[jjann]

Hey guys,

I have a simple question that I can't seem to find a simple answer for.

How, exactly, does a Blackberry device gain access to my corporate network. I know the data is encrypted but how does it initiate the actual tunnel? How are users able to gain access to internal network resources? Can I block this and allow only Exchange access without resorting to a DMZ type situation?

Also, what is RIMs actually involvement in communications between a device and my BES? Does all data flow through a RIM server?

Thanks

[hdawg]

moving to BES Admin Corner ...

[hdawg]

Welcome to the forums!

Quote:

How, exactly, does a Blackberry device gain access to my corporate network.
I know the data is encrypted but how does it initiate the actual tunnel?

It doesn't initiate a tunnel with your network; but rather it initiates a connection to your carrier which hands it off to RIM. RIM's NOC has a connection to your BES (the port 3101 outbound-initiated hole in your firewall) ... RIM's NOC bridges the connection; hence the reason you don't need any specific inbound ports to your firewall opened.

Quote:

How are users able to gain access to internal network resources?

For things other than your corporate mail environment it uses MDS (Mobile Data System; previously called Mobile Data Service) ... search here or at RIM's site for more info on MDS.

Quote:

Can I block this and allow only Exchange access without resorting to a DMZ type situation?

Absolutely. You can disable MDS on each and every device.

Quote:

Also, what is RIMs actually involvement in communications between a device and my BES? Does all data flow through a RIM server?

RIM is handler / validator. RIM routes traffic to/from your BES to/from your HH (via the Internet & your carrier's network) ... it also validates and identifies your BES with the SRP key & identifier.

Any traffic between your BES & your HH (after you have activated is encrypted using either the 3DES or AES encryption key generated during activation (or a key used that later replaced the original).

[jjann]

Great, thanks for the info. That helps a lot. These forums are great.

[hdawg]

Glad to help and glad to have you here!

How did you get an 8300 with Verizon?????

[jjann]

My bad, we actually use the 8830.

[sudhirblgupta]

hi...
I am new with Black Berry and I need one help. Any buddy tell me how I can get original packet from server side to client side without any encryption.

please help me its urgent.

[hdawg]

Please don't double post your questions; please also don't hijack someone elses thread.

[Jadey]

Quote:

Originally Posted by sudhirblgupta

hi...
Any buddy tell me how I can get original packet from server side to client side without any encryption

Original packet? From server side to client side?

I am trying to think of ANY packet of data that BES sends to a client. At least in Domino world, the communication is from DOMINO-BES server to DOMINO Mail server. The BES does not talk to a client. Unless by "client" you mean BB and not the notes/exchange client.

Please could you fully explain what you are trying to do? Ta!

[Jadey]

Quote:

Originally Posted by hdawg

Please don't double post your questions; please also don't hijack someone elses thread.

Agreed, I shouldn't have responded to the question in this thread either, sorry mods!