackBerry device uses this rule only if you configure the Password Required IT policy rule to Yes. Minimum requirements • Java® based BlackBerry device • BlackBerry®...

  • Page 205: Reset To Factory Defaults On Wipe It Policy Rule

    Policy Reference Guide Security policy group Use the following characters in the password pattern to specify the character type that is permitted and its position in the password: • a: Permits any letter. • A: Permits an uppercase letter only. •...

  • Page 206: Secure Wipe Delay After It Policy Received It Policy Rule

    Policy Reference Guide Security policy group For BlackBerry devices that are running BlackBerry Device Software versions that are earlier than version 5.0, this rule is enforced only when an administrator erases the data remotely. Minimum requirements • Java® based BlackBerry device •...

  • Page 207: Secure Wipe If Low Battery It Policy Rule

    Policy Reference Guide Security policy group Use this rule to require that a BlackBerry device delete the user data if the user has not unlocked the BlackBerry device within the specified period of time. Minimum requirements • Java® based BlackBerry device •...

  • Page 208: Security Transcoder Cod File Hashes It Policy Rule

    Policy Reference Guide Security policy group • 0xffffff: white • 0x000000: black • 0xff0000: red • 0x00ff00: green • 0x0000ff: blue Minimum requirements • Java® based BlackBerry device • BlackBerry® Connect™ version 4.0 • BlackBerry® Device Software version 4.0 • BlackBerry Enterprise Server version 4.0 Security Transcoder Cod File Hashes IT policy rule Description...

  • Page 209: Two Factor Content Protection Usage It Policy Rule

    Policy Reference Guide Security policy group The default value is a null value. Usage If you configure this rule, a user can only add certificates to the trusted key store that use the thumbprints that appear in the defined list. The SHA-256 algorithm and SHA-512 algorithm require BlackBerry®...

  • Page 210: Weak Digest Algorithms It Policy Rule

    Policy Reference Guide S/MIME Application policy group Alternatively, instead of changing the value of the Force Smart Card Two Factor Authentication IT policy rule to Yes, you can change the value of the Force Multi Factor Authentication IT policy rule to Yes and change the Allowed Authentication Mechanisms IT policy rule to use only a smart card user authenticator.

  • Page 211: S/Mime Allowed Content Ciphers It Policy Rule

    Policy Reference Guide S/MIME Application policy group This rule specifies the email address for your organization's Entrust Entelligence™ Messaging Server. Default value The default value is a null value. Usage Use a null value if your organization does not use an Entrust Entelligence messaging server. Minimum requirements •...

  • Page 212: S/Mime Allowed Encrypted Attachment Mode It Policy Rule

    Policy Reference Guide S/MIME Application policy group • BlackBerry® Enterprise Server version 4.0 SP3 Exceptions The BlackBerry® Enterprise Server for Novell® GroupWise® does not support this rule. S/MIME Allowed Encrypted Attachment Mode IT policy rule Description This rule specifies the mode for retrieving S/MIME-protected attachment information on a BlackBerry® device. Default value The default value is Automatic.

  • Page 213: S/Mime Force Digital Signature It Policy Rule

    Policy Reference Guide S/MIME Application policy group This rule specifies an email address that is added as a BCC recipient to all sent S/MIME-protected messages. Default value The default value is a null value. Minimum requirements • Java® based BlackBerry® device •...

  • Page 214: S/Mime Force Smartcard Use It Policy Rule

    Policy Reference Guide S/MIME Application policy group The default value is No. Minimum requirements • Java® based BlackBerry device • S/MIME Support Package for BlackBerry® smartphones version 1.5 • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 • BlackBerry®...

  • Page 215: S/Mime Minimum Strong Dsa Key Length It Policy Rule

    Policy Reference Guide S/MIME Application policy group The default value is 1024 bits. Minimum requirements • Java® based BlackBerry® device • S/MIME Support Package for BlackBerry® smartphones version 1.5 • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 •...

  • Page 216: S/Mime Minimum Strong Rsa Key Length It Policy Rule

    Policy Reference Guide S/MIME Application policy group The default value is 163 bits. Minimum requirements • Java® based BlackBerry® device • S/MIME Support Package for BlackBerry® smartphones version 1.5 • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 •...

  • Page 217: Service Exclusivity Policy Group

    Policy Reference Guide Service Exclusivity policy group The default value is Manual. A BlackBerry device user must request the complete text of the email message when the user replies to or forwards that email message. Usage Change this rule to Automatic to retrieve the complete text of the email message automatically. Minimum requirements •...

  • Page 218: Allow Other Message Services It Policy Rule

    Policy Reference Guide Service Exclusivity policy group The default value is Yes. Usage Change this rule to No to require that a BlackBerry device user in your organization send appointments using a BlackBerry® Enterprise Server within your organization's environment. Minimum requirements •...

  • Page 219: Allow Public Google Talk Services It Policy Rule

    Policy Reference Guide Service Exclusivity policy group Change this rule to No to prevent communication using AIM on a BlackBerry device. Minimum requirements • BlackBerry® Application Suite version 1.0 • BlackBerry® Enterprise Server version 3.6 SP6 Allow Public Google Talk Services IT policy rule Description This rule specifies whether a user can use Google Talk™...

  • Page 220: Allow Public Im Services It Policy Rule

    Policy Reference Guide Service Exclusivity policy group Allow Public IM Services IT policy rule Description This rule specifies whether a user can use public instant messaging applications for BlackBerry® devices. Default value The default value is Yes. Usage Change this rule to No to prevent using public instant messaging services on a BlackBerry device. This rule applies to all Research In Motion®...

  • Page 221: Allow Network Address Book Sync It Policy Rule

    Policy Reference Guide SIM Application Toolkit policy group The default value is Yes. Usage Change this rule to No to prevent communication using Yahoo! Messenger on a BlackBerry device. Minimum requirements • BlackBerry® Application Suite version 1.0 • BlackBerry® Connect™ version 4.0 •...

  • Page 222: Disable Sim Call Control It Policy Rule

    Policy Reference Guide SIM Application Toolkit policy group This rule specifies whether to prevent a wireless network or SIM card from querying a BlackBerry® device for certain location- related information. Default setting The default setting is No. Usage The information that the SIM card can query is limited to the current wireless network and cell identities, BlackBerry device IMEI, date, time, and some measurement results.

