Blackberry Enterprise Server 33 Скачать руководство пользователя страница 1

Страница: 1 / 207

Policy Reference Guide

BlackBerry Enterprise Server Policy Reference Guide

Version 33

Version: 4.1 | Service Pack: 6

Содержание Enterprise Server 33

Страница 1: ...Policy Reference Guide BlackBerry Enterprise Server Policy Reference Guide Version 33 Version 4 1 Service Pack 6 ...

Страница 2: ...SWDT323212 469781 0930122421 001 ...

Страница 3: ...Initiated Activation With Public BlackBerry MDS Integration Service IT policy rule 20 Lowest BlackBerry MDS Integration Service Security Version Allowed IT policy rule 21 Verify BlackBerry MDS Integration Service Certificate IT policy rule 21 BlackBerry Messenger policy group 22 Disable BlackBerry Messenger IT policy rule 22 Disallow Forwarding Of Contacts IT policy rule 22 Messenger Audit Email A...

Страница 4: ... Disable Address Book Transfer IT policy rule 35 Disable Advanced Audio Distribution Profile IT policy rule 35 Disable Audio Video Remote Control Profile IT policy rule 36 Disable Bluetooth IT policy rule 36 Disable Desktop Connectivity IT policy rule 36 Disable Dial Up Networking IT policy rule 37 Disable Discoverable Mode IT policy rule 37 Disable File Transfer IT policy rule 37 Disable Handsfre...

Страница 5: ...le 47 MDS Browser Style Sheets Enabled IT policy rule 48 MDS Browser Title IT policy rule 48 MDS Browser Use Separate Icon IT policy rule 49 Camera policy group 49 Disable Photo Camera IT policy rule 49 Disable Video Camera IT policy rule 49 Certificate Synchronization policy group 50 Random Source URL IT policy rule 50 User Can Disable Automatic RNG Initialization IT policy rule 50 Common policy ...

Страница 6: ...le 63 Web Link Label IT policy rule 64 Web Link URL IT policy rule 64 Desktop policy group 65 Desktop Allow Desktop Add ins IT policy rule 65 Desktop Allow Device Switch IT policy rule 65 Desktop Password Cache Timeout IT policy rule 66 Disable Check For Updates Link IT policy rule 67 Disable Media Manager IT policy rule 67 Override Check For Updates URL IT policy rule 67 Device IOT Application po...

Страница 7: ...sion IT policy rule 80 Disable Manual Download of External Images IT policy rule 81 Disable Notes Native Encryption Forward And Reply IT policy rule 81 Disable Rich Content Email IT policy rule 82 Enable Wireless Message Reconciliation IT policy rule 82 Inline Content Requests IT policy rule 83 Keep Message Duration IT policy rule 83 Keep Saved Message Duration IT policy rule 83 Maximum Native Att...

Страница 8: ...y group 93 Force Memory Clean When Holstered IT policy rule 93 Force Memory Clean When Idle IT policy rule 94 Memory Cleaner Maximum Idle Time IT policy rule 94 On Device Help policy group 95 On Device Help Links IT policy rule 95 On Device Help Group Label IT policy rule 95 Password policy group 96 Duress Notification Address IT policy rule 96 Forbidden Passwords IT policy rule 96 Maximum Passwor...

Страница 9: ...y rule 109 PGP Universal Enrollment Method IT policy rule 109 PGP Universal Policy Cache Timeout IT policy rule 110 PGP Universal Server Address IT policy rule 110 RIM Value Added Applications policy group 111 Disable BlackBerry Wallet IT policy rule 111 Disable Ecommerce Content Optimization Engine IT policy rule 111 Disable Lotus Connections IT policy rule 111 Lotus Connections Activities Server...

Страница 10: ...d Password Caching IT policy rule 123 Allow Split Pipe Connections IT policy rule 124 Allow Third Party Apps to Use Persistent Store IT policy rule 124 Allow Third Party Apps to Use Serial Port IT policy rule 125 Certificate Status Maximum Expiry Time IT policy rule 125 Content Protection Strength IT policy rule 126 Desktop Backup IT policy rule 126 Disable 3DES Transport Crypto IT policy rule 127...

Страница 11: ...ges IT policy rule 142 Firewall Whitelist Addresses IT policy rule 143 Force Content Protection Of Master Keys IT policy rule 143 Force Include Address Book In Content Protection IT policy rule 144 Force LED Blinking When Microphone Is On IT policy rule 144 Force Lock When Holstered IT policy rule 144 Force Smart Card Two Factor Authentication IT policy rule 145 Force Smart Card Two Factor Challen...

Страница 12: ...e 158 Allow Public IM Services IT policy rule 159 Allow Public WLM Services IT policy rule 159 Allow Public Yahoo Messenger Services IT policy rule 159 SIM Application Toolkit policy group 160 Disable Network Location Query IT policy rule 160 Disable SIM Call Control IT policy rule 160 Disable SIM Originated Calls IT policy rule 161 Smart Dialing policy group 161 Enable Smart Dialing Policy IT pol...

Страница 13: ...alid Connection IT policy rule 172 WTLS Disable Untrusted Connection IT policy rule 172 WTLS Disable Weak Ciphers IT policy rule 173 WTLS Minimum Strong DH Key Length IT policy rule 173 WTLS Minimum Strong ECC Key Length IT policy rule 174 WTLS Minimum Strong RSA Key Length IT policy rule 175 WTLS Restrict FIPS Ciphers IT policy rule 175 3 Application control policy rules 177 Understanding applica...

Страница 14: ...all by User BlackBerry MDS Services rule 189 Allow Push Application Install BlackBerry MDS Services rule 190 Allow Application Delete by User BlackBerry MDS Services rule 190 Allow External Access BlackBerry MDS Services rule 190 Allow Access to Multiple Domains BlackBerry MDS Services rule 191 Queue Limit for Inbound Application Messages BlackBerry MDS Services rule 191 Queue Limit for Outbound A...

