It covers all the new features of the BES version 5. If you are new to BlackBerry Enterprise Server, this is the perfect guide to help with your planning and deployment. As you begin reading this book you will first learn about the two prominent features introduced with BES 5: As you proceed further you will learn about more configurable IT Policies provided by BES 5 as opposed to the earlier versions.
We will look at Mobile Data Service and third-party applications that can be deployed to BlackBerry devices. We will also look at a monitoring portal included in the installation process of BES 5, which provides health scores to check the BES performance and a much more stable and robust SNMP. Written by mobile and wireless technology experts, this book provides a detailed approach to installing, configuring, and managing your BlackBerry Enterprise Server.
A straightforward guide to setting up your BlackBerry Enterprise Server, provisioning users and devices, and implementing administrative techniques. If the WLAN profile has not been configured as required, this is a finding.bellhidcucumsstan.tk/chronic-fatigue-syndrome-and-fibromyalgia/the-mergers.pdf
The BlackBerry default policy installed on the BES does not include many DoD-required security policies for data encryption, authentication, and access control. Interview the BlackBerry system administrator. For the default IT policy: A list of all users assigned to the policy will be shown. If any users have been assigned to the default IT policy, this is a finding. The primary BlackBerry malware control is to set up an Application White List where the use of all applications is denied unless an application is expressly allowed.
Provisioning with Native Options for BlackBerry Devices
Otherwise, malware could be installed on the BlackBerry. Verify for each Application White List software configuration identified in check WIR that a "Deny All" policy has been assigned to the software configuration. This configuration stops the execution of any application not specifically allowed.
If the site has followed the procedures for setting up an Application White List found in Section 3. The title of the Application Control Policy is not important; verify the policy is configured as required. A DoD application repository must contain only authorized applications and only approved and unaltered versions of those applications. If DoD-approved application repositories are not used, the integrity of applications in the repository would be unknown. If no application repositories are set up, this check is Not Applicable. Talk to the site BES administrator. Determine if the site has set up an application repository.
If yes, verify the repository is DoD-approved. If the repository is not DoD-approved, this is a finding.
- Find useful information to get the most out of your BlackBerry product.?
- [SOLVED] Can't login to Blackberry Web Desktop Manager with Domain Accounts! - Spiceworks;
- angry birds free download for mobile nokia 5233!
Access control requirements of the network can be bypassed. Each user and group account is assigned an Access Control Rule. The BES must be configured so that all network file share access by BlackBerry users has been blocked. A high-level "deny all" Access Control Rule policy must be set up and assigned to each user or group account. Verify all user and group accounts have been assigned an Access Control Rule. On the BES, do the following: Verify each user has been assigned an Access Control Rule.
Write down the name of each Access Control Rule assigned to each account the settings of each rule will be verified in WIR If any user or group account has not been assigned an Access Control Rule, this is a finding. CTO Rev1 requires administrator accounts use either CAC authentication or use complex passwords to ensure storing access control is enforced. Verify the BAS is configured to require Active Directory authentication for system administrators and users.
To verify Active Directory Authentication is enabled, use the following procedure: Launch the BlackBerry Administration Service. Click "BlackBerry Administration Service". Click on the "Microsoft Active Directory authentication" tab. Verify username, password, and user domain fields have been entered for the BAS Active Directory account. The key store password protects the server digital authentication certificates from unauthorized use. The password must meet the requirements of CTO Rev1: On the Administration service — Cacerts keystore tab, check the length of the current password and ask the BES admin if a complex password was used.
If either the length or complexity requirements are not met, this is a finding. The overall security posture of the BlackBerry system is dependent on strict configuration management controls, including ensuring only authorized BlackBerry devices are being used and authorized devices are provisioned as required. Users must be prohibited from performing the following administrative tasks using the BlackBerry Web Desktop Manager: Click "Edit component". If not set as required, this is a finding.
Each access control rule assigned to user and group accounts has been set up with a "Deny" URL pattern. View each Access Control Rule. When this configuration is not set as required, users may have the capability to activate unauthorized BlackBerry devices. Verify the BAS has been configured to disable users from performing self-service tasks.
Verify "Allow users to perform self service tasks" is set to "No". Verify a DoD server certificate has been installed on the BES and the self-signed certificate, available as an option during the setup of the BES, has not been installed. Verify no certificate error occurs. Click the "Lock" icon next to the address bar then select "view certificates". On the "General" tab, verify the "Issued to: Then on the "Certification Path" tab, verify the top certificate is a trusted DoD Root certificate authority e.
If a certificate error occurs either the default self-signed certificate is still installed, the BlackBerry Enterprise Server has not been rebooted since the DoD-issued certificate has been installed, or the computer accessing the BAS does not have the DoD Root and Intermediate certificate authorities installed. The reviewer can select the "Continue to this website" option and follow the same procedure above.
Toggle navigation. BlackBerry Enterprise Server version 5. Version 2 Release 9. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: Vulnerabilities Finding ID. Target Key.
Check Content Detailed Policy Requirements: Responsibility Information Assurance Officer. Discussion The wireless email server architecture must comply with the DoD environment because approval of the BES is contingent on installation with the correct settings. Check Content Verify the site BES has been configured to require BlackBerry users to authenticate directly with enclave application and content servers.
Discussion HTML email and inline images in email can contain malware or links to web sites with malware. Discussion BlackBerry user could get access to unauthorized network resources application and content servers, etc.
BlackBerry Enterprise Server 5 Implementation Guide
Push servers are set up to push content to BlackBerry users e. Discussion Only authorized servers should be able to push content to BlackBerry devices. Fix Text The BES must be configured to accept only trusted connections to back-office enclave application or web push servers. Check Content Verify the site has configured the BES to require trusted connections to push enclave application or web servers, using the following procedure: Non-core applications used on the BlackBerry must be approved.
Discussion Unapproved applications could include malware or introduce other vulnerabilities to the BlackBerry system and enclave. This check applies to BES 4. On BES 5, an application control policy is automatically assigned when an application is selected for a software configuration. Discussion Applications must only have access to BlackBerry resources e. Discussion Strong access controls to back-office servers are required to ensure DoD data is not exposed to users of the BlackBerry system that are not authorized to access the server.
Discussion Insecure Bluetooth configuration on the PC could make it vulnerable to compromise via a Bluetooth attack. Discussion The BlackBerry default policy installed on the BES does not include many DoD-required security policies for data encryption, authentication, and access control.
Related blackberry web desktop manager administration guide
Copyright 2019 - All Right Reserved