  • Page 223: Smart Dialing Policy Group

    Policy Reference Guide Smart Dialing policy group The default setting is No. Minimum requirements • Java® based BlackBerry® device • S/MIME Support Package for BlackBerry® smartphones version 4.0 • BlackBerry® Connect™ version 4.0 • BlackBerry® Application Suite version 1.0 • BlackBerry®...

  • Page 224: Set Local Country Code It Policy Rule

    Policy Reference Guide Smart Dialing policy group The default value is a null value. Usage This rule is obsolete in BlackBerry® Enterprise Server versions 4.1 SP4 and later and BlackBerry® Device Software versions 4.0.2 and later. Instead, consider configuring the Restrict Incoming Cellular Calls rule and Restrict Outgoing Cellular Calls rule in the Firewall policy group.

  • Page 225: Smart Dialing Allow Device Changes It Policy Rule

    Policy Reference Guide This rule specifies the length of the national phone number. Default value The default value is a null value. Usage This rule is obsolete in BlackBerry® Enterprise Server versions 4.1 SP4 and later and BlackBerry® Device Software versions 4.0.2 and later.

  • Page 226: Tcp Policy Group

    Policy Reference Guide TCP policy group TCP policy group TCP APN IT policy rule Description This rule specifies whether a default APN is required when a BlackBerry® device uses TCP. The length of this string is limited to 120 characters. Default value The default value is a null value.

  • Page 227: Tls Application Policy Group

    Policy Reference Guide TLS Application policy group This rule specifies whether a default APN user name is required when a BlackBerry® device uses TCP. The length of this string is limited to 32 characters. Default value The default value is a null value. Minimum requirements •...

  • Page 228: Tls Disable Untrusted Connection It Policy Rule

    Policy Reference Guide TLS Application policy group This rule specifies whether to prevent a BlackBerry® device from permitting TLS connections to servers that have invalid certificates. Default value The default value is Prompt user on BlackBerry device. Minimum requirements • Java®...

  • Page 229: Tls Disable Weak Digests It Policy Rule

    Policy Reference Guide TLS Application policy group TLS Disable Weak Digests IT policy rule Description This rule specifies whether a BlackBerry® device can use weak digests during TLS connections. Default value The default value for BlackBerry devices that are running BlackBerry® Device Software versions that are earlier than version 5.0 is Allow weak digests.

  • Page 230: Tls Minimum Strong Dsa Key Length It Policy Rule

    Policy Reference Guide TLS Application policy group TLS Minimum Strong DSA Key Length IT policy rule Description This rule specifies the minimum DSA key size (in bits) to use over TLS connections. The permitted range is 512 through 1024 bits. Default value The default value on a BlackBerry®...

  • Page 231: Tls Minimum Strong Rsa Key Length It Policy Rule

    Policy Reference Guide TLS Application policy group For example, when a user browses to a secure web site that uses a 160-bit ECC key in its certificate, the BlackBerry device prompts the user to trust the web site. If the user trusts the web site and selects the Don't Ask Again option, the minimum key size on the BlackBerry device is configured to 160 bits.

  • Page 232: Tls Prevent Unmatched Domain Name It Policy Rule

    Policy Reference Guide User Feedback IT policy group TLS Prevent Unmatched Domain Name IT policy rule Description This rule specifies whether to prevent a BlackBerry® device from opening a TLS connection to a server that has a domain name that does not match any domain names in the server's certificate. Default value The default value is Prompt user on BlackBerry device.

  • Page 233: Allow User Feedback It Policy Rule

    Policy Reference Guide Visual Voice Mail policy group Allow User Feedback IT policy rule Description This rule specifies whether a user can provide feedback to Research In Motion. Default value The default value is No. Usage Change this rule to Yes to allow a user to provide feedback. Minimum requirements •...

  • Page 234: Password Complexity It Policy Rule

    Policy Reference Guide Visual Voice Mail policy group This rule specifies whether to permit a BlackBerry® device user access to visual voice mail. Default value The default value is No. Usage Change this rule to Yes to prevent a BlackBerry device user from accessing visual voice mail. Note: If a wireless service provider gives a BlackBerry device user access to visual voice mail, it might prevent the user from receiving standard voice mail notifications.

  • Page 235: Voip Policy Group

    Policy Reference Guide VoIP policy group • BlackBerry® Connect™ version 4.5 • BlackBerry® Device Software version 4.5 VoIP policy group Allow VoIP IT policy rule Description This rule specifies whether a user with a Wi-Fi® enabled BlackBerry® device can make VoIP calls. Default value The default value is Yes.

  • Page 236: Sip Authentication Id It Policy Rule

    Policy Reference Guide VoIP policy group SIP Authentication ID IT policy rule Description This rule specifies the SIP authentication ID that a BlackBerry® device uses to authenticate to your organization's SIP server. Default value The default value is a null value. Usage Specify a value only if your organization’s SIP server requires it.

  • Page 237: Sip Realm It Policy Rule

    Policy Reference Guide VoIP policy group The default value is 5060. Usage This rule is made obsolete by BlackBerry® Mobile Voice System. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software e version 4.0 • BlackBerry® Enterprise Server version 4.0 SP1 SIP Realm IT policy rule Description This rule specifies the name of the SIP domain or host that shares authentication information with your organization's SIP server.

  • Page 238: Sip Rtp Media Port It Policy Rule

    Policy Reference Guide VoIP policy group • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 SP1 SIP RTP Media Port IT policy rule Description This rule specifies the port number that a BlackBerry® device uses for outgoing RTP media streams. The permitted range is 1 through 65535.

  • Page 239: Sip Server Transport It Policy Rule

    Policy Reference Guide VoIP policy group This rule specifies the port number on your organization's SIP proxy server that the SIP proxy server uses to make network connections. The permitted range is 0 to 65536. Default value The default value is 5060. Usage Change this rule only if the port number that the SIP proxy server uses is not 5060.

  • Page 240: Sip User Display Name It Policy Rule

    Policy Reference Guide VoIP policy group Change this rule only if the SIP proxy server is not generic. This rule is made obsolete by BlackBerry® Mobile Voice System. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.0 •...

