Skip Navigation

Key
BlackBerry UEM
features

Feature
Description
Multiplatform device management
You can manage
iOS
,
macOS
,
Android
, and
Windows
devices.
Single, intuitive UI
You can view all devices in one place and access all management tasks in a single, web-based UI. You can share duties with multiple administrators who can access the management console at the same time. You can toggle between default and advanced views to see options for displaying information and filtering the user list.
Trusted and secure experience
Device controls give you precise management of how devices connect to your network, what capabilities are enabled, and what apps are available. Whether the devices are owned by your organization or your users, you can protect your organization's data.
Separate work and personal needs
You can manage devices using
Android Enterprise
,
Android Management
, and
Samsung Knox
technologies that are designed to keep personal and work information separate and secure on devices. If a device is lost or compromised, you can delete only work-related information or all information from the device.
Secure IP connectivity
You can use
BlackBerry Secure Connect Plus
to provide a secure IP tunnel between work space apps on
iOS
,
Samsung Knox Workspace
, and
Android
devices that have a work profile and your organization’s network. This tunnel gives users access to work resources behind the organization’s firewall while ensuring the security of data using standard IPv4 protocols (TCP and UDP) and end-to-end encryption.
Simple user self-service
BlackBerry UEM Self-Service
reduces support requests and lowers IT costs for your organization while giving users the option to manage their devices in a timely manner. Using
UEM Self-Service
, users can activate or switch devices, change their device password remotely, delete device data, or lock a lost or stolen device.
Integration with other
BlackBerry
services
You can integrate
UEM
with
BlackBerry Workspaces
,
BlackBerry Enterprise Identity
, and
BlackBerry 2FA
to add value to your organization's
UEM
instance.
Powerful app management
UEM
is a comprehensive app management platform for all devices. You can deploy apps from all major app stores, including the
App Store
and
Google Play
.
Role-based administration
You can share duties with multiple administrators who can access the management console at the same time. You can use roles to define the actions that an administrator can perform, allowing you to reduce security risks, distribute job responsibilities, and increase efficiency. You can use predefined roles or create your own custom roles.
Company directory integration
You can use local, built-in user authentication to access the management console and self-service console, or you can integrate
UEM
with
Microsoft Active Directory
, LDAP, or
Entra ID
directories that you use in your organization's environment.
UEM
supports connections to multiple directories.
You can create user accounts in
UEM
using user data from the directory, and you can link company directory groups with
UEM
to organize users in
UEM
the same way that they are organized in your company directory.
You can also enable onboarding for specific groups in your company directory to create
UEM
users automatically. If you enable onboarding, you can also configure offboarding to delete device data or user accounts when users are removed from groups in your company directory.
Migration
You can migrate users, devices, groups, and other data from an on-premises
UEM
source database to a new on-premises or
UEM Cloud
instance.
Cisco ISE
integration
Cisco Identity Services Engine
(ISE) is network administration software that gives an organization the ability to control whether devices can access the work network (for example, permitting or denying
Wi-Fi
or VPN connections). You can create a connection between
Cisco ISE
and
UEM
on-premises so that
Cisco ISE
can retrieve data about the devices that are activated on
UEM
.
Cisco ISE
checks device data to determine whether devices comply with your organization’s access policies.
Regional deployment
You can set up regional connections for enterprise connectivity features by deploying one or more
BlackBerry Connectivity Node
instances in a dedicated region. This is known as a server group. Each
BlackBerry Connectivity Node
includes
BlackBerry Secure Connect Plus
, the
BlackBerry Gatekeeping Service
, the
BlackBerry Secure Gateway
,
BlackBerry Proxy
, and the
BlackBerry Cloud Connector
. You can associate enterprise connectivity and email profiles with a server group so that any users who are assigned those profiles use a specific regional connection to the
BlackBerry Infrastructure
when using
BlackBerry Connectivity Node
components. Deploying more than one
BlackBerry Connectivity Node
in a server group also allows for high availability and load balancing.
Wearable devices
You can activate and manage certain
Android
-based wearable devices in
UEM
. For example, you can manage
Vuzix M300 Smart Glasses
. Smart glasses provide users with hands-free access to visual information such as notifications, step-by-step instructions, images, and video, and allow users to issue voice commands, scan bar-codes, and use GPS navigation. Examples of
UEM
management capabilities that are supported include device activation using a QR code, IT policies,
Wi-Fi
and VPN profiles, app management, and location services.
Microsoft Intune
integration
For
iOS
and
Android
devices, if you want to protect data in
Microsoft Office 365
apps using the MAM features of
Microsoft Intune
, you can use
Intune
to protect app data while using
UEM
to manage the devices.
Intune
provides security features that protect data within apps. For example,
Intune
can require that data within apps be encrypted and prevent copying and pasting, printing, and using the Save as command. You can connect
UEM
to
Intune
, allowing you to manage Intune app protection policies from within the
UEM
management console.