BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 11-30-2009, 04:02 AM   #1 (permalink)
New Member
 
Join Date: Aug 2009
Model: 8800
PIN: N/A
Carrier: TIM
Posts: 6
Post Thanks: 0
Thanked 0 Times in 0 Posts
Question BES 4.1 - Pull Access Rules

Please Login to Remove!

Hello,

I have to configure access control rules to allow Internet access, through a proxy server, but I've also to disallow access to our internal servers, for security reasons.

So I'm trying to write the needed rules but I noticed that BES 4.1, unlike the 4.0 version, doesn't allow the usage of regular expression.

In fact, every special char it is converted to its plain text format. For example "\w" is converted to "\\w" or "^" to "\^".

In my opinion, the convertion has done by the BlackBerry Manager GUI because regular expressions defined on the previous version were correctly imported during the upgrade.

Can you help me to understand how can write complex rules, taking into account also that rules are evaluated independently by their position (deny seems to wins over all, even if there's a more specific allow rule)?

Should I try to write the rules writing them on the Manager and then modifying the respective fields directly on SQL DB? I tryed this solution on a test environment but, although it seems to work fine, it doesn't seems to me the right way....

Thanks.
Offline  
Old 11-30-2009, 11:59 AM   #2 (permalink)
BlackBerry Extraordinaire
 
Join Date: Mar 2007
Model: Z10
OS: 10.1.0.19
Carrier: Fido
Posts: 1,068
Post Thanks: 6
Thanked 30 Times in 29 Posts
Default

Read this as it may help:
View Document
Offline  
Old 11-30-2009, 04:25 PM   #3 (permalink)
New Member
 
Join Date: Aug 2009
Model: 8800
PIN: N/A
Carrier: TIM
Posts: 6
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thank you very much but as you can see, the document reports a different procedure for each of the two BES version 4.0 and 4.1.
In the second one, unlike the 4.0 version, the Manager doesn't admit regular expression but only the usage of "*" char.
And this is not enough for me that have to configure more complex rules in order to both give Internet access and blocking traffic to internal servers.
I can confirm that also today I tryed to modify the rules directly on the SQL server, of our test environment, and regular expressions worked fine.
So this restriction seems to be introduced by the GUI.
Another problem is that it's not clear to me how rules are evaluated. "Deny" seems to win over all, even if there is a more specific "allow" rule. Strange overall is the fact that rules are evaluated independently of their position.

I'm seriously taking into account to use a firewall to control the traffic, but in this case I'll loose the possibility to make user based access control.

So, other suggestions are still welcome.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.