  • Page 241: Sip User Password It Policy

    Policy Reference Guide VoIP policy group This rule is made obsolete by BlackBerry® Mobile Voice System. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 SP1 SIP User Password IT policy Description This rule specifies the SIP user password that a BlackBerry®...

  • Page 242: Voip Emergency Number It Policy Rule

    Policy Reference Guide VoIP policy group VoIP Emergency Number IT policy rule Description This rule specifies the emergency number that a BlackBerry® device can use on your organization’s network. Default value The default value is 911. Usage Two versions of this rule are available. Refer to the descriptions in the BlackBerry Administration Service to determine which version of this rule is the appropriate version for the BlackBerry devices in your organization.

  • Page 243: Voip Enable Call Hold It Policy Rule

    Policy Reference Guide VPN policy group VoIP Enable Call Hold IT policy rule Description This rule specifies whether a user can place a VoIP call on hold on a BlackBerry® device. Default value The default value is Yes. This rule is made obsolete by BlackBerry® Mobile Voice System. Minimum requirements •...

  • Page 244: Enable Vpn It Policy Rule

    Policy Reference Guide VPN policy group This rule specifies whether a user can create VPN profiles on a BlackBerry® device. Default value The default value is No. Usage Change this rule to Yes to prevent a user from creating VPN profiles on a BlackBerry device. Minimum requirements •...

  • Page 245: Vpn Allow Handheld Changes It Policy Rule

    Policy Reference Guide VPN policy group You must change the Enable VPN IT policy rule to Yes so that a BlackBerry device can use this rule. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.0 • BlackBerry®...

  • Page 246: Vpn Disable Prompt For Credentials Re-Entry It Policy Rule

    Policy Reference Guide VPN policy group VPN Disable Prompt for Credentials Re-Entry IT policy rule Description This rule specifies whether a BlackBerry® device turns off the prompt for a user to type the VPN credentials after the user tries to authenticate to the VPN server but is not successful. Default value The default value is No.

  • Page 247: Vpn Gateway Address It Policy Rule

    Policy Reference Guide VPN policy group This rule specifies the suffix for your organization's domain name using the FQDN format. Default value The default value is a null value. Dependencies You must configure the Enable VPN IT policy rule to Yes and the VPN DNS Configuration IT policy rule to No so that a BlackBerry® device can use this rule.

  • Page 248: Vpn Group Password It Policy Rule

    Policy Reference Guide VPN policy group VPN Group Password IT policy rule Description This rule specifies the group password for your organization's VPN server. Default value The default value is a null value. Usage Specify the group password for your organization's VPN server only if the type of VPN client requires it. Minimum requirements •...

  • Page 249: Vpn Ike Hash It Policy Rule

    Policy Reference Guide VPN policy group Change the value only if the DH group does not use ECC. Dependencies You must configure the Enable VPN IT policy rule to Yes so that a BlackBerry device can use this rule. Minimum requirements •...

  • Page 250: Vpn Minimal Certificate Encryption Key Security Level It Policy Rule

    Policy Reference Guide VPN policy group VPN Minimal Certificate Encryption Key Security Level IT policy rule Description This rule specifies the minimum security level for private keys that a BlackBerry® device uses for authentication methods that require client certificates. Default value The default value is Low security.

  • Page 251: Vpn Password Hidden On Input It Policy Rule

    Policy Reference Guide VPN policy group VPN Password Hidden on Input IT policy rule Description This rule specifies whether a BlackBerry® device displays asterisks (*) instead of characters when the user types the VPN password. Default value The default value is No. Usage Change this rule to Yes to hide the VPN password as the user types it.

  • Page 252: Vpn Secondary Dns It Policy Rule

    Policy Reference Guide VPN policy group You must change the Enable VPN IT policy rule to Yes and the VPN DNS Configuration IT policy rule to No so that a BlackBerry® device can use this rule. Minimum requirements • Java® based BlackBerry device •...

  • Page 253: Vpn User Password It Policy Rule

    Policy Reference Guide VPN policy group • Java® based BlackBerry device • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 SP1 VPN User Password IT policy rule Description This rule specifies the default password that a BlackBerry® device uses to log in to your oganization's VPN server. Default value The default value is a null value.

  • Page 254: Vpn Xauth Type It Policy Rule

    Policy Reference Guide Wi-Fi policy group VPN Xauth Type IT policy rule Description This rule specifies the type of user-level authentication that your organization's VPN server uses. Default value The default value is User name and password required. Dependencies You must change the Enable VPN IT policy rule to Yes so that a BlackBerry® device can use this rule. Minimum requirements •...

  • Page 255: Blocked Wi-Fi Ssids It Policy Rule

    Policy Reference Guide Wi-Fi policy group You can override this rule using the related Wi-Fi configuration setting that is named Wi-Fi BlackBerry Infrastructure Wi-Fi access mode. You can use this setting to configure the access mode for a specific Wi-Fi network, and this rule to configure the access mode for other Wi-Fi networks.

  • Page 256: Disable Gan-Preferred Mode It Policy Rule

    Policy Reference Guide Wi-Fi policy group • Java® based BlackBerry device • BlackBerry® Device Software version 4.2.1 • BlackBerry® Enterprise Server version 4.1 SP3 Disable GAN-Preferred Mode IT policy rule Description This rule specifies whether a user can select the GAN-preferred mode from the list of GAN selection modes on a BlackBerry® device.

  • Page 257: Disable Wan-Preferred Mode It Policy Rule

    Policy Reference Guide Wi-Fi policy group This rule specifies whether a user can select the WAN-only mode from the list of GAN selection modes on a BlackBerry® device. Default value The default value is No. Usage Change this rule to Yes to prevent a user from using the WAN-only mode on a BlackBerry device. Minimum requirements •...

  • Page 258: Disable Wi-Fi Direct Access To Blackberry Enterprise Server It Policy Rule

    Policy Reference Guide Wi-Fi policy group Change this rule to Yes to prevent a user from accessing a Wi-Fi network from the BlackBerry device. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.2.1 • BlackBerry® Enterprise Server version 4.1 SP3 Disable Wi-Fi Direct Access to BlackBerry Enterprise Server IT policy rule Description This rule specifies whether a BlackBerry®...

