BlackBerry UEM on-premises components Skip Navigation

BlackBerry UEM
on-premises components

This diagram shows how the
BlackBerry UEM
components connect when all components are installed together in the product's simplest configuration.
Architecture diagram showing BlackBerry UEM components
Component name
Description
BlackBerry UEM Core
The
BlackBerry UEM Core
is the central component of the
UEM
architecture. It consists of several subcomponents that are responsible for:
  • Logging, monitoring, reporting, and management functions
  • Authentication and authorization services
  • Scheduling and sending commands, IT policies, and profiles to devices
  • Sending user, policy, and other configuration data to
    BlackBerry Dynamics
    apps.
BlackBerry Proxy
BlackBerry Proxy
maintains a secure connection between your organization and the
BlackBerry Dynamics NOC
. It also supports
BlackBerry Dynamics
Direct Connect, which allows app data to bypass the
BlackBerry Dynamics NOC
.
BlackBerry Secure Connect Plus
BlackBerry Secure Connect Plus
provides a secure IP tunnel between work apps on devices and your organization's network. One tunnel that supports standard IPv4 (TCP and UDP) data is established for each device through the
BlackBerry Infrastructure
.
BlackBerry Secure Gateway
The
BlackBerry Secure Gateway
provides a secure connection through the
BlackBerry Infrastructure
and
UEM
to your organization's mail server for
iOS
devices.
BlackBerry Gatekeeping Service
The
BlackBerry Gatekeeping Service
sends commands to
Exchange ActiveSync
to add devices to an allowed list when devices are activated on
UEM
. Unmanaged devices that try to connect to an organization's mail server can be reviewed, verified, and blocked, or allowed by an administrator using the management console.
Management console and
BlackBerry UEM Self-Service
The management console and
BlackBerry UEM Self-Service
provide a web-based user interface for administrator and user access to
UEM
.
You use the management console to manage system settings, users, devices, and apps.
Users can use
UEM Self-Service
to set an activation password and send commands to devices, such as set password, lock device, and delete device data.
BlackBerry UEM
database
The
UEM
database is a relational database that contains user account information and configuration information that
UEM
uses to manage devices and
BlackBerry Dynamics
apps.
BlackBerry Enterprise Mobility Server
BEMS
consolidates several services used to send work data to and from
BlackBerry Dynamics
apps, including:
  • BlackBerry Push Notifications
    : Accepts push registration requests from
    iOS
    and
    Android
    devices and then communicates with
    Microsoft Exchange
    to monitor the user's work mail account for changes.
  • BlackBerry Connect
    : Provides secure instant messaging, company directory look-up, and user presence information to
    iOS
    and
    Android
    devices.
  • BlackBerry Presence
    : Provides real-time presence status to
    BlackBerry Dynamics
    apps.
  • BlackBerry Docs
    : Allows your
    BlackBerry Dynamics
    app users to access, synchronize, and share documents using their work file server,
    SharePoint
    ,
    Box
    , and content management systems supporting CMIS, without the need for VPN software, firewall reconfiguration, or duplicate data stores.
The
BEMS
databases store user, app, policy, and configuration information.
BlackBerry Router
and/or proxy servers
By default,
UEM
makes a direct connection to the
BlackBerry Infrastructure
over ports 3101 and 443. If your organization's security standards require that internal systems not connect directly to the Internet, you can install the
BlackBerry Router
or use a third-party TCP proxy server that supports SOCKs v5 with no authentication.
The
UEM Core
and
BlackBerry Proxy
support using a third-party HTTP proxy server to connect to the
BlackBerry Dynamics NOC
.
BlackBerry Infrastructure
and
BlackBerry Dynamics NOC
The
BlackBerry Infrastructure
registers user information for device activation, validates licensing information, and provides a trusted path between the organization and every user based on strong cryptographic mutual authentication.
The
BlackBerry Dynamics NOC
is a separately-located NOC that provides secure communications between
BlackBerry Dynamics
apps on devices and the
UEM Core
,
BlackBerry Proxy
, and
BEMS
.