Blackberry Admins - a question?
Discussion
If we had a dedicated server to install Blackberry Express server on (VM so this part is easy), how complicated is the setup and removal process?
I'm trying to get an idea how easy/practical it would be from the IT side of things to trial Blackberry should our mobile provider let us do so.
Thanks.
I'm trying to get an idea how easy/practical it would be from the IT side of things to trial Blackberry should our mobile provider let us do so.
Thanks.
manic47 said:
It's very easy to install - when you are finished just kill the BES box, and delete the BES account you were using to access the mailboxes.
Thanks, bit of a lazy b
d approach I appreciate, but so long as I know that I can RTFM if/when the time actually comes that's good enough.OK so the feedback that seems to be coming back from within the business is that Nokia's are crap and so is Vodafone and the people who have used Blackberry's want Blackberry's.
From what I can see, the free Express Server software looks to do what we want, which is nothing special, just to be able to do basic management of devices, remote wipe etc. as well as pushing out applications (though I have no idea what applications yet).
I know data is encrypted over the air to Blackberry's, is it encrypted on the device, or more to the point, if someone loses their phone, before you're able to remote wipe it, what's the scope for someone to pilfer data off it? Their website suggests phone contents and even add-in media cards are/can be encrypted?
Also I've had feedback that the Nokia hands free/in-car is crap, something long the lines of voice dialling being useless and if you have a mandatory PIN set, you have to unlock the phone even in a car kit if you want to make a call?
From what I can see, the free Express Server software looks to do what we want, which is nothing special, just to be able to do basic management of devices, remote wipe etc. as well as pushing out applications (though I have no idea what applications yet).
I know data is encrypted over the air to Blackberry's, is it encrypted on the device, or more to the point, if someone loses their phone, before you're able to remote wipe it, what's the scope for someone to pilfer data off it? Their website suggests phone contents and even add-in media cards are/can be encrypted?
Also I've had feedback that the Nokia hands free/in-car is crap, something long the lines of voice dialling being useless and if you have a mandatory PIN set, you have to unlock the phone even in a car kit if you want to make a call?
Thanks, really appreciate that. The OTA encryption is good to know, but the main thing is that you can encrypt all the data stored on the thing - we do this on all laptops yet you can have a smartphone with a 32gb micro-SD and god alone knows how much could be on that if you go and lose it...
BBM is a new one on me as I've not really gotten in depth yet, it's basically Blackberry to Blackberry IM though isn't it? Is it free between your "site" or can you IM anyone with a Blackberry free of charge?
My one concern so far is our VPN (Juniper SSL) but from what I can see so far, it has it's own VPN of sorts built into the phones and BES?
BBM is a new one on me as I've not really gotten in depth yet, it's basically Blackberry to Blackberry IM though isn't it? Is it free between your "site" or can you IM anyone with a Blackberry free of charge?
My one concern so far is our VPN (Juniper SSL) but from what I can see so far, it has it's own VPN of sorts built into the phones and BES?
Wow, that VPN could be the killer (in the good sense) blow. Looks like it's available in BES Express too.
Is it a proper IP level VPN i.e. could you use Citrix/TS over it?
I'm also liking the idea of being able to route browsing via our firewalls as one of the issues we've had in the past is huge data bills and (apparently) no way of getting visibility of who did what and when from the current network provider.
How do the usernames/passwords work too, is it all AD integrated so when you access, say, files via the inbuilt VPN it passes through your credentials for username/password?
Seems like Blackberry are the only company who seem to have sat down and thought "What do IT people want from a smartphone?" and who have also come up with something that the users seem to like judging from the feedback I've had so far.
Is it a proper IP level VPN i.e. could you use Citrix/TS over it?
I'm also liking the idea of being able to route browsing via our firewalls as one of the issues we've had in the past is huge data bills and (apparently) no way of getting visibility of who did what and when from the current network provider.
How do the usernames/passwords work too, is it all AD integrated so when you access, say, files via the inbuilt VPN it passes through your credentials for username/password?
Seems like Blackberry are the only company who seem to have sat down and thought "What do IT people want from a smartphone?" and who have also come up with something that the users seem to like judging from the feedback I've had so far.
Ordinary_Chap said:
paddyhasneeds said:
Wow, that VPN could be the killer (in the good sense) blow. Looks like it's available in BES Express too.
Is it a proper IP level VPN i.e. could you use Citrix/TS over it?
I'm also liking the idea of being able to route browsing via our firewalls as one of the issues we've had in the past is huge data bills and (apparently) no way of getting visibility of who did what and when from the current network provider.
How do the usernames/passwords work too, is it all AD integrated so when you access, say, files via the inbuilt VPN it passes through your credentials for username/password?
Seems like Blackberry are the only company who seem to have sat down and thought "What do IT people want from a smartphone?" and who have also come up with something that the users seem to like judging from the feedback I've had so far.
Blackberry are still by a huge margin the most effective business devices and are loved by the majority.Is it a proper IP level VPN i.e. could you use Citrix/TS over it?