  • Page 259: Gan Signal Quality Threshold It Policy Rule

    Policy Reference Guide Wi-Fi policy group • BlackBerry® Enterprise Server version 4.1 SP3 GAN Signal Quality Threshold IT policy rule Description This rule specifies the signal quality threshold that a BlackBerry® device uses for handover from the WAN to the GAN. Default value The default value is a null value.

  • Page 260: Gan Wi-Fi Threshold It Policy Rule

    Policy Reference Guide Wi-Fi policy group • BlackBerry® Enterprise Server version 4.1 SP3 GAN Wi-Fi Threshold IT policy rule Description This rule specifies the threshold for the Wi-Fi® signal quality when a BlackBerry® device changes from the GAN to the WAN. If the Wi-Fi signal quality drops below the threshold in the GAN-preferred mode and an acceptable cell is available, the BlackBerry device tries to change from the GAN to the WAN.

  • Page 261: Wi-Fi Default Gateway It Policy Rule

    Policy Reference Guide Wi-Fi policy group • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 SP1 Wi-Fi Default Gateway IT policy rule Description This rule specifies the default gateway in IP address format (for example, 10.0.0.1) that a BlackBerry® device can use if DHCP on the BlackBerry device is turned off.

  • Page 262: Wi-Fi Dhcp Configuration It Policy Rule

    Policy Reference Guide Wi-Fi policy group Wi-Fi DHCP Configuration IT policy rule Description This rule specifies whether your organization uses DHCP for dynamic network configuration. The previous name of this rule was WLAN DHCP Configuration. Default value The default value is Yes. DHCP is turned on. Usage If you use a Wi-Fi®...

  • Page 263: Wi-Fi Ip Address It Policy Rule

    Policy Reference Guide Wi-Fi policy group The default value is No. Usage Change this rule to Yes to permit a user to log in to a captive portal using a BlackBerry device. This rule is obsolete in BlackBerry® Enterprise Server version 4.1 SP4 and later. Minimum requirements •...

  • Page 264: Wi-Fi Minimal Eap-Tls Certificate Encryption Key Security Level It Policy Rule

    Policy Reference Guide Wi-Fi policy group The default value is Open Wi-Fi security. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.0 • BlackBerry® Enterprise Server version 4.0 SP1 Wi-Fi Minimal EAP-TLS Certificate Encryption Key Security Level IT policy rule Description This rule specifies the minimum security level for a private key that an EAP authentication method (for example, EAP-TLS) uses with a client certificate.

  • Page 265: Wi-Fi Preshared Key It Policy Rule

    Policy Reference Guide Wi-Fi policy group The previous name of this rule was WLAN Password Hidden on Input. Default value The default value is No. A BlackBerry® device displays the characters that the user types. Usage Change this rule to Yes to mask the password that the user types. Minimum requirements •...

  • Page 266: Wi-Fi Profile Forwarding Mode It Policy Rule

    Policy Reference Guide Wi-Fi policy group A BlackBerry device uses this rule only if you change the Wi-Fi® DHCP Configuration IT policy rule to No. Dependencies If you change the Wi-Fi DHCP Configuration IT policy rule to Yes, do not change this rule to Yes. Minimum requirements •...

  • Page 267: Wi-Fi Secondary Dns It Policy Rule

    Policy Reference Guide Wi-Fi policy group Wi-Fi Secondary DNS IT policy rule Description This rule specifies the secondary DNS in IP address format (for example, 10.0.0.1) that a BlackBerry® device can use if DHCP on the BlackBerry device is turned off. The previous name of this rule was WLAN Secondary DNS.

  • Page 268: Wi-Fi Subnet Mask It Policy Rule

    Policy Reference Guide Wi-Fi policy group Wi-Fi Subnet Mask IT policy rule Description This rule specifies the subnet mask in IP address format (for example, 10.0.0.1) that a BlackBerry® device can use if DHCP on the BlackBerry device is turned off. The previous name of this rule was WLAN Subnet Mask.

  • Page 269: Wi-Fi User Password It Policy Rule

    Policy Reference Guide Wi-Fi policy group Wi-Fi User Password IT policy rule Description This rule specifies the password for PEAP or LEAP security access on a BlackBerry® device. The previous name of this rule was WLAN User Password. Default value The default value is a null value.

  • Page 270: Wi-Fi Wep Key 2 It Policy Rule

    Policy Reference Guide Wi-Fi policy group Wi-Fi WEP Key 2 IT policy rule Description This rule specifies the password for WEP key 2 using the format xx:xx:xx:xx:xx. The previous name of this rule was WLAN WEP Key 2. Default value The default value is a null value.

  • Page 271: Wired Software Updates Policy Group

    Policy Reference Guide Wired Software Updates policy group This rule specifies the password for WEP key 4 using the format xx:xx:xx:xx:xx. The previous name of this rule was WLAN WEP Key 4. Default value The default value is a null value. Usage Valid values are either 5 or 13 pairs of hexadecimal digits (0 to 9 and A to F) separated by a colon (for example, AB:CD:EF:01:23 or AB:CD:EF:01:23:45:67:89:AB:CD:EF:01:23).

  • Page 272: Wireless Software Upgrades Policy Group

    Policy Reference Guide Wireless Software Upgrades policy group A cryptographic service is any service that uses a cryptographic key to protect the communication between the BlackBerry device and the BlackBerry® Enterprise Server or the BlackBerry® Internet Service (for example, the encryption keys that are generated during activation that are used to protect the data that the BlackBerry device and the BlackBerry Enterprise Server send between each other).

  • Page 273: Disallow Device User Requested Upgrade It Policy Rule

    Policy Reference Guide Wireless Software Upgrades policy group This rule specifies whether to prevent a BlackBerry® device user from returning to a previous version of the BlackBerry® Device Software after the user updates the BlackBerry Device Software over the wireless network. Default value The default value is No.

  • Page 274: Disallow Patch Download Over Roaming Wan It Policy Rule

    Policy Reference Guide Wireless Software Upgrades policy group The default value is No. Minimum requirements • Java® based BlackBerry device • BlackBerry Device Software version 4.5 • BlackBerry® Enterprise Server version 4.1 SP4 Disallow Patch Download Over Roaming WAN IT policy rule Description This rule specifies whether to prevent a BlackBerry®...

