Skip Navigation

BlackBerry UEM
distributed installation

This diagram shows how the
BlackBerry UEM
components connect together when the
BlackBerry Connectivity Node
and the user interface are both installed separately from the primary
BlackBerry UEM
components.
For more information on the architecture when you install
BlackBerry UEM
on more than one computer for high availability, see the Planning Guide.
Architecture diagram showing the BlackBerry UEM components when they are not all installed on the same computer.
For information about the ports used for connections between components, see the Planning content.
Component name
Description
Primary
BlackBerry UEM
components
The primary
BlackBerry UEM
components include the
BlackBerry UEM Core
and all components installed with it on the same server.
BlackBerry UEM Core
The
BlackBerry UEM Core
is the central component of the
BlackBerry UEM
architecture. It consists of several subcomponents that are responsible for:
  • Logging, monitoring, reporting, and management functions
  • Authentication and authorization services
  • Scheduling and sending commands, IT policies, and profiles to devices
  • Sending user, policy, and other configuration data to
    BlackBerry Dynamics
    apps on devices.
BlackBerry UEM
database
The
BlackBerry UEM
database is a relational database that contains user account information and configuration information that
BlackBerry UEM
uses to manage devices and
BlackBerry Dynamics
apps.
BlackBerry Gatekeeping Service
(primary)
The
BlackBerry Gatekeeping Service
sends commands to
Exchange ActiveSync
to add devices to an allowed list when devices are activated on
BlackBerry UEM
. Unmanaged devices that try to connect to an organization's mail server can be reviewed, verified, and blocked or allowed through the
BlackBerry UEM
management console by an administrator.
Remote UI components
The management console and
BlackBerry UEM Self-Service
can be installed separately from other
BlackBerry UEM
components. If you install them separately, an instance of the
BlackBerry Management Console Core
is also installed.
BlackBerry Management Console Core
If installed, the
BlackBerry Management Console Core
only processes UI requests from the management console and
BlackBerry UEM Self-Service
. This ensures that these interfaces are responsive even when the load on
BlackBerry UEM Core
is high.
Management console and
BlackBerry UEM Self-Service
The management console and
BlackBerry UEM Self-Service
provide a web-based user interface for administrator and user access to
BlackBerry UEM
. It can be installed separately from other
BlackBerry UEM
components.
You use the management console to manage system settings, users, devices, and apps.
Users can access
BlackBerry UEM Self-Service
to set an activation password and send commands, such as set password, lock device, and delete device data, to devices.
BlackBerry Connectivity Node
The
BlackBerry Connectivity Node
installs instances of the
BlackBerry UEM
device connectivity components to your organization’s domain on a different server than the
BlackBerry UEM Core
. Each
BlackBerry Connectivity Node
contains these components:
  • BlackBerry Cloud Connector
  • BlackBerry Proxy
  • BlackBerry Secure Connect Plus
  • BlackBerry Secure Gateway
  • BlackBerry Gatekeeping Service
BlackBerry Cloud Connector
The
BlackBerry Cloud Connector
allows the
BlackBerry Connectivity Node
components to communicate with the
BlackBerry UEM Core
. All communication between the
BlackBerry Cloud Connector
and
BlackBerry UEM Core
travels through the
BlackBerry Infrastructure
.
BlackBerry Proxy
BlackBerry Proxy
maintains the secure connection between your organization and the
BlackBerry Dynamics NOC
. It also supports
BlackBerry Dynamics
Direct Connect, which allows app data to bypass the
BlackBerry Dynamics NOC
.
BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plus
provides a secure IP tunnel between work apps on devices and your organization's network. One tunnel that supports standard IPv4 (TCP and UDP) data is established for each device through the
BlackBerry Infrastructure
.
BlackBerry Secure Gateway
The
BlackBerry Secure Gateway
provides a secure connection through the
BlackBerry Infrastructure
and
BlackBerry UEM
to your organization's mail server for
iOS
devices.
BlackBerry Gatekeeping Service
(
BlackBerry Connectivity Node
)
BlackBerry UEM
can use instances of
BlackBerry Gatekeeping Service
that are installed with the
BlackBerry Connectivity Node
to manage gatekeeping for your mail server. Each instance must be able to access your organization’s gatekeeping server.
If you want gatekeeping data to be managed only by the
BlackBerry Gatekeeping Service
that is installed with the primary
BlackBerry UEM
components, you can disable the
BlackBerry Gatekeeping Service
in each
BlackBerry Connectivity Node
BlackBerry Enterprise Mobility Server
BEMS
consolidates several services used to send work data to and from
BlackBerry Dynamics
apps, including:
BlackBerry Push Notifications
,
BlackBerry Connect
,
BlackBerry Presence
, and
BlackBerry Docs
.
BlackBerry Enterprise Mobility Server
databases
The
BEMS
databases store user, app, policy, and configuration information.
BlackBerry Infrastructure
and BlackBerry Dynamics NOC
The
BlackBerry Infrastructure
registers user information for device activation, validates licensing information for
BlackBerry UEM
and provides a trusted path between the organization and every user based on strong, cryptographic, mutual authentication.
The
BlackBerry Dynamics NOC
is a separately-located NOC that provides secure communications between
BlackBerry Dynamics
apps on devices and
BlackBerry UEM Core
,
BlackBerry Proxy
, and
BlackBerry Enterprise Mobility Server
.