Страница 15: ...rd party applications 200 Permit a specific third party application while blocking all other third party applications 201 Controlling the behavior of third party applications 201 Assign a default application control policy to control the behavior of allowed third party applications 201 8 Legal notice 203 ...

Страница 16: ......

Страница 17: ...Bluetooth Disable SIM Access Profile 4 6 Browser Allow Hotspot Browser 4 6 Instant Messaging Disallow File Transfer Types 4 2 Instant Messaging Disable Emailing Conversation 4 1 Instant Messaging Disable Saving Conversation 4 2 PGP Application PGP Allowed Encryption Types 4 6 RIM Value Added Applications Disable BlackBerry Wallet RIM Value Added Applications Disable Lotus Connections RIM Value Add...

Страница 18: ...nterprise Server administrator sets Understanding IT policy rule names and policy group names You can use IT policy rules to control BlackBerry devices and BlackBerry Desktop Software settings in your organization IT policy rules appear in the BlackBerry Administration Service in policy groups Each policy group contains rules that can control common properties or applications on BlackBerry devices...

Страница 19: ...policy rules Devices that are running BlackBerry Built In software can use all the IT policy rules that are associated with the supported features of the specific BlackBerry Built In implementation Devices that are running the BlackBerry Application Suite can use all the IT policy rules that are associated with the supported features of the BlackBerry Application Suite IT policy rules that are ass...

Страница 20: ......

Страница 21: ...ckBerry Device Software Version 4 7 BlackBerry Enterprise Server Version 4 1 SP6 Disable Carrier Directory IT policy rule Description This rule specifies whether to prevent the user from having access to the carrier directory in the application center on the BlackBerry device Default setting The default setting is False Usage Set this rule to True to prevent the user from having access to the carr...

Страница 22: ... Enterprise Server Version 4 1 SP2 Disable MDS Runtime IT policy rule Description This rule specifies whether the BlackBerry MDS Runtime is available on the BlackBerry device Default setting The default setting is False Usage Set this IT policy rule to True to prevent the user from activating the BlackBerry MDS Runtime Minimum requirements Java based BlackBerry device BlackBerry Device Software Ve...

Страница 23: ...ting is 1 Usage Set this IT policy rule to 1 to permit BlackBerry devices that are running BlackBerry MDS Runtime Version 1 1 or later to communicate with all versions of the BlackBerry MDS Integration Service Set this IT policy rule to 2 to permit BlackBerry devices that are running BlackBerry MDS Runtime Version 1 1 or later to communicate with BlackBerry MDS Integration Service Version 4 1 SP2 ...

Страница 24: ...ue to turn off BlackBerry Messenger This might help prevent risks associated with PIN messaging For more information about PIN messaging risks see the BlackBerry Enterprise Solution Security Technical Overview Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 SP2 Disallow Forwarding Of Contacts IT policy rule Descripti...

Страница 25: ...cy rule Description This rule specifies the maximum amount of time in hours between BlackBerry Messenger audit reports sent by the BlackBerry device when there is no new data The permitted range is 1 through 8736 hours Default setting The default setting is 168 hours Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 SP...

Страница 26: ...y device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 SP2 BlackBerry Smart Card Reader policy group For more information about using the BlackBerry Smart Card Reader with computers and BlackBerry devices see the BlackBerry Enterprise Solution Security Technical Overview and the BlackBerry Smart Card Reader Security Technical Overview Disable Auto Reconnect To Bla...

Страница 27: ...ader are deleted after the connection closes Default setting The default setting is False The secure pairing keys are not deleted from the BlackBerry device or the computer Usage If you set this IT policy rule to True the user cannot change this feature on the BlackBerry device Dependencies The BlackBerry device uses this IT policy rule only if the Maximum BlackBerry Disconnect Timeout IT policy r...

Страница 28: ...d from the BlackBerry device Usage If you specify a value the user cannot turn off this timeout but can change the Disconnected Timeout field on the BlackBerry device to a lower value If you do not specify a value the user can change the Disconnected Timeout value to any value Dependencies The setting of this rule affects how the BlackBerry device uses the Force Erase All Keys on BlackBerry Discon...

Страница 29: ...sed BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 SP2 Exceptions The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule Maximum BlackBerry Long Term Timeout IT policy rule Description Thisrulespecifiesthemaximumtime inhours aftertheBlackBerry deviceandtheBlackBerry SmartCardReaderestablish secure pairing inform...

Страница 30: ...rry Smart Card Reader Default setting The default setting is a null value Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Smart Card Reader software Version 1 5 1 BlackBerry Enterprise Server Version 4 0 SP7 Maximum Bluetooth Range IT policy rule Description This rule specifies the maximum power range that the BlackBerry Smart Card Reader uses to...

Страница 31: ...he Bluetooth connection between the BlackBerry device or computer and the BlackBerry Smart Card Reader open and the secure pairing keys present If you specify a value the user cannot turn off the heartbeat period but can change the Connection Heartbeat Period field on the BlackBerry device or computer to a lower value If you do not specify a value the user can change the Connection Heartbeat Perio...

Страница 32: ...ser can change the Number of Transactions field to any value Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 SP2 Exceptions The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule Maximum Number of PC Pairings IT policy rule Description This rule specifies the maximum number of comp...

Страница 33: ... to a lower value If you do not specify a value the user can change the Inactivity Timeout field to any value Minimum requirements BlackBerry Smart Card Reader software Version 1 5 BlackBerry Enterprise Server Version 4 0 SP5 Exceptions The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule Maximum Number of PC Transactions IT policy rule Description This rule s...

Страница 34: ...cify a value the user cannot turn off this timeout but can change the Disconnected Timeout field in the BlackBerry Smart Card Reader options on the computer to a lower value If you do not specify a value the user can change the Disconnected Timeout field to any value Minimum requirements BlackBerry Smart Card Reader software Version 1 5 BlackBerry Enterprise Server Version 4 0 SP5 Exceptions The B...