  • Page 275: Wtls Application Policy Group

    Policy Reference Guide WTLS Application policy group Default value The default value is No. Minimum requirements • Java® based BlackBerry device • BlackBerry Device Software version 4.5 • BlackBerry® Enterprise Server version 4.1 SP4 WTLS Application policy group WTLS Disable Invalid Connection IT policy rule Description This rule specifies whether to prevent a BlackBerry®...

  • Page 276: Wtls Disable Weak Ciphers It Policy Rule

    Policy Reference Guide WTLS Application policy group The default value is Prompt user on BlackBerry device. Usage If you want to prevent a BlackBerry® device user from creating WTLS connections to untrusted servers, change this rule to Disable untrusted connections. If you want to permit a BlackBerry®...

  • Page 277: Wtls Minimum Strong Ecc Key Length It Policy Rule

    Policy Reference Guide WTLS Application policy group This rule specifies the minimum DH key size (in bits) to use over WTLS connections. The permitted range is 512 through 4096 bits. Default value The default value on a BlackBerry® device is 1024 bits. The default value on the BlackBerry®...

  • Page 278: Wtls Minimum Strong Rsa Key Length It Policy Rule

    Policy Reference Guide WTLS Application policy group For example, when a user browses to a secure web site that uses a 160-bit ECC key in its certificate, the BlackBerry device prompts the user to trust the web site. If the user trusts the web site and selects the Don't Ask Again option, the minimum key size on the BlackBerry device is configured to 160 bits.

  • Page 279: Wtls Restrict Fips Ciphers It Policy Rule

    Policy Reference Guide WTLS Application policy group WTLS Restrict FIPS Ciphers IT policy rule Description This rule specifies whether the BlackBerry® device can use an algorithm with WTLS that is not FIPS-compliant. Default value The default value is No. Usage By default, if you configure the FIPS Level IT policy rule to 2, a BlackBerry device ignores this rule and uses only algorithms that are FIPS-compliant.

  • Page 280: Configuration Settings

    Policy Reference Guide Configuration settings Configuration settings Configuration settings for VoIP profiles Allow VoIP configuration setting Description This setting specifies whether a user can make VoIP calls on a Wi-Fi® enabled BlackBerry® device. Default value The default value is Yes. Usage To turn off VoIP, change this setting to No.

  • Page 281: Sip Domain Configuration Setting

    Policy Reference Guide Configuration settings for VoIP profiles SIP Domain configuration setting Description This setting specifies the SIP domain where the SIP User ID is valid. Default value The default value is a null value. Usage This setting is made obsolete by the BlackBerry® Mobile Voice System. Minimum requirements •...

  • Page 282: Sip Registration Timeout Configuration Setting

    Policy Reference Guide Configuration settings for VoIP profiles The default value is None. Usage Configure this setting to specify a name for a SIP domain or host. The SIP realm value on a BlackBerry® device must be the same as the SIP realm value that you specify on the SIP server. This setting is made obsolete by the BlackBerry®...

  • Page 283: Sip Server Name Configuration Setting

    Policy Reference Guide Configuration settings for VoIP profiles • BlackBerry® Enterprise Server version 4.0 SP1 SIP Server Name configuration setting Description This setting specifies the name or IP address of your organization's SIP proxy server. Default value The default value is a null value. Usage This setting is made obsolete by the BlackBerry®...

  • Page 284: Sip Server Type Configuration Setting

    Policy Reference Guide Configuration settings for VoIP profiles This setting specifies the transport protocol that your organization's SIP server uses. Default value The default value is UDP. Usage Change this setting only if the transport protocol is not UDP. This setting is made obsolete by the BlackBerry® Mobile Voice System. Minimum requirements •...

  • Page 285: Sip User Id Configuration Setting

    Policy Reference Guide Configuration settings for VoIP profiles Configure this setting if you want to create a default value for all users. This setting is made obsolete by the BlackBerry® Mobile Voice System. Minimum requirements • Java® based BlackBerry device •...

  • Page 286: Voip Allow Blackberry Device Changes Configuration Setting

    Policy Reference Guide Configuration settings for VoIP profiles This setting is made obsolete by the BlackBerry® Mobile Voice System. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.0.0 • BlackBerry® Enterprise Server version 4.0 SP1 VoIP Allow BlackBerry Device Changes configuration setting Description This setting specifies whether a user can change SIP and VoIP settings on a BlackBerry®...

  • Page 287: Voip Enable Attended Call Transfer Configuration Setting

    Policy Reference Guide Configuration settings for VoIP profiles • BlackBerry® Enterprise Server version 4.0 SP1 VoIP Enable Attended Call Transfer configuration setting Description This setting specifies whether a user can perform an attended transfer of a VoIP call (where the original call does not end until the user dials the transfer number and clicks Complete Transfer) on a BlackBerry®...

  • Page 288: Configuration Settings For Vpn Profiles

    Policy Reference Guide Configuration settings for VPN profiles This setting specifies whether a user can perform an unattended transfer to a VoIP call (where the original call ends automatically when the user dials the transfer number) on a BlackBerry® device. Default value The default value is Yes.

  • Page 289: Use Vpn Xauth Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles This setting specifies whether the VPN dialog box displays on a BlackBerry® device. Default value The default value is Yes. The VPN dialog box does not display on the BlackBerry device. Usage To display the VPN dialog box after the BlackBerry device connects to the VPN server, change this setting to No.

  • Page 290: Vpn Allow Password Save Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles • Java® based BlackBerry device • BlackBerry® Device Software version 4.0.0 • BlackBerry® Enterprise Server version 4.0 SP1 VPN Allow Password Save configuration setting Description This setting specifies whether a user can save the VPN password on a BlackBerry® device. Default value The default value is Yes.

  • Page 291: Vpn Dns Configuration Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles VPN DNS Configuration configuration setting Description This setting specifies your organization's VPN DNS configuration. Default setting The default value is Yes. A BlackBerry® device retrieves DNS settings from the VPN gateway. Usage To require that the BlackBerry device use the static settings that are specified in the VPN Primary DNS configuration setting, VPN Secondary DNS configuration setting, and VPN Domain Name configuration setting, change this setting to No.

