BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 11-16-2009, 11:09 PM   #1 (permalink)
Knows Where the Search Button Is
 
Join Date: Jun 2006
Model: 8700
Carrier: Rogers
Posts: 22
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Wi/Fi policy in BES

Please Login to Remove!

We were planning to rollout the new Bold to our corporate users. Currently we are running BES v4.3.

We would like to control the WiFi features and our security department only allows the WiFi enabled if we can only enable WPA2.

I checked the current BES policy and I think the only option I have is enabling the PSK. However, from what I read, PSK allows WPA and WPA2.

Does anyone know whether it can only enable WPA2 thru BES policy? What about the newer version v5?

Thanks in advance
Offline  
Old 11-17-2009, 10:04 AM   #2 (permalink)
BlackBerry Extraordinaire
 
Join Date: Jan 2006
Model: LEZ10
OS: 10.0.10
Carrier: Rogers CA
Posts: 1,704
Post Thanks: 20
Thanked 77 Times in 68 Posts
Default

I think your security department doesn't understand what the BES is providing to them. The type of encryption used on the Wi-Fi access point is only important to communications that don't travel via the BES. The BES uses DES3 or AES (or only AES is you set it up that way) and RSA. Much superior to WPA2 using pre-shared keys.

The WPA2 (or WPA or WEP for that matter) only encrypt the "over the air" portion of the Wi-Fi communications. From the access point, through the internet to the final destination would all be plain text (unless using SSL/TLS). The BES nicely takes care of this by providing encryption end to end from the Blackberry device to the BES server regardless of how it is carried.
__________________
My other Blackberry is a PlayBook.
Offline  
Old 11-17-2009, 09:29 PM   #3 (permalink)
Knows Where the Search Button Is
 
Join Date: Jun 2006
Model: 8700
Carrier: Rogers
Posts: 22
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thank you for the info.

I will bring it up to our security team.
Offline  
Old 11-21-2009, 12:05 AM   #4 (permalink)
Knows Where the Search Button Is
 
Join Date: Jun 2006
Model: 8700
Carrier: Rogers
Posts: 22
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I spoke to the security department as well, trying to convince the management. Unforunately, they want it restrict WiFi option. They do however, allows WPA and WPA2 only.

I tried it at the IT Policy, as well in the WLAN Policy. But I couldn't get it working.

I can disable WLAN option displaying on the device. I can also restrict user on creating WLAN profile.

But I can't restrict user to pick PSK only even I have select the security type to 'PSK'.

Please advice, Thx
Offline  
Old 11-21-2009, 03:11 PM   #5 (permalink)
BlackBerry God
 
penguin3107's Avatar
 
Join Date: Jan 2005
Model: iOS 5
Carrier: VZW
Posts: 11,701
Post Thanks: 1
Thanked 237 Times in 219 Posts
Default

What you are looking to do is not an option. Frankly, it doesn't even make much sense.
__________________
BCSA
BES 5.0.3 MR4 :-: Exchange 2007 SP3 RU3
http://port3101.org
Offline  
Old 11-21-2009, 04:52 PM   #6 (permalink)
Knows Where the Search Button Is
 
Join Date: Jun 2006
Model: 8700
Carrier: Rogers
Posts: 22
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

What's the WLAN and IT Policy | WLAN settings are for?

There are options in the policy to restrict the selection (like PSK, Open security etc) but it can't be implement.

Thanks
Offline  
Old 11-21-2009, 09:10 PM   #7 (permalink)
BlackBerry God
 
penguin3107's Avatar
 
Join Date: Jan 2005
Model: iOS 5
Carrier: VZW
Posts: 11,701
Post Thanks: 1
Thanked 237 Times in 219 Posts
Default

Those policy settings are for the auto-configuration of a single WiFi connection by the BES administrator.
It's a way to setup a WiFi connection on the device so that the user doesn't need to do it manually.

You're misunderstanding the policy settings.
__________________
BCSA
BES 5.0.3 MR4 :-: Exchange 2007 SP3 RU3
http://port3101.org
Offline  
Old 11-25-2009, 02:56 PM   #8 (permalink)
Thumbs Must Hurt
 
siemp's Avatar
 
Join Date: May 2005
Location: Amsterdam
Model: 9000
Carrier: Vodafone
Posts: 65
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by penguin3107 View Post
Those policy settings are for the auto-configuration of a single WiFi connection by the BES administrator.
It's a way to setup a WiFi connection on the device so that the user doesn't need to do it manually.

You're misunderstanding the policy settings.
Thanks for the clarification. I misunderstood the policy as well. In my company I was looking for a way to prohibit acces to open wifi.
Ah well , such is life
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.