Страница 35: ...escription This rule specifies the maximum time in seconds after the user removes the smart card from the BlackBerry Smart Card Reader that the secure pairing information is deleted from the BlackBerry device and the BlackBerry Smart Card Reader Default setting The default setting is a null value The secure pairing information is not deleted from the BlackBerry device Usage If you specify a value ...

Страница 36: ...iption This rule specifies whether to prevent applications for the BlackBerry Unite software from running on the BlackBerry device Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software version 4 2 2 BlackBerry Enterprise Server version 4 1 SP6 Bluetooth policy group For more information about Bluetooth security on BlackBerry devic...

Страница 37: ...s book data with supported Bluetooth enabled devices Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 1 BlackBerry Enterprise Server Version 4 0 SP3 Disable Advanced Audio Distribution Profile IT policy rule Description This rule specifies whether a Bluetooth enabled BlackBerry device can use the Bluetooth A2DP Defa...

Страница 38: ... is turned off Default setting The default setting is False Usage If Bluetooth technology is turned on when the BlackBerry device receives this IT policy rule the BlackBerry device must be reset for the change to take effect Minimum requirement Java based BlackBerry device BlackBerry Device Software Version 3 8 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0...

Страница 39: ...Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Disable Discoverable Mode IT policy rule Description This rule specifies whether to prevent BlackBerry device users from making their BlackBerry devices discoverable A BlackBerry device that is discoverable can be found by other Bluetooth enabled devices in range of...

Страница 40: ...tting is False Usage The BlackBerry device uses the Bluetooth HFP to connect to most car kits and some headsets Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 8 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Dev...

Страница 41: ...lt setting The default setting is False Usage After the BlackBerry device pairs with a supported Bluetooth enabled device you can use this IT policy rule to prevent the BlackBerry device from pairing with other Bluetooth enabled devices Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 8 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stac...

Страница 42: ...r Disable SIM Access Profile IT policy rule Disable Wireless Bypass IT policy rule Description This rule specifies whether to prevent the BlackBerry device from using wireless bypass using Bluetooth technology Default setting The default setting is True Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 1 BlackBerry Enterprise Server Version 4 0 SP3 Force CHAP A...

Страница 43: ...ies The BlackBerry device uses this IT policy rule only if the Disable Discovery Mode IT policy rule is set to False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 5 BlackBerry Enterprise Server Version 4 1 SP5 Minimum Encryption Key Length IT policy rule Description This rule specifies the minimum encryption key length in bytes that the BlackBerry device us...

Страница 44: ...device is connected to a Bluetooth enabled device Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Require Password for Discoverable Mode IT policy rule Description This rule specifies whether it is mandatory for the user to type the BlackBerry device password before th...

Страница 45: ...4 0 SP3 Browser policy group IT policy rules in the Browser policy group apply to all browser configurations on the BlackBerry device Allow Application Download Services IT policy rule Description This rule specifies whether application download service icons appear on the BlackBerry device when the wireless service provider assigns a service to the BlackBerry device and the appropriate service bo...

Страница 46: ...ersion 4 6 BlackBerry Enterprise Server Version 4 1 SP6 Allow IBS Browser IT policy rule Description This rule specifies whether a separate icon appears on the BlackBerry device if the appropriate service books are present for BlackBerry Internet Service Browsing Default setting The default setting is True Usage Set this IT policy rule to False to hide the separate browser icon Minimum requirement...

Страница 47: ...Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 internal Download Images URL IT policy rule Description This rule specifies a web address that provides additional pictures for the BlackBerry device Default setting The default ...

Страница 48: ...sed BlackBerry device BlackBerry Device Software Version 4 1 BlackBerry Enterprise Server Version 4 0 SP3 MDS Browser BSM Enabled IT policy rule Description This rule specifies whether the browser session manager is turned on in the BlackBerry Browser Default setting The default setting is True Usage The browser session manager is designed to improve BlackBerry Browser performance by helping the B...

Страница 49: ... ca www yahoo ca Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 MDS Browser HTML Tables Enabled IT policy rule Description This rule specifies whether support for HTML tables is turned on in the BlackBerry Browser Default setting The default setting is False Minimum requirements Java based BlackBerry device Blac...

Страница 50: ...Berry device BlackBerry Device Software Version 4 0 2 BlackBerry Enterprise Server Version 4 0 SP2 BlackBerry Connect Transport Stack Version 4 0 internal MDS Browser Title IT policy rule Description This rule specifies the name that appears on the Home screen for the BlackBerry Browser icon Default setting The default setting is BlackBerry Browser Minimum requirements Java based BlackBerry device...

Страница 51: ...Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Camera policy group Disable Photo Camera IT policy rule Description This rule specifies whether the camera is available on the BlackBerry device Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Disable Video Camer...

Страница 52: ... the BlackBerry device the certificate synchronization tool of the BlackBerry Desktop Manager can use the web address to retrieve random data to add to the BlackBerry device Default setting The default setting is a null value Minimum requirements S MIME Support Package for BlackBerry devices Version 4 0 BlackBerry Desktop Software Version 4 0 BlackBerry Enterprise Server Version 4 0 Exceptions The...

Страница 53: ...ns internal and external connections through the firewall by default Default setting The default setting is a null value Usage Set this IT policy rule to 4 0 to support application control features This IT policy rule is obsolete in BlackBerry Enterprise Server Version 4 1 and later Minimum requirements Java based BlackBerry device that is running BlackBerry Device Software Version 4 0 C based Bla...

Страница 54: ...kBerry devices Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Disable MMS IT policy rule Description This rule specifies whether to prevent the BlackBerry device user from sending and receiving MMS messages Default setting The default setting is False Usage Set this I...

Страница 55: ...cy rule Description This rule specifies whether the voice note recording feature on the BlackBerry device is turned on Default setting The default setting is False Usage Set this rule to True to turn off the voice note recording feature and prevent applications on the BlackBerry device from accessing it Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 3 BlackB...

