Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.18
  3. Planning and Architecture
  4. UEM Disaster Recovery Guide
  5. Installation and configuration
  6. Configure load balancing, SSL termination at the reverse proxies, and FQDNs for the BlackBerry Proxy servers

Configure load balancing, SSL termination at the reverse proxies, and FQDNs for the
BlackBerry Proxy
 servers

If the
BlackBerry Proxy
 servers are not using
BlackBerry Dynamics Direct Connect
, and therefore accessed only through the
BlackBerry Infrastructure
, additional network configuration is not required.
If the
BlackBerry Proxy
 servers are using
Direct Connect
, third-party network appliances must be configured for the incoming connections from devices and containers. Security-sensitive customers may set up a configuration that uses SSL Termination at a Reverse Proxy. For best performance and minimum latencies, a configuration that uses a global traffic manager configuration with two external FQDNs (one for each
BlackBerry Proxy
 cluster) and a local traffic manager configuration for load balancing within each
BlackBerry Proxy
 cluster is suggested.
  1. Configure each
    BlackBerry Proxy
     server at the primary site as
    Direct Connect
     = Yes, with a Host Name that is the first external public FQDN (for example, cluster1.external.org.com). Leave
    Web Proxy
     = No,
    Proxy Host
     and
    Proxy Port
     blank.
  2. Configure each
    BlackBerry Proxy
     server at the secondary site as
    Direct Connect
     = Yes, with a Host Name that is the second external public FQDN (for example, cluster2.external.org.com). Leave
    Web Proxy
     = No,
    Proxy Host
     as blank, and
    Proxy Port
     as blank.
  3. Set up the two FQDNs to point to the endpoints or servers that resolve to the
    BlackBerry Proxy
     cluster servers at the corresponding primary and secondary sites. A global traffic manager configuration will allow both FQDNs to always be reachable, with one FQDN responding quickly with a connection failure when one site is down.
    Using two FQDNs serves two purposes. It allows the search algorithm of the client library (SDK) to know when the primary site is not reachable, and that it is therefore using the
    BlackBerry Proxy
     cluster at the secondary site. It also allows the endpoints (for example, virtual IP addresses) to be set up so that when a site is down, attempted connections to the corresponding FQDN will result in a fast fail instead of long TCP connection timeouts.