BlackBerry UEM components Skip Navigation

BlackBerry UEM
components

This diagram shows how the
BlackBerry UEM
components connect when all components are installed together in the product's simplest configuration.
Architecture diagram showing BlackBerry UEM components
For information about the ports used for connections between components, see the Planning content.
Component name
Description
BlackBerry UEM Core
The
BlackBerry UEM Core
is the central component of the
BlackBerry UEM
architecture. It consists of several subcomponents that are responsible for:
  • Logging, monitoring, reporting, and management functions
  • Authentication and authorization services
  • Scheduling and sending commands, IT policies, and profiles to devices
  • Sending user, policy, and other configuration data to
    BlackBerry Dynamics
    apps on devices.
BlackBerry UEM
database
The
BlackBerry UEM
database is a relational database that contains user account information and configuration information that
BlackBerry UEM
uses to manage devices and
BlackBerry Dynamics
apps.
BlackBerry MDS Connection Service
The
BlackBerry MDS Connection Service
provides a secure connection between
BlackBerry 10
devices and your organization's network when the device is not connected to your work
Wi-Fi
network or using a VPN connection.
BlackBerry Dispatcher
The
BlackBerry Dispatcher
provides secure connectivity using IPPP for
BlackBerry 10
devices.
BlackBerry Affinity Manager
The
BlackBerry Affinity Manager
is responsible for maintaining an active SRP connection between
BlackBerry 10
devices and the
BlackBerry Infrastructure
when the devices are not using
BlackBerry Secure Connect Plus
.
BlackBerry Proxy
BlackBerry Proxy
maintains the secure connection between your organization and the
BlackBerry Dynamics NOC
. It also supports
BlackBerry Dynamics
Direct Connect, which allows app data to bypass the
BlackBerry Dynamics NOC
.
BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plus
provides a secure IP tunnel between work apps on devices and your organization's network. One tunnel that supports standard IPv4 (TCP and UDP) data is established for each device through the
BlackBerry Infrastructure
.
BlackBerry Secure Gateway
The
BlackBerry Secure Gateway
provides a secure connection through the
BlackBerry Infrastructure
and
BlackBerry UEM
to your organization's mail server for
iOS
devices.
BlackBerry Gatekeeping Service
The
BlackBerry Gatekeeping Service
sends commands to
Exchange ActiveSync
to add devices to an allowed list when devices are activated on
BlackBerry UEM
. Unmanaged devices that try to connect to an organization's mail server can be reviewed, verified, and blocked or allowed by an administrator using the
BlackBerry UEM
management console.
Management console and
BlackBerry UEM Self-Service
The management console and
BlackBerry UEM Self-Service
provide a web-based user interface for administrator and user access to
BlackBerry UEM
.
You use the management console to manage system settings, users, devices, and apps.
Users can use
BlackBerry UEM Self-Service
to set an activation password and send commands to devices, such as set password, lock device, and delete device data.
BlackBerry Enterprise Mobility Server
BEMS
consolidates several services used to send work data to and from
BlackBerry Dynamics
apps, including:
BlackBerry Push Notifications
,
BlackBerry Connect
,
BlackBerry Presence
, and
BlackBerry Docs
.
BlackBerry Enterprise Mobility Server
databases
The
BEMS
databases store user, app, policy, and configuration information.
BlackBerry Push Notifications
BlackBerry Push Notifications
accepts push registration requests from
iOS
and
Android
devices and then communicates with
Microsoft Exchange
to monitor the user's work mail account for changes.
BlackBerry Connect
BlackBerry Connect
provides secure instant messaging, company directory look-up, and user presence information to
iOS
and
Android
devices.
BlackBerry Presence
BlackBerry Presence
provides real-time presence status to
BlackBerry Dynamics
apps.
BlackBerry Docs
BlackBerry Docs
lets your
BlackBerry Dynamics
app users access, synchronize, and share documents using their work file server,
SharePoint
,
Box
, and content management systems supporting CMIS, without the need for VPN software, firewall reconfiguration, or duplicate data stores.
BlackBerry Router
and/or proxy servers
By default,
BlackBerry UEM
makes a direct connection to the
BlackBerry Infrastructure
over ports 3101 and 443. If your organization's security policy requires that internal systems not connect directly to the Internet, you can install the
BlackBerry Router
or use a third-party TCP proxy server that supports SOCKs v5 with no authentication.
The
BlackBerry UEM Core
and
BlackBerry Proxy
support using a third-party HTTP proxy server to connect to the
BlackBerry Dynamics NOC
.
BlackBerry Infrastructure
and BlackBerry Dynamics NOC
The
BlackBerry Infrastructure
registers user information for device activation, validates licensing information for
BlackBerry UEM
and provides a trusted path between the organization and every user based on strong, cryptographic, mutual authentication.
The
BlackBerry Dynamics NOC
is a separately-located NOC that provides secure communications between
BlackBerry Dynamics
apps on devices and the
BlackBerry UEM Core
,
BlackBerry Proxy
, and
BlackBerry Enterprise Mobility Server
.