Страница 56: ...ed using the Set Owner Info IT Policy rule Set this IT policy rule to 2 to lock the text that is defined using the Set Owner Name IT Policy rule Set this IT policy rule to 3 to lock the text that is defined using the Set Owner Info and Set Owner Name IT policy rules You can overwrite this information by sending the Set Owner Information IT administration command to the BlackBerry device Dependenci...

Страница 57: ...ware Version 2 7 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule only for Java based devices Set Owner Name IT policy rule Description This rule specifies the owner name that appears on the BlackBerry device Default setting The default setting is a null value Usage ...

Страница 58: ...k up the BlackBerry device data automatically set this rule to True Automatic backups can help provide recent BlackBerry device data for recovery if you need to replace a lost or stolen BlackBerry device Dependencies The BlackBerry Enterprise Server for Novell GroupWise supports this rule with the BlackBerry Web Desktop Manager only Minimum requirements BlackBerry Desktop Software version 3 5 or B...

Страница 59: ...his rule specifies whether application data that is synchronized with desktop organizer applications is excluded when an automatic backup occurs Default setting The default setting is False Dependencies If you set this rule to True you must set the Auto Backup Include All IT policy rule to False The BlackBerry Enterprise Server for Novell GroupWise supports this rule with the BlackBerry Web Deskto...

Страница 60: ...ange supports this rule in BlackBerry Enterprise Server versions 3 5 and later Auto Backup Include All IT policy rule Description This rule specifies whether all BlackBerry device data is included when an automatic backup occurs Default setting The default setting is True Usage If you set this rule to True in the backup and restore tool options the Backup all device application data option is sele...

Страница 61: ...e Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 5 and later The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule Do Not Save Sent Messages IT policy rule Description This rule specifies whether the BlackBerry device saves a copy of each email message that the user sends in the sent messages folder on the u...

Страница 62: ...the BlackBerry Desktop Manageror BlackBerry Web Desktop Manager automatically checks whether newer versions of the software are available and prompts the user to update the BlackBerry device Dependencies TheBlackBerry EnterpriseServerforNovell GroupWise supportsthisruleonlywiththeBlackBerryWebDesktopManager Minimum requirements BlackBerry Desktop Software version 3 5 or BlackBerry Web Desktop Mana...

Страница 63: ... sets this value Default setting The default setting is True By default the BlackBerry device receives messages from the inbox only Usage When you set this IT policy rule the option changes in the email settings tool of the BlackBerry Desktop Manager Minimum requirements BlackBerry Desktop Software Version 3 5 BlackBerry Enterprise Server Version 4 0 Exceptions The BlackBerry Enterprise Server for...

Страница 64: ... The default setting is a null value Minimum requirements BlackBerry Desktop Software Version 3 5 BlackBerry Enterprise Server Version 4 0 Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 5 and later The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule Show Application Loa...

Страница 65: ...fault web address is set using the Web Link URL IT policy rule Minimum requirements BlackBerry Desktop Software Version 3 5 BlackBerry Enterprise Server Version 4 0 Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 5 and later The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy...

Страница 66: ...quirements Dependencies If you set this IT policy rule for the web link icon to appear you must also set the Show Web Link IT policy rule to True Minimum requirements BlackBerry Desktop Software Version 3 5 BlackBerry Enterprise Server Version 4 0 Exceptions TheBlackBerryEnterpriseServerforMicrosoft Windows supportsthisITpolicyruleinBlackBerryEnterpriseServerVersion 3 5 and later The BlackBerry En...

Страница 67: ...ktop Software can run add in applications such as third party COM based extensions that access the BlackBerry device databases during synchronization Default setting The default setting is True Minimum requirements BlackBerry Desktop Software Version 3 6 SP1 BlackBerry Enterprise Server Version 4 0 Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in B...

Страница 68: ... later Desktop Password Cache Timeout IT policy rule Description This rule specifies the length of time in minutes that the BlackBerry Desktop Software or BlackBerry Web Desktop Manager caches the BlackBerry device password in memory Default setting The default setting is 10 minutes Usage If you set this rule to 0 the BlackBerry device clears the password from memory when the user disconnects the ...

Страница 69: ...ager IT policy rule Description This rule specifies whether the media manager tool of the BlackBerry Desktop Manager is available Default setting The default setting is False Usage Set this IT policy rule to True to permit the user to access an external file system using the media manager tool Minimum requirements Java based BlackBerry device BlackBerry Desktop Software Version 4 2 BlackBerry Ente...

Страница 70: ...g The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Set Diagnostic Report Email Address IT policy rule Description This rule specifies one or more email addresses that should receive diagnostic reports Separate multiple email addresses with a comma Default setting The default setting is...

Страница 71: ...kBerry device that is running BlackBerry Device Software Version 3 6 C based BlackBerry device that is running BlackBerry Device Software Version 2 5 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Versions 1 2 2 0 2 1 4 0 Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 5 or later ...

Страница 72: ...or Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 5 or later The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule only for Java based BlackBerry devices that are running BlackBerry Device Software Version 4 0 or later Allow SMS IT policy rule Description This rule specifies whether users can send SMS text messages Default set...

Страница 73: ...s see the Browser policy group Default setting The default setting is a null value Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 internal Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Ver...

Страница 74: ...es whether a separate icon appears on the BlackBerry device if the appropriate service books are present for the WAP Browser For more information about the browser configurations available on BlackBerry devices see the Browser policy group Default setting The default setting is True Usage Set this IT policy rule to False to turn off the WAP service and hide the WAP Browser icon on the BlackBerry d...

Страница 75: ... running BlackBerry Device Software Version 2 5 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 internal Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 5 or later The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule only for Java based Bla...

Страница 76: ...n change the BlackBerry Browser home page Default setting The default setting is False Minimum requirements Java based BlackBerry device that is running BlackBerry Device Software Version 3 6 C based BlackBerry device that is running BlackBerry Device Software Version 2 5 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 internal Exceptions The BlackBerry Ente...

