BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 01-31-2008, 10:50 AM   #1 (permalink)
New Member
 
Join Date: Nov 2007
Model: 8830
PIN: N/A
Carrier: Verizon
Posts: 6
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Blackberry Network Access

Please Login to Remove!

Hey guys,

I have a simple question that I can't seem to find a simple answer for.

How, exactly, does a Blackberry device gain access to my corporate network. I know the data is encrypted but how does it initiate the actual tunnel? How are users able to gain access to internal network resources? Can I block this and allow only Exchange access without resorting to a DMZ type situation?

Also, what is RIMs actually involvement in communications between a device and my BES? Does all data flow through a RIM server?

Thanks
Offline  
Old 01-31-2008, 11:16 PM   #2 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,632
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

moving to BES Admin Corner ...
Offline  
Old 01-31-2008, 11:23 PM   #3 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,632
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Welcome to the forums!

Quote:
How, exactly, does a Blackberry device gain access to my corporate network.
I know the data is encrypted but how does it initiate the actual tunnel?
It doesn't initiate a tunnel with your network; but rather it initiates a connection to your carrier which hands it off to RIM. RIM's NOC has a connection to your BES (the port 3101 outbound-initiated hole in your firewall) ... RIM's NOC bridges the connection; hence the reason you don't need any specific inbound ports to your firewall opened.

Quote:
How are users able to gain access to internal network resources?
For things other than your corporate mail environment it uses MDS (Mobile Data System; previously called Mobile Data Service) ... search here or at RIM's site for more info on MDS.

Quote:
Can I block this and allow only Exchange access without resorting to a DMZ type situation?
Absolutely. You can disable MDS on each and every device.

Quote:
Also, what is RIMs actually involvement in communications between a device and my BES? Does all data flow through a RIM server?
RIM is handler / validator. RIM routes traffic to/from your BES to/from your HH (via the Internet & your carrier's network) ... it also validates and identifies your BES with the SRP key & identifier.

Any traffic between your BES & your HH (after you have activated is encrypted using either the 3DES or AES encryption key generated during activation (or a key used that later replaced the original).
Offline  
Old 02-01-2008, 08:11 AM   #4 (permalink)
New Member
 
Join Date: Nov 2007
Model: 8830
PIN: N/A
Carrier: Verizon
Posts: 6
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Great, thanks for the info. That helps a lot. These forums are great.
Offline  
Old 02-01-2008, 09:02 AM   #5 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,632
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Glad to help and glad to have you here!

How did you get an 8300 with Verizon?????
Offline  
Old 02-01-2008, 11:06 AM   #6 (permalink)
New Member
 
Join Date: Nov 2007
Model: 8830
PIN: N/A
Carrier: Verizon
Posts: 6
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

My bad, we actually use the 8830.
Offline  
Old 02-05-2008, 07:30 AM   #7 (permalink)
New Member
 
sudhirblgupta's Avatar
 
Join Date: Feb 2008
Model: 7100g
PIN: N/A
Carrier: Mobile
Posts: 12
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

hi...
I am new with Black Berry and I need one help. Any buddy tell me how I can get original packet from server side to client side without any encryption.

please help me its urgent.
Offline  
Old 02-05-2008, 07:35 AM   #8 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,632
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Please don't double post your questions; please also don't hijack someone elses thread.
Offline  
Old 02-05-2008, 07:37 AM   #9 (permalink)
BBF War Game Mod
 
Jadey's Avatar
 
Join Date: Oct 2006
Location: Denver CO
Model: Z10
OS: 10010614
PIN: SEEKRIT innit
Carrier: AT&T
Posts: 4,294
Post Thanks: 9
Thanked 29 Times in 23 Posts
Default

Quote:
Originally Posted by sudhirblgupta View Post
hi...
Any buddy tell me how I can get original packet from server side to client side without any encryption
Original packet? From server side to client side?

I am trying to think of ANY packet of data that BES sends to a client. At least in Domino world, the communication is from DOMINO-BES server to DOMINO Mail server. The BES does not talk to a client. Unless by "client" you mean BB and not the notes/exchange client.

Please could you fully explain what you are trying to do? Ta!
__________________
Jadey : Groupware Infrastructure Architect, Denver CO
If I'm not here, I'm playing World's End on FaceBook. Mob/Mafia Wars are SOO last year
Offline  
Old 02-05-2008, 07:38 AM   #10 (permalink)
BBF War Game Mod
 
Jadey's Avatar
 
Join Date: Oct 2006
Location: Denver CO
Model: Z10
OS: 10010614
PIN: SEEKRIT innit
Carrier: AT&T
Posts: 4,294
Post Thanks: 9
Thanked 29 Times in 23 Posts
Default

Quote:
Originally Posted by hdawg View Post
Please don't double post your questions; please also don't hijack someone elses thread.
Agreed, I shouldn't have responded to the question in this thread either, sorry mods!
__________________
Jadey : Groupware Infrastructure Architect, Denver CO
If I'm not here, I'm playing World's End on FaceBook. Mob/Mafia Wars are SOO last year
Offline  




Copyright 2004-2016 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.