Server and device requirements for BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plus, your organization's environment must meet the following requirements.
- Your organization's firewall must allow outbound connections over port 3101 to<region>.turnb.bbsecure.com and<region>.bbsecure.com. If you configureBlackBerry UEMto use a proxy server, verify that the proxy server allows connections over port 3101 to these subdomains. For more information about domains and IP addresses to use in your firewall configuration, visit http://support.blackberry.com/community to read article 36470.
- In eachBlackBerry UEMinstance, theBlackBerry Secure Connect Pluscomponent must be running.
- By default,Android Enterprisedevices are restricted from usingBlackBerry Secure Connect Plusto connect toGoogle Playand underlying services (com.android.providers.media, com.android.vending, and com.google.android.apps.gcs).Google Playdoes not have proxy support.Android Enterprisedevices use a direct connection over the Internet toGoogle Play. These restrictions are configured in the Default enterprise connectivity profile and in any new enterprise connectivity profiles that you create. It is recommended to keep these restrictions in place. If you remove these restrictions, you must contactGoogle Playsupport for the firewall configuration required to allow connections toGoogle PlayusingBlackBerry Secure Connect Plus.
- If your on-premises environment includesKnox WorkspaceorAndroid Enterprisedevices withBlackBerry Dynamicsapps, see Optimize secure tunnel connections for Android devices that use BlackBerry Dynamics apps.
- If you use an email profile to enable theBlackBerry Secure GatewayforiOSdevices, it is a best practice to configure per-app VPN forBlackBerry Secure Connect Plus. For more information about theBlackBerry Secure Gateway, see Protecting email data using the BlackBerry Secure Gateway.
For supported devices:
Any of the following activation types
Samsung Knox Workspace