Страница 77: ...ice password The permitted range is 4 through 14 characters Default setting The default setting is a null value Dependencies The BlackBerry device uses this IT policy rule only if the Password Required IT policy rule is set to True IftheFIPSLevelITpolicyruleissetto2 bydefault theBlackBerrydevicerequiresaminimumpasswordlengthof5characters Minimum requirements Java based BlackBerry device that is ru...

Страница 78: ...hat use a natural sequence of characters or numbers If a symbol is inserted into a natural sequence the BlackBerry device can use the password Minimum requirements Java based BlackBerry device that is running BlackBerry Device Software Version 3 6 C based BlackBerry device that is running BlackBerry Device Software Version 2 5 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport S...

Страница 79: ...tware Version 4 0 or later User Can Change Timeout IT policy rule Description This rule specifies whether the BlackBerry device user can override the security timeout value Default setting The default setting is True Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Versions 1 2 2 0 2...

Страница 80: ...3 5 BlackBerry Connect Transport Stack Versions 1 2 2 0 2 1 4 0 Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Enterprise Server Version 4 0 or later The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule only on Java based BlackBerry devices Documents To Go policy group Disable Documents To Go IT policy rule ...

Страница 81: ...cription This rule specifies whether to hide the premium DataViz Documents To Go features that are not available on BlackBerry devices that are running the standard edition of the Documents To Go application Default setting The default setting is False Dependencies If you set the Disable Documents To Go IT policy rule to True the BlackBerry device ignores this rule Minimum requirements Java based ...

Страница 82: ...vice is connected to the BlackBerry Enterprise Server using the BlackBerry Attachment Connector Setting this rule to False does not prevent downloading or viewing native attachments on the BlackBerry device Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Exceptions The BlackBerry Enterprise Server for Microsoft E...

Страница 83: ...o encrypted email messages from their BlackBerry devices By default BlackBerry device users with support for reading IBM Lotus Domino encrypted email messages on their BlackBerry devices can forward or reply to an encrypted email message which was received decrypted and decompressed on the device The BlackBerry Messaging Agent for IBM Lotus Domino decrypts the email message before the BlackBerry d...

Страница 84: ...efault setting The default setting is True Usage If you set this IT policy rule to True or if it is not part of the IT policy that you assigned to the user by default wireless email reconciliation is turned on for both the BlackBerry device and the BlackBerry Enterprise Server Minimum requirements Java based BlackBerry device that is running BlackBerry Device Software Version 3 6 C based BlackBerr...

Страница 85: ...ration IT policy rule Description Thisrulespecifiesthemaximumtime indays thattheBlackBerry devicekeepsmessages Thepermittedrangeis 1through 180 days Default setting The default setting is 1 The BlackBerry device keeps messages indefinitely Usage Set this IT policy rule to 0 or 1 to keep messages on the BlackBerry device indefinitely Minimum requirements Java based BlackBerry device BlackBerry Devi...

Страница 86: ... size in bytes of a standard attachment that can be uploaded from the BlackBerry device The permitted range is 0 MB through 3 MB Default setting The default setting is 3 MB Minimum requirements Java based BlackBerry device BlackBerry Device Software version 4 2 BlackBerry Enterprise Server version 4 0 SP6 Maximum Native Attachment MFH total attachment size IT policy rule Description This rule spec...

Страница 87: ...it www blackberry com knowledgecenterpublic livelink exe func ll objld 1295085 to read Prevent the BlackBerry Enterprise Server from storing the password for decrypting IBM Lotus Notes encrypted messages Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 3 BlackBerry Enterprise Server Version 4 1 SP5 Prepend Disclaimer IT policy rule Description This rule specif...

Страница 88: ...scription This rule specifies whether the BlackBerry device can use a DTMF call format for outgoing calls if outgoings calls using the protocol format fail due to inadequate wireless coverage levels The DTMF call format uses weaker authentication than the protocol call format Default setting The default setting is False Usage Set this IT policy rule to True to prevent outgoing calls if the protoco...

Страница 89: ...ription This rule specifies whether incoming calls are accepted only if they are sent through the BlackBerry Enterprise Server Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Enterprise Server Version 4 1 SP4 Firewall policy group Restrict Incoming Cellular Calls IT policy rule Description This rule specifies whether the BlackBerry device f...

Страница 90: ... Software Version 4 3 BlackBerry Enterprise Server Version 4 1 SP5 Restrict Outgoing Cellular Calls IT policy rule Description This rule specifies whether the BlackBerry device firewall blocks calls that the user makes unless the calls use a set fixed dialing pattern This IT policy rule does not affect emergency calls Default setting The default setting is a null value Usage Type one or more fixed...

Страница 91: ... BlackBerry Device Software Version 3 6 C based BlackBerry device that is running BlackBerry Device Software Version 2 5 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Versions 1 2 2 0 2 1 4 0 internal Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 5 or later The BlackBerry Enter...

Страница 92: ...olicy rule Description This rule specifies the signature that is attached to outgoing email messages automatically Default setting The default setting is a null value Usage Use this IT policy rule to add a disclaimer to the end of email messages that are sent from the BlackBerry device Minimum requirements BlackBerry Desktop Software Version 3 5 BlackBerry Enterprise Server Version 4 0 obsolete in...

Страница 93: ...on 4 1 SP6 Disable Emailing Conversation IT policy rule Description This rule specifies whether the user can send an instant messaging conversation in an email message from the BlackBerry device Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 1 BlackBerry Enterprise Server Version 4 1 SP6 Disable Saving Conversatio...

Страница 94: ...Berry device user must click Yes when prompted to allow location tracking on the BlackBerry device Default setting The default setting is False The default interval is 15 minutes Usage Set this rule to True to allow the BlackBerry device user to make it mandatory for the BlackBerry device to report its location to the BlackBerry Enterprise Server at regular intervals You can use the Enterprise Loc...