  • Page 292: Vpn Group Name Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles This setting specifies the IP address or FQDN of your organization's VPN server. Default value The default value is a null value. Minimum requirements • Java® based BlackBerry® device • BlackBerry® Device Software version 4.2.0 •...

  • Page 293: Vpn Hard Token Required Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles VPN Hard Token Required configuration setting Description This setting specifies whether the VPN server requires that a BlackBerry® device use a hard token as part of the password for authentication. Default value The default value is No.

  • Page 294: Vpn Ike Hash Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles The default value is Group 7 (elliptic curve cryptography). Usage Change this setting only if the the DH group does not use ECC. Dependencies You must change the Enable VPN configuration setting to Yes so that a BlackBerry device can use this setting. Minimum requirements •...

  • Page 295: Vpn Ipsec Cipher And Hash Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles VPN IPSec Cipher and Hash configuration setting Description This setting specifies the encryption algorithm and hash that a BlackBerry® device uses for IPSec Security Associations. Default value The default value is AES-128 Cipher and SHA-1 Hash. Usage Change this setting only if the IPSec Cipher and Hash are not AES-128 and SHA-1.

  • Page 296: Vpn Nat Keep Alive Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles VPN NAT Keep Alive configuration setting Description This setting specifies the NAT keep-alive frequency. The permitted range is 1 to 1439 minutes. Default value The default value is 1 minute. Usage Specify the interval, in minutes, that a BlackBerry® device sends a keep-alive packet to the VPN concentrator to maintain the connection to the VPN concentrator.

  • Page 297: Vpn Profile Visibility Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles The default value is a null value. Dependencies You must change the Enable VPN configuration setting to Yes and the VPN DNS Configuration setting to No so that a BlackBerry® device can use this configuration setting. Minimum requirements •...

  • Page 298: Vpn Subnet Mask Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles This setting specifies the static setting for the IP address of your organization's secondary DNS server. Default value The default value is a null value. Dependencies You must change the Enable VPN configuration setting to Yes and the VPN DNS Configuration setting to No so that a BlackBerry® device can use this setting.

  • Page 299: Vpn User Name Configuration Setting

    Policy Reference Guide Configuration settings for VPN profiles • BlackBerry® Device Software version 4.2.1 • BlackBerry® Enterprise Server version 4.1 SP3 VPN User Name configuration setting Description This setting specifies the default user name that a BlackBerry® device uses to log in to your organization's VPN server. Default value The default value is a null value.

  • Page 300: Vpn Vendor Type Configuration Setting

    Policy Reference Guide You must change the Enable VPN configuration setting to Yes so that a BlackBerry device can use this configuration setting. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.2.0 • BlackBerry® Enterprise Server version 4.1 SP2 VPN Vendor Type configuration setting Description This setting specifies the type of VPN client that the VPN client on a BlackBerry®...

  • Page 301: Configuration Settings For Wi-Fi Profiles

    Policy Reference Guide Configuration settings for Wi-Fi profiles Configuration settings for Wi-Fi profiles Associated Certificate Authority Configuration configuration setting Description This setting specifies the name of the certificate authority profile that is configured in the Certificate Authority Profile Name IT policy rule.

  • Page 302: Wi-Fi Allow Ap To Ap Handover Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles This setting is a hidden property that contains the name of the VPN profile that you want to associate with the Wi-Fi® profile. Default value The default value is a null value. Minimum requirements •...

  • Page 303: Wi-Fi Allow Password Save Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles • Java® based BlackBerry device • BlackBerry® Device Software version 4.0.0 • BlackBerry Enterprise Server version 4.0 SP1 Wi-Fi Allow Password Save configuration setting Description This setting specifies whether a user can save passwords for authentication to a Wi-Fi® network on a BlackBerry® device. Default value The default value is Yes.

  • Page 304: Wi-Fi Default Gateway Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles The default value is Access does not require VPN. A BlackBerry device can bypass active VPN connections when it connects to the BlackBerry Infrastructure over a Wi-Fi network. Usage You can configure one of the following options so that a BlackBerry device can connect to the BlackBerry Infrastructure over a Wi-Fi network: •...

  • Page 305: Wi-Fi Default Key Id Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles Wi-Fi Default KEY ID configuration setting Description This setting specifies the default WEP key ID. Default value The default value is 1. Usage Verify that the WEP key ID matches the WEP access point ID and the corresponding WEP key. Minimum requirements •...

  • Page 306: Wi-Fi Domain Suffix Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles The default value is No. Usage If you change this setting to Yes, a root certificate is not required for the EAP, EAP-TLS, or EAP-TTLS authentication method. Minimum requirements • Java® based BlackBerry device •...

  • Page 307: Wi-Fi Enable Authentication Page Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles • If you want the server to authenticate a BlackBerry device using the user name and password of the user account, and you want the settings on the server to determine if server authentication must occur, you can select the Both option. If the server presents a root certificate, the BlackBerry device verifies the server using the selected root certificate.

  • Page 308: Wi-Fi Inner Authentication Mode Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles • BlackBerry® Enterprise Server version 4.1 SP3 Wi-Fi Inner Authentication Mode configuration setting Description This setting specifies the authentication mode that a BlackBerry® device uses for tunnelled EAP security. Default value The default value is None. Minimum requirements •...

  • Page 309: Wi-Fi Minimal Eap-Tls Certificate Encryption Key Security Level Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles This setting specifies the type of authentication method (for example, Open, EAP-FAST, LEAP, PEAP, EAP-TLS, EAP-TTLS, PSK, or WEP) that a BlackBerry® device requires to access a Wi-Fi® network. Default value The default value is Open. Minimum requirements •...

  • Page 310: Wi-Fi Primary Dns Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles The default value is a null value. Dependencies A BlackBerry® device uses this setting only if you configure the Wi-Fi Link Security configuration setting to PSK. Minimum requirements • Java® based BlackBerry device •...

  • Page 311: Wi-Fi Profile Visibility Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles When you change this setting to Credentials editability, the user can change only the user credentials in the Wi-Fi profile. Minimum requirements • Java® based BlackBerry device • BlackBerry® Device Software version 4.2.1 •...

  • Page 312: Wi-Fi Secondary Dns Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles This setting determines how often the Wi-Fi® transceiver scans for nearby wireless access points and roams to one of them if the signal quality is better than the signal of the current access point. Default value The default value is Auto.

