Skip to content
Help and manuals  >  Enterprise services  >  BlackBerry UEM Cloud  >  Architecture and data flows

BlackBerry UEM Cloud Architecture and data flows

The BlackBerry UEM Cloud architecture was designed to help you manage mobile devices for your organization in a cloud environment and provide a secure link for data to travel between your organization's mail and content servers and your user's devices.

Architecture: BlackBerry UEM Cloud solution


Diagram showing the elements used in the BlackBerry UEM solution

Component

Description

BlackBerry UEM Cloud

BlackBerry UEM Cloud is a service that allows you to manage devices used in your organization's environment.

BlackBerry Connectivity Node

The BlackBerry Connectivity Node is an optional component that you install inside your organization's firewall. It includes four components that add functionality to BlackBerry UEM Cloud:

  • The BlackBerry Cloud Connector connects your company directory to BlackBerry UEM Cloud to allow basic attribute synchronization, search functionality, and user authentication services. If you don't install the BlackBerry Connectivity Node you must create local user accounts in BlackBerry UEM Cloud instead of using the user accounts in your company directory.
  • The BlackBerry Gatekeeping Service sends commands to Exchange ActiveSync to add devices to an allowed list when devices are activated on BlackBerry UEM. Unmanaged devices that try to connect to an organization's mail server can be reviewed, verified, and blocked or allowed by an administrator using the BlackBerry UEM management console.
  • BlackBerry Secure Connect Plus provides a secure IP tunnel between work apps on devices and your organization's network. One tunnel that supports standard IPv4 (TCP and UDP) data is established for each device through the BlackBerry Infrastructure.
  • The BlackBerry Secure Gateway Service provides a secure connection through the BlackBerry Infrastructure and BlackBerry UEM to your organization's mail server for iOS devices with MDM controls activations.

The BlackBerry Connectivity Node uses port 3101 to communicate with BlackBerry UEM Cloud.

BlackBerry Infrastructure

The BlackBerry Infrastructure registers user information for device activation and validates licensing information for BlackBerry UEM Cloud. If you enable BlackBerry Secure Connect Plus or the BlackBerry Secure Gateway Service, data in transit that uses these services passes though the BlackBerry Infrastructure.

Devices

BlackBerry UEM Cloud supports BlackBerry 10, iOS, macOS, Android, and Windows devices.

Notification services

BlackBerry UEM Cloud sends notifications to devices to contact BlackBerry UEM for updates and to report information for your organization's device inventory. These notifications are sent to the BlackBerry Infrastructure, where they are sent to the devices using the appropriate notification service:

  • APNs is a service that Apple provides to send notifications to iOS and macOS devices.
  • GCM is a service that Google provides to send notifications to Android devices.
  • WNS is a service that Microsoft provides to send notifications to Windows devices.

Company directory

BlackBerry UEM Cloud supports connectivity with your organization's Microsoft Active Directory or LDAP company directory using the BlackBerry Connectivity Node.

Content, application, and mail servers

When you enable BlackBerry Secure Connect Plus, devices can connect to your organization's servers without requiring you to open a direct connection between the server and the Internet. Work data in transit between your servers and devices is sent through BlackBerry Secure Connect Plus and the BlackBerry Infrastructure.

The BlackBerry Secure Gateway Service provides a secure connection through the BlackBerry Infrastructure and BlackBerry UEM between your organization's mail server for iOS devices with MDM controls activations.

BlackBerry plug-ins

BlackBerry UEM works with additional BlackBerry enterprise products such as BlackBerry Enterprise Identity, BlackBerry 2FA, and BlackBerry Workspaces, to allow you to extend UEM capabilities in your organization.