Страница 95: ...erry Enterprise Server The permitted range is 15 through 60 minutes Default setting The default setting is 15 minutes Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 1 BlackBerry Enterprise Server Version 4 1 SP3 Memory Cleaner policy group For more information about cleaning the BlackBerry device memory see the BlackBerry Enterprise Solution Security Techn...

Страница 96: ...on 1 5 BlackBerry Enterprise Server Version 4 0 SP3 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule Memory Cleaner Maximum Idle Time IT policy rule Description This rule specifies the maximum user inactivity time in minutes before the BlackBerry device cleans the memory Default setting The default ...

Страница 97: ... multiple links you should also set the On Device Help Group Label IT policy rule Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 1 BlackBerry Enterprise Server Version 4 0 SP3 On Device Help Group Label IT policy rule Description This rule specifies a label to use for multiple links in the help on the BlackBerry device Default setting The default setting is ...

Страница 98: ...alf Each time that the user types a password to unlock the BlackBerry device the BlackBerry device must confirm whether the password is either the correct password or the correct duress password Default setting The default setting is a null value Usage Set this IT policy rule to allow users to notify your administrators that the BlackBerry device might have been stolen Instruct users on how to use...

Страница 99: ...swords against to prevent reusing old passwords Default setting The default setting is 0 Usage If this IT policy rule is set to 0 password checking is turned off Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Versions 1 2 2 0 2 1 4 0 Exceptions The BlackBerry Enterprise Server for ...

Страница 100: ...he timeout settings on the BlackBerry device Minimum requirements Java based BlackBerry device BlackBerry Device Software version 4 0 BlackBerry Enterprise Server version 4 0 BlackBerry Connect Transport Stack version 4 0 Set Maximum Password Attempts IT policy rule Description This rule specifies the number of password attempts before the BlackBerry device erases all of the application data Defau...

Страница 101: ...t rule to False the user can set the security timeout to any value Minimum requirements Java based BlackBerry device BlackBerry Device Software version 3 6 BlackBerry Enterprise Server version 4 0 BlackBerry Connect Transport Stack versions 1 2 2 0 2 1 4 0 Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 6 and...

Страница 102: ...ization IT policy rule Description This rule specifies whether wireless data synchronization for the address book is turned off on the BlackBerry device Default setting The default setting is False Minimum requirements Java based BlackBerry device that is running BlackBerry Device Software Version 4 0 C based BlackBerry device that is running BlackBerry Device Software Version 2 7 BlackBerry Enter...

Страница 103: ...urned off Default setting The default setting is False Minimum requirements Java based BlackBerry device that is running BlackBerry Device Software Version 4 0 C based BlackBerry device that is running BlackBerry Device Software Version 2 7 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 internal Exceptions The BlackBerry Enterprise Server for Novell GroupWi...

Страница 104: ...ransport Stack Version 4 0 internal Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule only for Java based BlackBerry devices Disable Phone Call Log Wireless Synchronization IT policy rule Description This rule specifies whether wireless data synchronization for call logs is turned off Default setting The default setting is False Minimum requirements Java...

Страница 105: ... rule to False the BlackBerry Enterprise Server logs all SMS text messages in unencrypted format to the specified log file Make sure that the log file is in a location which restricts internal and external user access Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 1 BlackBerry Enterprise Server Version 4 1 Exceptions The BlackBerry Enterprise Server for Nove...

Страница 106: ...cted from the computer during the initial data transfer the BlackBerry Desktop Software sends the remaining data over the wireless network Minimum requirements Java based BlackBerry device that is running BlackBerry Device Software Version 4 0 C based BlackBerry device that is running BlackBerry Device Software Version 2 7 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack...

Страница 107: ...vice is designed to encrypt email messages using Triple DES encryption if it does not know the decryption capabilities available to the recipient Dependencies If the FIPS Level IT policy rule is set to 2 the BlackBerry device uses AES 256 bit AES 192 bit AES 128 bit and Triple DES encryption Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 1 PGP Support Packag...

Страница 108: ...on and conventional encryption Usage Set this rule PGP key based encryption only Set this rule to Conventional encryption only Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 6 BlackBerry Enterprise Server Version 4 1 SP6 PGP Support Package for BlackBerry devices Version 4 0 PGP Blind Copy Address IT policy rule Description This rule specifies an email addre...

Страница 109: ...ver Version 4 0 SP2 Exceptions The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule PGP Force Encrypted Messages IT policy rule Description This rule specifies whether the BlackBerry device sends all PGP protected messages encrypted Default setting The default setting is False Usage If you apply this IT policy rule you might override secure email policy settin...

Страница 110: ...ry Enterprise Server for Novell GroupWise does not support this IT policy rule PGP Minimum Strong DSA Key Length IT policy rule Description This rule specifies the minimum DSA key size in bits to use with PGP protected messages Default setting The default setting is 1024 bits Dependencies Set the Disable Weak Certificate Use IT policy rule to True to prevent users from sending email messages using...

Страница 111: ...rry Enterprise Server for Novell GroupWise does not support this IT policy rule PGP Universal Enrollment Method IT policy rule Description This rule specifies the method that users must use to enroll with the PGP Universal Server from their BlackBerry devices Default setting The default setting is 1 Usage Set this IT policy rule to 1 to prompt users to type their user name and password Set this IT...

Страница 112: ... policy rule PGP Universal Server Address IT policy rule Description This rule specifies the address of your organization s PGP Universal Server The PGP Universal Server applies secure email policies that the PGP Universal Server administrator sets Default setting The default setting is a null value Usage Set this IT policy rule to require the user to register with the PGP Universal Server When re...

Страница 113: ... requirements Java based BlackBerry device BlackBerry Device Software Version 4 6 BlackBerry Enterprise Server Version 4 1 SP6 Disable Ecommerce Content Optimization Engine IT policy rule Description This rule specifies whether to prevent the ecommerce content optimization engine for the BlackBerry Browser from running on the BlackBerry device Default setting The default setting is False Minimum r...

