BlackBerry’s newest version of enterprise software BlackBerry Enterprise Server (BES) 10.1.1 provides a standalone solution for management and security of BlackBerry 10, BlackBerry PlayBook, Android and iOS mobile devices.
If you’re still using BlackBerry devices which run BlackBerry OS 7 or earlier versions, you will need to maintain a distinct infrastructure of servers since the new BES 10 works only for the above devices.
In fact, BES 10 is three servers combined into a single package which can be installed on a single virtual or physical server, or on separate servers as required.
The BlackBerry Device Service (BDS) supports BB10 devices and BlackBerry PlayBook while the Universal Device Service (UDS) supports only Android and iOS devices. The BlackBerry Management Studio provides a partial management console for both these services. There are discrete web consoles for BDS and UDS. So there are totally three management consoles, out of which two are IT consoles, and one is a “help desk” console.
By juggling of ports intensely, BlackBerry has been successful in allowing all these services to run on a single server.
The old BES5 days had all BES5 servers connected to one SQL database which served as a central repository for servers, configurations and users. This is called the BES5 Domain. BES5 made use of a proprietary methodology for synchronizing contacts, calendar and email between your BlackBerry and your mail server.
In contrast, BES10 doesn’t share the BES5 database and hence cannot function in the same domain as the BES5 servers. Two new databases are created while installing of BES10 for the support of the UDS and BDS services. While a common physical SQL server can be used, the databases are separate.
Instead of using a proprietary protocol for synchronizing calendar, email and contacts, BES10 works as a substitute of the ActiveSync protocol which is inbuilt in Microsoft Exchange, and offered by gateways such as Lotus Traveler if you’re a Lotus Domino/Notes user. ActiveSync is used for synchronization of mobile devices and is light on Exchange unlike the previous BES5 synchronization process.
BES10 provides two methods for managing and connecting Android and iOS devices. One uses the Mobile Device Management (MDM) approach which gives IT complete control over devices, like BES5 did earlier. IT Policies are limited to the platforms they are applied to. iOS is more enterprise friendly and allows multiple ways for controlling, and configuring i-devices via MDM solutions like BES10. Android on the other hand provides considerably limited control.
The second method uses secure containers on mobile devices for the application of IT Policies on Android and iOS, with extra protection for work data if devices are hacked. This kind of security is also called Dual Persona because devices have separate personalities for personal and work related data. Containers are mini-apps which are components of the main app and provide apparently separate apps for calendar, mail and contacts. Since the apps secure their own data stores they provide secure containers for work data.
A hybrid of full device control with a container is used to create BlackBerry Balance in BB10 and BlackBerry PlayBook devices managed through BDS. With BlackBerry Balance, personal and work data is kept separately at file system level and users use the same apps for both kinds of data.