BlackBerry UEM on-premises components
BlackBerry UEMon-premises components
This diagram shows how the
BlackBerry UEMcomponents connect when all components are installed together in the product's simplest configuration.
BlackBerry UEM Core
BlackBerry UEM Coreis the central component of the
UEMarchitecture. It consists of several subcomponents that are responsible for:
BlackBerry Proxymaintains a secure connection between your organization and the
BlackBerry Dynamics NOC. It also supports
BlackBerry DynamicsDirect Connect, which allows app data to bypass the
BlackBerry Dynamics NOC.
BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plusprovides a secure IP tunnel between work apps on devices and your organization's network. One tunnel that supports standard IPv4 (TCP and UDP) data is established for each device through the
BlackBerry Secure Gateway
BlackBerry Secure Gatewayprovides a secure connection through the
UEMto your organization's mail server for
BlackBerry Gatekeeping Service
BlackBerry Gatekeeping Servicesends commands to
Exchange ActiveSyncto add devices to an allowed list when devices are activated on
UEM. Unmanaged devices that try to connect to an organization's mail server can be reviewed, verified, and blocked, or allowed by an administrator using the management console.
Management console and
BlackBerry UEM Self-Service
The management console and
BlackBerry UEM Self-Serviceprovide a web-based user interface for administrator and user access to
You use the management console to manage system settings, users, devices, and apps.
Users can use
UEM Self-Serviceto set an activation password and send commands to devices, such as set password, lock device, and delete device data.
UEMdatabase is a relational database that contains user account information and configuration information that
UEMuses to manage devices and
BlackBerry Enterprise Mobility Server
BEMSconsolidates several services used to send work data to and from
BlackBerry Dynamicsapps, including:
BEMSdatabases store user, app, policy, and configuration information.
BlackBerry Routerand/or proxy servers
UEMmakes a direct connection to the
BlackBerry Infrastructureover ports 3101 and 443. If your organization's security standards require that internal systems not connect directly to the Internet, you can install the
BlackBerry Routeror use a third-party TCP proxy server that supports SOCKs v5 with no authentication.
BlackBerry Proxysupport using a third-party HTTP proxy server to connect to the
BlackBerry Dynamics NOC.
BlackBerry Dynamics NOC
BlackBerry Infrastructureregisters user information for device activation, validates licensing information, and provides a trusted path between the organization and every user based on strong cryptographic mutual authentication.
BlackBerry Dynamics NOCis a separately-located NOC that provides secure communications between
BlackBerry Dynamicsapps on devices and the
BlackBerry Proxy, and