  • Page 313: Wi-Fi Server Subject Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles This setting specifies a SAN field for the server certificate. Default value The default value is a null value. Usage If you do not specify a SAN field for the server certificate, the BlackBerry® device accepts any valid server certificate. Minimum requirements •...

  • Page 314: Wi-Fi Subnet Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles • BlackBerry® Device Software version 4.0.0 • BlackBerry® Enterprise Server version 4.0 SP1 Wi-Fi Subnet configuration setting Description This setting specifies the subnet mask in IP address format (for example, 10.0.0.1) that a BlackBerry® device can use if DHCP on the BlackBerry device is turned off.

  • Page 315: Wi-Fi User Password Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles This setting specifies the user name for PEAP or LEAP authentication on a BlackBerry® device. Default value The default value is a null value. Usage Configure this setting if you want to create a default value for all users. If a user types a user name on a BlackBerry device manually, IT policy updates overwrite or delete the value that the user types.

  • Page 316: Wi-Fi Wep Key 2 Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles The default value is a null value. Usage Valid values are either 5 or 13 pairs of hexadecimal digits (0 to 9 and A to F) that you separate with a colon (for example, AB:CD:EF: 01:23 or AB:CD:EF:01:23:45:67:89:AB:CD:EF:01:23).

  • Page 317: Wi-Fi Wep Key 4 Configuration Setting

    Policy Reference Guide Configuration settings for Wi-Fi profiles • BlackBerry® Device Software version 4.0.0 • BlackBerry® Enterprise Server version 4.0 SP1 Wi-Fi WEP Key 4 configuration setting Description This setting specifies the password for WEP key 4 using the format xx:xx:xx:xx:xx. Default value The default value is null.

  • Page 318: Descriptions Of Application Control Policy Rules

    Policy Reference Guide Descriptions of application control policy rules Descriptions of application control policy rules For information about configuring application control policy rules, see the BlackBerry Enterprise Server Administration Guide. Are Internal Network Connections Allowed application control policy rule Description This rule specifies whether an application can make internal network connections.

  • Page 319: Are Local Connections Allowed Application Control Policy Rule

    Policy Reference Guide Are Local Connections Allowed application control policy rule Are Local Connections Allowed application control policy rule Description This rule specifies whether an application can make local network connections (for example, connections to a BlackBerry® device using a USB or serial port). Default value The default value is Allowed.

  • Page 320: Is Access To The Pim Api Allowed Application Control Policy Rule

    Policy Reference Guide Is Access to the PIM API Allowed application control policy rule This rule specifies whether an application can send and receive email messages using a BlackBerry® device. Default value The default value is Allowed. Minimum requirements • Java®...

  • Page 321: Is Access To The Event Injection Api Allowed Application Control Policy Rule

    Policy Reference Guide Is Access to the Event Injection API Allowed application control policy rule • BlackBerry® Enterprise Server version 4.0 Is Access to the Event Injection API Allowed application control policy rule Description This rule specifies whether an application can simulate input events on a BlackBerry® device, such as pressing keys or performing trackball actions.

  • Page 322: Is Key Store Medium Security Allowed Application Control Policy Rule

    Policy Reference Guide Is Key Store Medium Security Allowed application control policy rule This rule specifies whether an application can access the key store APIs on a BlackBerry® device. Default value The default value is Allowed. Dependencies If you configure the Minimal Signing Key Store Security Level and the Minimal Encryption Key Store Security Level IT policy rules to use the high security level, this rule does not apply.

  • Page 323: Is Theme Data Allowed Application Control Policy Rule

    Policy Reference Guide Is Theme Data Allowed application control policy rule This rule specifies whether an application can access the GPS APIs on a BlackBerry® device. You can configure this rule to prevent the application from accessing the GPS APIs on a BlackBerry device or to prompt the user before an application can access the GPS APIs.

  • Page 324: Can Device Settings Be Modified Application Control Policy Rule

    Policy Reference Guide Can Device Settings be Modified application control policy rule For BlackBerry devices that are running BlackBerry Device Software version 5.0 and later, this rule applies to drivers for smart card readers and to custom two-factor authentication methods that are created by developers in your organization. For BlackBerry devices that are running BlackBerry Device Software versions that are earlier than version 5.0, this rule applies to drivers for smart cards only.

  • Page 325: Is Access To The Screen, Microphone, And Video Capturing Apis Allowed Application Control Policy Rule

    Policy Reference Guide Is Access to the Screen, Microphone, and Video Capturing APIs Allowed application control policy rule This rule specifies whether an application can run or create multimedia files on a BlackBerry® device. Default value The default value is Allowed. Minimum requirements •...

  • Page 326: Is Access To The Wi-Fi Api Allowed Application Control Policy Rule

    Policy Reference Guide Is Access to the Wi-Fi API Allowed application control policy rule Is Access to the Wi-Fi API Allowed application control policy rule Description This rule specifies whether a BlackBerry® device can send and receive data over a Wi-Fi® connection and access information about the Wi-Fi network.

  • Page 327: List Of Browser Filter Domains Application Control Policy Rule

    Policy Reference Guide List of Browser Filter Domains application control policy rule You can configure this application control policy rule and a pull rule that the BlackBerry® MDS Connection Service uses to control whether a BlackBerry device user can access an external domain. If you configure this rule and a pull rule for an external domain, a user cannot access the external domain unless this rule and the pull rule permit access.

  • Page 328: Disposition Application Control Policy Rule

    Policy Reference Guide Disposition application control policy rule Disposition application control policy rule Description This rule specifies whether an application is optional, required, or not permitted on the BlackBerry® device. You can use this rule to make a specific application mandatory on the BlackBerry device or to prevent unspecified or untrusted applications from being installed on the BlackBerry device.

  • Page 329: Examples Of Security Policy Goals

    Policy Reference Guide Examples of security policy goals Examples of security policy goals You can use IT policies and application control policies to meet your organization's security policy goals. Example goal Description Define permitted use of passwords for • Require a password on the BlackBerry device. authentication on BlackBerry®...