Страница 114: ...n use the specified server address only If you do not set this rule users must specify the server address manually Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 6 BlackBerry Enterprise Server Version 4 1 SP6 Lotus Connections Blogs Server IT policy rule Description This rule specifies the address of the server that hosts the IBM Lotus Connections Blogs comp...

Страница 115: ...BlackBerry Device Software Version 4 6 BlackBerry Enterprise Server Version 4 1 SP6 Lotus Connections Dogear Server IT policy rule Description This rule specifies the address of the server that hosts the IBM Lotus Connections Dogear component Default setting The default setting is a null value Usage If you set this rule users can use the specified server address only If you do not set this rule us...

Страница 116: ...ckage for BlackBerry devices see the S MIME Support Package for BlackBerry Devices Security Technical Overview Entrust Messaging Server EMS Email Address IT policy rule Description This rule specifies the email address for your organization s Entrust Entelligence messaging server Default setting The default setting is a null value Usage Set this IT policy rule to a null value if your organization ...

Страница 117: ... RC2 40 bit To maintain compatibility with most S MIME clients use Triple DES encryption and one of the RC2 algorithms By default the BlackBerry device is designed to encrypt email messages using Triple DES encryption if it does not know the decryption capabilities available to the recipient Dependencies If the FIPS Level IT policy rule is set to 2 the BlackBerry device uses AES 256 bit AES 192 bi...

Страница 118: ...IT policy rule Description This rule specifies the types of encryption that the BlackBerry device can use with S MIME protected messaging Default setting The default setting is Both use certificate based encryption and password based encryption Usage Set this rule to Certificate based encryption only Set this rule to Password based encryption only Minimum requirements Java based BlackBerry device ...

Страница 119: ...t setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 S MIME Support Package for BlackBerry devices Version 1 5 BlackBerry Enterprise Server Version 3 6 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule S MIME Force Encrypted Messages IT policy ru...

Страница 120: ...Support Package for BlackBerry devices Version 1 5 BlackBerry Enterprise Server Version 3 6 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule S MIME Minimum Strong DH Key Length IT policy rule Description This rule specifies the minimum Diffie Hellman key size in bits to use with S MIME protected mes...

Страница 121: ...ackBerry Enterprise Server for Novell GroupWise does not support this IT policy rule S MIME Minimum Strong DSA Key Length IT policy rule Description This rule specifies the minimum DSA key size in bits to use with S MIME protected messages Default setting The default setting is 1024 bits Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 S MIME Support Package...

Страница 122: ...or BlackBerry devices see the S MIME Support Package for BlackBerry Devices Security Technical Overview Canonical Certificate Domain Name IT policy rule Description This rule specifies the domain name used for the email addresses contained in certificates issued within your organization Default setting The default setting is False Usage Consider setting this IT policy rule to True if your organiza...

Страница 123: ...Enterprise Server Version 4 0 SP6 Security policy group Allow External Connections IT policy rule Description This rule specifies whether applications including third party applications can initiate external connections for example to WAP gateways Default setting The default setting is True Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterpri...

Страница 124: ...er The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Device Software Version 4 0 and later Allow Outgoing Call When Locked IT policy rule Description This rule specifies whether users can place calls while the BlackBerry device is locked Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device So...

Страница 125: ...ise Server Version 4 1 SP4 Allow Smart Card Password Caching IT policy rule Description This rule specifies whether the BlackBerry device can cache the smart card password Default setting The default setting is False Usage Set this IT policy rule to True to cache the smart card password for the period of time set by the private key timeout The memory cleaner application deletes the password when t...

Страница 126: ...nnect Transport Stack Version 4 0 Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 6 and later The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Device Software Version 4 0 and later Allow Third Party Apps to Use Persistent Store IT policy rule Description This ru...

Страница 127: ...ports this IT policy rule in BlackBerry Enterprise Server Version 3 6 and later The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Device Software Version 4 0 and later Certificate Status Maximum Expiry Time IT policy rule Description This rule specifies the maximum length of time in hours that a certificate status can remain on the BlackBerry device b...

Страница 128: ...the three settings Dependencies The BlackBerry device uses this IT policy rule only if the Password Required IT policy rule is set to True If you set this IT policy rule to Strong or Stronger set the Minimum Password Length IT policy rule to 12 characters If you set the content protection strength to Strongest instruct the user to set a password of at least 21 characters These password lengths max...

Страница 129: ...setting The default setting is False The BlackBerry device and the BlackBerry Enterprise Server can use the Triple DES algorithm and the AES algorithm to encrypt and decrypt data sent between them Usage Set this IT policy rule to True to make it mandatory that the BlackBerry device and the BlackBerry Enterprise Server use the AES algorithm to encrypt and decrypt data that they send between them Mi...

Страница 130: ...viceuserfromforwardingorreplyingtoamessageontheBlackBerry device using an email account or messaging service that is associated with a BlackBerry Enterprise Server or BlackBerry Internet Service that is different from the service that delivered the original message Usage For example use this IT policy rule to prevent forwarding or replying to a PIN message with an email message and replying to an ...

Страница 131: ...re and prevent applications on the BlackBerry device from accessing it Dependencies If you set this rule to True the BlackBerry Maps application does not work and applications cannot access the BlackBerry device GPS APIs This rule overrides the Device GPS application control policy rule setting Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 3 BlackBerry Ente...

Страница 132: ...tware Version 4 0 and later Disable IP Modem IT policy rule Description This rule specifies whether the IP modem on applicable BlackBerry devices is available Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Disable Key Store B...

Страница 133: ...ed BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 6 and later The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Devic...

Страница 134: ...y devices or the PGP Support Package for BlackBerry devices You must also turn on S MIME message processing on the BlackBerry Enterprise Server or set the PGP Universal Server Address IT policy rule Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerr...