I'm also liking the idea of being able to route browsing via our firewalls as one of the issues we've had in the past is huge data bills and (apparently) no way of getting visibility of who did what and when from the current network provider.
How do the usernames/passwords work too, is it all AD integrated so when you access, say, files via the inbuilt VPN it passes through your credentials for username/password?
Seems like Blackberry are the only company who seem to have sat down and thought "What do IT people want from a smartphone?" and who have also come up with something that the users seem to like judging from the feedback I've had so far.
The VPN is a secured connection that will ensure data services off the device remain encrypted end-to-end (bes to device and back). As of running citrix/ts over it I've not tried it but I can get to internal servers using my device and also things like internal websites (intranets etc) and I know there are ts clients for BB.
You can also do things like make internal file shares available to the devices for accessing and editing documents and the like.
As for usernames, the device can be secured with passwords and once the device is unlocked it will communicate with the network like it's plugged in directly.
If by passwords you mean to go through a proxy, it is supported in most configurations. So when the user tries to access a website the device can be prompt for a AD account and password.
Getting the device through the proxy is a killer feature though that only Blackberry have nailed.
t).By "passwords" what I meant is Joe Bloggs has a domain account, let's say it's "DOMAIN\Joe Bloggs". When the Blackberry accesses files or anything NTLM/domain aware back at base, how transparent is it that the blackberry client and person connecting is "DOMAIN\Joe Bloggs"?
Thanks, that is a bit of a black mark as we (rightly or wrongly) do use file shares not a CMS/sharepoint, and it would be useful to be able to access shares with distinct user permissions rather than having to add the BES service account all over the place.
Still, on the whole that doesn't seem terrible, it's potentially a huge step forward.
Still, on the whole that doesn't seem terrible, it's potentially a huge step forward.
MuffDaddy said:
We added single sign on in to 5.0.2 and just released BES Express for Donino this week. 5.0.2 also allows dual persona, a single device can carry a work and personal email for example and you can wipe just the corporate data when the person leaves.
I have some slides showing end to end communications including encryption and others on the benefits of BES and BES Express. To the OP, drop me a PM if you have some specific BlackBerry questions.
Thanks, PM sent.I have some slides showing end to end communications including encryption and others on the benefits of BES and BES Express. To the OP, drop me a PM if you have some specific BlackBerry questions.
OK so from a chat with Blackberry today most of my questions appear to be answered.
One interesting point that was raised is that Blackberry apparently compress data sent between the BES and your phone, the implication being you use less data, but they don't seem to have that stated in writing anywhere.
I wondered if anyone's any experience/evidence of that claim as the potential for reduced data bills is potentially appealing.
One interesting point that was raised is that Blackberry apparently compress data sent between the BES and your phone, the implication being you use less data, but they don't seem to have that stated in writing anywhere.
I wondered if anyone's any experience/evidence of that claim as the potential for reduced data bills is potentially appealing.
Sucks that this is so difficult to prove - the idea of being able to say "our data bills will be a third less" is clearly appealing, but if there's little to back it up, and the things use more data to begin with because they're "always on" it seems the data bills could increase, so we'd want to understand that a little better.
One thing I forgot to ask, and not a show stopper but I believe you can't do tethering with Blackberry, at least not in a simple, supported way?
One thing I forgot to ask, and not a show stopper but I believe you can't do tethering with Blackberry, at least not in a simple, supported way?
Thanks for that link, quite interesting. I may be being a little paranoid on the data side of thing. I've had zero involvement in our current mobile contract but I know one of our guys managed to run up a £1000 data bill. I don't know how and my first question was "How the fk are we on a contract that let's someone do that?", but that side of things isn't my call, I'm just trying to get us the right balance of what my users want and what I (as an IT admin) want.
k are we on a contract that let's someone do that?", but that side of things isn't my call, I'm just trying to get us the right balance of what my users want and what I (as an IT admin) want.Incidentally, and I may have asked this in the past, but what do you all do about allowing people to use their personal phones with things such as Activesync?
I'm not particularly paranoid about over-the-air security as we use SSL, but I am conscious that it's easy to download a bunch of corporate data to a device we have no control over.
When we discuss it "the business" may just decide "no non-corporate devices" but personally I'd be interested in a safe/simple option for those who did wish to do so, but I don't really want to open the floodgates and end up supporting a myriad of versions of iOS, Android, Symbian etc.
I'm not particularly paranoid about over-the-air security as we use SSL, but I am conscious that it's easy to download a bunch of corporate data to a device we have no control over.
When we discuss it "the business" may just decide "no non-corporate devices" but personally I'd be interested in a safe/simple option for those who did wish to do so, but I don't really want to open the floodgates and end up supporting a myriad of versions of iOS, Android, Symbian etc.
OK well from all the homework I've done the consensus seems to be that whilst our purchasing folks are looking at commercials of renewing any contract we should try and get some handsets on trial and I'll set a BESx and we'll see how it works - shouldn't be too hard as apparently mobile vendors are pretty much begging us for the business.
One question I have been asked and just can't find answered, is can you access other calendar's using Blackberry i.e. PA accessing the boss's and so on?
