Server and device requirements for BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plus, your organization's environment must meet the following requirements.
- Your organization's firewall must allow outbound connections over port 3101 to<region>.turnb.bbsecure.com and<region>.bbsecure.com. If you configureBlackBerry UEMto use a proxy server, verify that the proxy server allows connections over port 3101 to these subdomains. For more information about domains and IP addresses to use in your firewall configuration, visit http://support.blackberry.com/community to read article 36470.
- In eachBlackBerry UEMinstance, theBlackBerry Secure Connect Pluscomponent must be running.
- By default,Android Enterprisedevices are restricted from usingBlackBerry Secure Connect Plusto connect toGoogle Playand underlying services (com.android.providers.media, com.android.vending, and com.google.android.apps.gcs).Google Playdoes not have proxy support.Android Enterprisedevices use a direct connection over the Internet toGoogle Play. These restrictions are configured in the Default enterprise connectivity profile and in any new enterprise connectivity profiles that you create. It is recommended to keep these restrictions in place. If you remove these restrictions, you must contactGoogle Playsupport for the firewall configuration required to allow connections toGoogle PlayusingBlackBerry Secure Connect Plus.
If your on-premises environment includes
Android Enterprisedevices with
BlackBerry Dynamicsapps, see Optimize secure tunnel connections for Android devices that use BlackBerry Dynamics apps.
If you use an email profile to enable the
BlackBerry Secure Gatewayfor
iOSdevices, it is a best practice to configure per-app VPN for
BlackBerry Secure Connect Plus. For more information about the
BlackBerry Secure Gateway, see .Protecting email data using the BlackBerry Secure Gateway.
For supported devices:
Samsung Knox Workspace