  • Page 330: Defining Acceptable Use Of Passwords And Passphrases On Blackberry Devices

    Policy Reference Guide Defining acceptable use of passwords and passphrases on BlackBerry devices Example goal Description • Specify whether a BlackBerry device can pair with another Bluetooth enabled device. • Specify whether the user can turn on and turn off the Bluetooth profiles that are on the BlackBerry device.

  • Page 331: Defining Measures To Protect Blackberry Devices From Unauthorized Use

    Policy Reference Guide Defining measures to protect BlackBerry devices from unauthorized use Defining measures to protect BlackBerry devices from unauthorized use Scenario Example IT policy rule Example value Extend your organization's password policy to Enable Long-Term Timeout BlackBerry® devices. Lock the BlackBerry device automatically, regardless of user activity.

  • Page 332: Restricting Unsecured Messaging

    Policy Reference Guide Defining measures to prevent threats from viruses and malicious users Restricting unsecured messaging Scenario Example IT policy rule Example value To comply with industry regulations, make sure that Allow Other Browser Services all electronic communication between your employees and their clients is recorded.

  • Page 333: Limiting The Resources That Third-Party Applications Installed On Blackberry Devices Can Access

    Policy Reference Guide Defining measures to prevent threats from viruses and malicious users Limiting the resources that third-party applications installed on BlackBerry devices can access Scenario Example application control Value policy rule Prevent third-party Java® applications from List of Browser Filter Domains addresses of the domains accessing a list of domains using the BlackBerry®...

  • Page 334: Limiting User Control Of Third-Party Applications On Blackberry Devices

    Policy Reference Guide Preventing RIM value-added applications from running on BlackBerry devices Limiting user control of third-party applications on BlackBerry devices Scenario Example policy rule Value Prevent third-party applications from accessing Allow Third Party Apps to Use serial ports or USB ports on BlackBerry® devices. Serial Port (IT policy rule) Prevent third-party applications from accessing the Allow Third Party Apps to Use...
  • Page 335 Policy Reference Guide Preventing RIM value-added applications from running on BlackBerry devices To prevent the RIM value-added applications from running on BlackBerry® Device Software versions earlier than 4.5, you can block all RIM value-added applications using the Disable RIM Value-Added Applications IT policy rule, or you can block specific RIM value-added applications using application-specific IT policy rules.

  • Page 336: Glossary

    Policy Reference Guide Glossary Glossary A2DP Advanced Audio Distribution Profile Advanced Encryption Standard all points bulletin application programming interface access point name ASCII American Standard Code for Information Interchange AVRCP Audio/Video Remote Control Profile blind carbon copy BlackBerry MDS BlackBerry® Mobile Data System browser session manager CAST Computer Assisted Seriation Test...
  • Page 337 Policy Reference Guide Glossary Data Encryption Standard DHCP Dynamic Host Configuration Protocol Domain Name System Digital Signature Algorithm DTMF Dual Tone Multiple-frequency Dial-up Networking Extensible Authentication Protocol EAP-FAST Extensible Authentication Protocol Flexible Authentication via Secure Tunneling EAP-TLS Extensible Authentication Protocol Transport Layer Security EAP-TTLS Extensible Authentication Protocol Tunneled Transport Layer Security Elliptic Curve Cryptography...
  • Page 338 Policy Reference Guide Glossary Hands-Free Profile Headset Profile HTML Hypertext Markup Language HTTPS Hypertext Transfer Protocol over Secure Sockets Layer Internet Key Exchange IMEI International Mobile Equipment Identity interoperability test Internet Protocol IPSec Internet Protocol Security LEAP Lightweight Extensible Authentication Protocol light-emitting diode Message Access Profile Mobile Data System...
  • Page 339 Policy Reference Guide Glossary message to handheld network address translation OBEX Object Exchange proxy auto-configuration Private Branch Exchange PEAP Protected Extensible Authentication Protocol Perfect Forward Secrecy personal information management personal identification number Public Key Infrastructure pre-shared key random number generator Real-time Transport Protocol subject alternative name Secure Hash Algorithm...
  • Page 340 Policy Reference Guide Glossary Subscriber Identity Module Session Initiation Protocol S/MIME Secure Multipurpose Internet Mail Extensions Short Message Service Serial Port Profile SSID service set identifier Transmission Control Protocol Transport Layer Security telephone UI User Datagram Protocol unique identifier Universal Serial Bus VoIP Voice over Internet Protocol virtual private network...
  • Page 341 Policy Reference Guide Glossary Wireless Application Protocol Wired Equivalent Privacy WLAN wireless local area network WTLS Wireless Transport Layer Security...

  • Page 342: Provide Feedback

    Policy Reference Guide Provide feedback Provide feedback To provide feedback on this deliverable, visit www.blackberry.com/docsfeedback.

  • Page 343: Legal Notice

    Policy Reference Guide Legal notice Legal notice ©2010 Research In Motion Limited. All rights reserved. BlackBerry®, RIM®, Research In Motion®, SureType®, SurePress™ and related trademarks, names, and logos are the property of Research In Motion Limited and are registered and/or used in the U.S. and countries around the world.
  • Page 344 Policy Reference Guide Legal notice PERMITTED BY LAW, ANY IMPLIED WARRANTIES OR CONDITIONS RELATING TO THE DOCUMENTATION TO THE EXTENT THEY CANNOT BE EXCLUDED AS SET OUT ABOVE, BUT CAN BE LIMITED, ARE HEREBY LIMITED TO NINETY (90) DAYS FROM THE DATE YOU FIRST ACQUIRED THE DOCUMENTATION OR THE ITEM THAT IS THE SUBJECT OF THE CLAIM.
  • Page 345 Policy Reference Guide Legal notice Certain features outlined in this documentation require a minimum version of BlackBerry® Enterprise Server, BlackBerry® Desktop Software, and/or BlackBerry® Device Software. The terms of use of any RIM product or service are set out in a separate license or other agreement with RIM applicable thereto. NOTHING IN THIS DOCUMENTATION IS INTENDED TO SUPERSEDE ANY EXPRESS WRITTEN AGREEMENTS OR WARRANTIES PROVIDED BY RIM FOR PORTIONS OF ANY RIM PRODUCT OR SERVICE OTHER THAN THIS DOCUMENTATION.

This manual is also suitable for:

Enterprise server 5.0 sp2

Table of Contents