One question I have been asked and just can't find answered, is can you access other calendar's using Blackberry i.e. PA accessing the boss's and so on?
Thanks, the plan is a single VM for BES with SQL Express but I'll most likely look at manually setting SQL RAM usage - there's a SAN/server refresh going on right now and once that's done CPU and RAM won't be an issue anyway.
The plan when would be to use the newest 5.02 as I believe stuff like SSO and the number of policies has increased from previous versions.
The plan when would be to use the newest 5.02 as I believe stuff like SSO and the number of policies has increased from previous versions.
Right, got the Blackberry's and installed BES.
Surprisingly trouble free except I encountered this:
http://www.blackberry.com/btsc/search.do?cmd=displ...
Which isn't Blackberry's fault.
It's been a manic day so I may play with this thing tonight or I may just wait until tomorrow. One thing that is bugging me though, is that the BB shows 15 unread messages, but I've been logged into my PC via our VPN and have dealt with a ton of messages - so how come it shows 15 unread when in Outlook there aren't? I'd assumed it would sync itself up a little like IMAP?
Any hints/tips on the "Oh you must try this" stuff would be good as the folks from the vendor who lent us the kit are coming out tomorrow to see us so it would be good to be in a position of (some) knowledge on how the things work from a user perspective.
Oh, and I can see all my Outlook folders, so if I go into an obscure one how can I force it to download the last X or X days messages?
Thanks!
Surprisingly trouble free except I encountered this:
http://www.blackberry.com/btsc/search.do?cmd=displ...
Which isn't Blackberry's fault.
It's been a manic day so I may play with this thing tonight or I may just wait until tomorrow. One thing that is bugging me though, is that the BB shows 15 unread messages, but I've been logged into my PC via our VPN and have dealt with a ton of messages - so how come it shows 15 unread when in Outlook there aren't? I'd assumed it would sync itself up a little like IMAP?
Any hints/tips on the "Oh you must try this" stuff would be good as the folks from the vendor who lent us the kit are coming out tomorrow to see us so it would be good to be in a position of (some) knowledge on how the things work from a user perspective.
Oh, and I can see all my Outlook folders, so if I go into an obscure one how can I force it to download the last X or X days messages?
Thanks!
Edited by paddyhasneeds on Monday 22 November 19:03
Christ on a bike I may be easily impressed but I'm impressed.
Looks like using the default policies all internet traffic is going through our BES as I got our block page, which surprised/shocked me hugely!
Also file shares are "just there", you type it in and it's accessible, and I can open documents
One slight annoyance is that it prompts for credentials per shared folder/UNC path, though it does appear to remember them for that particular location, oh and our Intranet seems to ignore the "remember password" option in the browser, but I suspect that can be tuned and I'm trying to run before I've crawled.
I'm sure over the next 30 days I'll be back with some gripes but this is very impressive all things considered i.e. how little I've actually had to do as an Administrator.
Looks like using the default policies all internet traffic is going through our BES as I got our block page, which surprised/shocked me hugely!
Also file shares are "just there", you type it in and it's accessible, and I can open documents
One slight annoyance is that it prompts for credentials per shared folder/UNC path, though it does appear to remember them for that particular location, oh and our Intranet seems to ignore the "remember password" option in the browser, but I suspect that can be tuned and I'm trying to run before I've crawled.I'm sure over the next 30 days I'll be back with some gripes but this is very impressive all things considered i.e. how little I've actually had to do as an Administrator.
Thanks. Tbh our Intranet is st, and I mean it's really st and should be condemned/replaced in the next six months or so with any luck, so I won't worry too much about that for the time being.
OS6, I'll ask about that tomorrow. The 9300 seems capable of running it, but I'm curious what you mean by "not the full version"? This says it's v5.0.0.832 (Platform 6.3.0.31).
I now have it running via my home wireless and I can open office documents, send meeting requests, all sorts.
Do you know if you can set it so when you're typing a password it briefly shows the last character you typed? I'm still learning the keyboard function keys and it's a bit of a faff wondering if you hit shift or alt or quite what exactly. I will RTFM at some point
Sorry if I sound like a small child, I know this is all kids play technically speaking but the way it all works so seamlessly on something so small is very impressive vs. "boot device, connect to internet, launch VPN client, login etc".
t, and I mean it's really st and should be condemned/replaced in the next six months or so with any luck, so I won't worry too much about that for the time being.OS6, I'll ask about that tomorrow. The 9300 seems capable of running it, but I'm curious what you mean by "not the full version"? This says it's v5.0.0.832 (Platform 6.3.0.31).
I now have it running via my home wireless and I can open office documents, send meeting requests, all sorts.
Do you know if you can set it so when you're typing a password it briefly shows the last character you typed? I'm still learning the keyboard function keys and it's a bit of a faff wondering if you hit shift or alt or quite what exactly. I will RTFM at some point
Sorry if I sound like a small child, I know this is all kids play technically speaking but the way it all works so seamlessly on something so small is very impressive vs. "boot device, connect to internet, launch VPN client, login etc".
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff