Get the PDF

Configuring BlackBerry UEM
Changing the certificates that BlackBerry UEM uses for authentication
- Considerations for changing BlackBerry Dynamics certificates
- Change a BlackBerry UEM certificate
Installing the BlackBerry Connectivity Node to connect to resources behind your organization's firewall
Configuring BlackBerry UEM to send data through a proxy server
- Sending data through a TCP proxy server to the BlackBerry Infrastructure
  - Configure BlackBerry UEM to use a transparent TCP proxy server
  - Enable SOCKS v5 on a TCP proxy server
- Install a standalone BlackBerry Router in a UEM Cloud environment
Configure connections through internal proxy servers
Connect to an SMTP server to send email notifications
Connecting to your company directories
Connecting BlackBerry UEM to Microsoft Entra ID
Obtaining an APNs certificate to manage iOS and macOS devices
- Request and register an APNs certificate
- Troubleshooting: APNs
Configure BlackBerry UEM for DEP
Configuring BlackBerry UEM to support Android Enterprise devices
- Configure BlackBerry UEM to support Android Enterprise devices
Configuring BlackBerry UEM to support Android Management devices
- Configure Android Management in the Google Cloud console
- Configure Android Management in BlackBerry UEM
Extending the management of Chrome OS devices to BlackBerry UEM
Simplifying Windows 10 activations
- Integrate UEM with Entra ID join
  - Configure Windows Autopilot for device activation
- Deploy a discovery service to simplify Windows 10 activations
Migrating users, devices, groups, and other data from a source server
Configuring network communication and properties for BlackBerry Dynamics apps
Integrating BlackBerry UEM with Cisco ISE
Set up VPN using Knox StrongSwan for UEM dark site environments

Connect
BlackBerry UEM
to
Cisco ISE

If you do not have a

Cisco Identity Services Engine

(ISE) administrator account, send these instructions to a

Cisco ISE

administrator, along with the required information about

UEM

and the

UEM

administrator account. For the latest

Cisco ISE

documentation, visit Cisco ISE Configuration Guides.

In a browser, navigate to

https://<server_name>:<BlackBerry_Web_Services_port>/enterprise/admin/util/ws?wsdl

where <server_name> is the FQDN of the computer that hosts the

BlackBerry UEM Core

component. The default <BlackBerry_Web_Services_port> value is 18084. Use your browser to export the

BlackBerry Web Services

certificate and save it to your desktop.

Cisco ISE

management console.

Import the

BlackBerry Web Services

certificate into the

Cisco ISE

trusted certificate store. Select the options to trust for client authentication and syslog, and to trust for authentication of

Cisco

services.

Add an external MDM service and specify the details of the

UEM

instance, including the FQDN or IP address of the

UEM

domain, the port (default 18084), and the credentials of the

UEM

administrator account.

For the polling interval, specify how often, in minutes, you want

Cisco ISE

to poll

UEM

for device data. It is a best practice to use the default value.

If you set this value to 60 minutes or less, you might notice a significant performance impact on your organization’s environment. If you set this value to 0,

Cisco ISE

does not poll

UEM

Enable and test the connection to

UEM

After the connection is established, you can view the dictionary attributes for

UEM

in the

Cisco ISE

management console. Log entries for

Cisco ISE

polling are written to the

BlackBerry UEM Core

(CORE) log file.

Perform the following configuration tasks in the

Cisco ISE

management console:

Configure ACLs on the wireless LAN controller.

Configure an authorization profile that will redirect devices to the

BlackBerry UEM Self-Service

console if they try to access the work network while the device is not activated on

UEM

. The user requires a

UEM

user account to log in to

BlackBerry UEM Self-Service

and activate the device. Instruct users to contact the

UEM

administrator when

Cisco ISE

directs them to the enrollment page.

Configure authorization policy rules that determine how

Cisco ISE

handles devices that are not activated on

UEM

or compliant with

UEM

Section:

Integrating BlackBerry UEM with Cisco ISE

Connect BlackBerry UEM to Cisco ISE

Connect
BlackBerry UEM
to
Cisco ISE