Skip Navigation

What's new in
BlackBerry Gateway

BlackBerry Gateway
is a new Unified Endpoint Security product that provides zero trust network access (ZTNA) for today's IT environment, where cybersecurity threats are increasingly sophisticated and pervasive and the number of connected endpoints and the amount of data sent to and stored in cloud services grows exponentially.
BlackBerry Gateway
modernizes network security while simultaneously enhancing the network experience for end users.

Key
BlackBerry Gateway
features

Feature
Description
Continuous evaluation of Internet destinations
BlackBerry
uses machine learning, IP reputation, and risk scoring to maintain an ever-evolving list of malicious Internet destinations.
BlackBerry Gateway
blocks devices from connecting to these destinations, saving your organization the work of manually compiling and maintaining its own list.
Continuous identity risk analysis
The identity risk engine uses machine learning to continuously evaluate user behavior. Network anomaly events are detected when a Gateway user's network usage pattern is not consistent with past behavior. When an unusual network event is detected, Gateway can dynamically override the user's network access control policy and block the connection.
Segmented private network access
You can install
Gateway Connectors
on-premises and on private cloud networks to provide network access to remote devices without changing network topology or routing, and without opening firewall holes for incoming traffic. Access through Gateway offers strong isolation; only the parts of the network you choose are exposed to endpoints, and endpoints are not exposed to the whole private network.
Support for IP-pinned services
Most SaaS applications allow source IP pinning to limit access only to connections from a specific range of trusted IP addresses. By limiting users to connections only through trusted entry points, organizations have an additional level of verification that the user is entitled to use the service. Your organization may already use this method to limit access to a SaaS application to connections from IP address used by devices connected to your organization's network. For users working remotely without using
BlackBerry Gateway
, this means that all traffic between remote devices and a SaaS application must travel over VPN to your network and then to the SaaS application.
BlackBerry Gateway
allows you to reserve Gateway IP addresses that are dedicated to your organization. You can use these IP addresses for source IP pinning in addition to your organization's IP addresses, providing the same level of security without requiring remote users to be connected to your organization's VPN.
Split tunneling
You can allow remote users to connect to safe public Internet sites directly over the Internet without tunneling through
BlackBerry Gateway
.
Industry-leading tunnel technology
BlackBerry Gateway
provides advanced layer 3 encryption for IP tunnels carrying TCP, UDP, and ICMP traffic.
Windows 10
and
macOS
 support
The
Gateway
Agent installed on devices sends traffic through the tunnel to
BlackBerry Gateway
and provides users with connection statistics and status information and the ability to disable work mode and stop using Gateway for connections.
Cloud-based unified management console
You can manage policies,
Gateway Connectors
, users, and groups and monitor traffic using the same cloud-based management console shared by other
BlackBerry
Unified Endpoint Security products.
Integration with
BlackBerry
UES products
BlackBerry Gateway
is integrated with other
BlackBerry
Unified Endpoint Security products.
BlackBerry
UES products share a management console and work together to provide an AI-powered solution for Zero Trust across the spectrum of networks, devices, apps, and people.
Monitor network access and traffic patterns
The Gateway dashboard in the management console displays multiple widgets that show connections, usage patterns, and alerts to help you monitor network traffic.