BlackBerry UEM regional deployment
BlackBerry UEMregional deployment
This diagram shows how the
BlackBerry UEMcomponents connect together when one or more instances of the
BlackBerry Connectivity Nodeare installed in a separate location. You can use server groups to specify the regional instance of the
BlackBerry Connectivity Nodethat a device connects to.
For information about the ports used for connections between components, see the Planning content.
BlackBerry UEMcomponents include the
BlackBerry UEM Coreand all components installed with it on the same server.
BlackBerry UEM Core
BlackBerry UEM Coreis the central component of the
BlackBerry UEMarchitecture. It consists of several subcomponents that are responsible for:
BlackBerry UEMdatabase is a relational database that contains user account information and configuration information that
BlackBerry UEMuses to manage devices and
BlackBerry Gatekeeping Service(primary)
BlackBerry Gatekeeping Servicesends commands to
Exchange ActiveSyncto add devices to an allowed list when devices are activated on
BlackBerry UEM. Unmanaged devices that try to connect to an organization's mail server can be reviewed, verified, and blocked or allowed through the
BlackBerry UEMmanagement console by an administrator.
Management console and
BlackBerry UEM Self-Service
The Management console and
BlackBerry UEM Self-Serviceprovide a web-based user interface for administrator and user access to
BlackBerry UEM. It can be installed separately from other
You use the management console to manage system settings, users, devices, and apps.
Users can access
BlackBerry UEM Self-Serviceto set an activation password and send commands, such as set password, lock device, and delete device data, to devices.
BlackBerry Connectivity Node
BlackBerry Connectivity Nodeinstalls instances of the
BlackBerry UEMdevice connectivity components to your organization’s domain on a different server than the
BlackBerry UEM Core. Each
BlackBerry Connectivity Nodecontains these components:
If you have regional deployments of the
BlackBerry Connectivity Nodeyou must configure the connection between the
BlackBerry UEM Coreand the server group containing the regional
BlackBerry Connectivity Node.
BlackBerry Cloud Connector
BlackBerry Cloud Connectorallows the
BlackBerry Connectivity Nodecomponents to communicate with the
BlackBerry UEM Core. All communication between the
BlackBerry Cloud Connectorand
BlackBerry UEM Coretravels through the
BlackBerry Proxymaintains the secure connection between your organization and the
BlackBerry Dynamics NOC. It also supports
BlackBerry DynamicsDirect Connect, which allows app data to bypass the
BlackBerry Dynamics NOC.
BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plusprovides a secure IP tunnel between work apps on devices and your organization's network. One tunnel that supports standard IPv4 (TCP and UDP) data is established for each device through the
BlackBerry Secure Gateway
BlackBerry Secure Gatewayprovides a secure connection through the
BlackBerry UEMto your organization's mail server for
BlackBerry Gatekeeping Service(
BlackBerry Connectivity Node)
BlackBerry UEMcan use instances of
BlackBerry Gatekeeping Serviceinstalled with the
BlackBerry Connectivity Nodeto manage gatekeeping for your mail server. Each instance must be able to access your organization’s gatekeeping server.
If you want gatekeeping data to be managed only by the
BlackBerry Gatekeeping Servicethat is installed with the primary
BlackBerry UEMcomponents, you can disable the
BlackBerry Gatekeeping Servicein each
BlackBerry Connectivity Node
BlackBerry Enterprise Mobility Server
BEMSconsolidates several services used to send work data to and from
BlackBerry Dynamicsapps, including:
BlackBerry Push Notifications,
BlackBerry Presence, and
BlackBerry Enterprise Mobility Serverdatabases
BEMSdatabases store user, app, policy, and configuration information.
BlackBerry Infrastructure and BlackBerry Dynamics NOC
BlackBerry Infrastructureregisters user information for device activation, validates licensing information for
BlackBerry UEMand provides a trusted path between the organization and every user based on strong, cryptographic, mutual authentication.
BlackBerry Dynamics NOCis a separately-located NOC that provides secure communications between
BlackBerry Dynamicsapps on devices and the
BlackBerry UEM Core,
BlackBerry Enterprise Mobility Server.