Страница 135: ...se Server for Novell GroupWise supports this IT policy rule in BlackBerry Device Software Version 4 0 and later Disable Persisted Plain Text IT policy rule Description This rule specifies whether to prevent applications from keeping the plain text form of a content protected object in the persistent store for example the file system Default setting The default setting is False Usage Set this IT po...

Страница 136: ...ations on the BlackBerry device to access public social networking services for example Facebook Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 5 BlackBerry Enterprise Server Version 4 1 SP5 Disable Radio When Cradled IT policy rule Description This rule specifies whether the BlackBerry device turns off the wirele...

Страница 137: ...t setting is False Usage If you set this IT policy rule to False the BlackBerry device warns the user that the certificate is revoked but does not prevent the user from using the certificate Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerry Enterp...

Страница 138: ...erry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Disable Stale Certificate Status Checks IT policy rule Description This rule specifies whether the BlackBerry device displays warnings and indicators if the user receives an email message that includes a certificate with a stale status Default setting The default setting is False Usage If you set this I...

Страница 139: ...rusted Certificate Use IT policy rule Description This rule specifies whether to prevent the BlackBerry device user from sending an email message that is encrypted with a certificate that the BlackBerry device does not trust Default setting The default setting is False Usage If you set this IT policy rule to False the BlackBerry device warns the user that the certificate is not trusted but does no...

Страница 140: ...t does not prevent the user from using the certificate Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Disable Unverified CRLs IT policy rule Description This rule specifies whether to prevent the BlackBerry device user from accepting CRLs that are not verified on the Bl...

Страница 141: ...c key Default setting The default setting is False Usage If you set this IT policy rule to False the BlackBerry device warns the user that the corresponding public key is weak but does not prevent the user from using the certificate Use the IT policy rules provided for the TLS application the WTLS application the S MIME Support Package for BlackBerry devices or the PGP Support Package for BlackBer...

Страница 142: ...ons 2 1 4 0 Exceptions The BlackBerry Enterprise Server for Microsoft Exchange supports this IT policy rule in BlackBerry Enterprise Server Version 3 6 and later The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Device Software Version 4 0 and later External File System Encryption Level IT policy rule Description This rule specifies the level of encry...

Страница 143: ...irectories requires encryption with a user provided password and the BlackBerry device key Set this IT policy rule to 6 if the file system including multimedia directories requires encryption with a user provided password and the BlackBerry device key Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 FIPS Level IT ...

Страница 144: ...xceptions The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Device Software Version 4 0 to Version 4 2 1 Firewall Block Incoming Messages IT policy rule Description This rule specifies whether the BlackBerry device firewall prevents the device from processing specific types of incoming messages including SMS text messages MMS messages public and corpo...

Страница 145: ...sage Specify email addresses with wildcard characters for example organization com to allow email messages from a specific domain Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 SP3 BlackBerry Enterprise Server Version 4 1 SP5 Force Content Protection Of Master Keys IT policy rule Description This rule specifies whether content protection is turned on for m...

Страница 146: ...address book data when the BlackBerry device is locked In the general security options the user cannot change the Include Address Book field and call display and Bluetooth address book transfer do not work when the device is locked Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Force LED Blinking When Microphone...

Страница 147: ...k the BlackBerry device users might require an authenticator module for a smart card and must have a smart card driver and a BlackBerry Smart Card Reader driver installed on their BlackBerry device Dependencies If you set this IT policy rule to True the BlackBerry Enterprise Server automatically sets the Password Required IT policy rule to True in the same BlackBerry device IT policy You must set ...

Страница 148: ...e to True to use the BlackBerry device users must have a BlackBerry Smart Card Reader and must install a smart card driver and a BlackBerry Smart Card Reader driver on their BlackBerry device Dependencies The BlackBerry device uses this IT policy rule only if you set the Password Required and Force Smart Card Two Factor Authentication IT policy rules to True Minimum requirements Java based BlackBe...

Страница 149: ...BlackBerry Smart Card Reader from the BlackBerry device Not all smart card reader drivers support smart card removal detection Default setting The default setting is False Usage If you set this IT policy rule to True to use the BlackBerry device users might require an authenticator module for the smart card and must have a smart card driver and a BlackBerry Smart Card Reader driver installed on th...

Страница 150: ...s Default setting The default setting is 1 which specifies no time limit Dependencies The BlackBerry device uses this IT policy rule only if the Password Required Force Smart Card User Authentication and Force Smart Card Two Factor Challenge Response IT policy rules are set to True Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 5 BlackBerry Enterprise Server...

Страница 151: ...If you set this IT policy rule to Medium security the BlackBerry device prompts the user for the key store password when accessing the private key to encrypt messages only if the password is cleared from the key store cache If you set this IT policy rule to High security the BlackBerry device always prompts the user for the key store password when accessing the private key to encrypt messages If t...

Страница 152: ...rd the BlackBerry device prompts the user to confirm the password With this IT policy rule set it is mandatory that keys use the security level that you set as the minimum but the user can set a higher security level on the BlackBerry device Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport...

Страница 153: ...l If you set this IT policy rule the user can set a password greater than or equal to the length of the pattern on the BlackBerry device Password characters that exceed the pattern length can be any letters numbers or symbols CAUTION Preventing a particular password character reduces the entropy level and security level of the password Minimum requirements Java based BlackBerry device BlackBerry D...

Страница 154: ...sages from the BlackBerry Enterprise Server that are not blocked at the BlackBerry device firewall unless you set this IT policy rule to True Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Secure Wipe Delay After IT Policy Received IT policy rule Description This rule specifies the length of time in hours after ...

Страница 155: ...e it mandatory for the BlackBerry device to delete the user data if the user has not unlocked the device within the specified period of time Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 2 BlackBerry Enterprise Server Version 4 0 SP6 Secure Wipe if Low Battery IT policy rule Description This rule specifies whether the BlackBerry device deletes all user data...

Страница 156: ...colors 0xffffff white 0x000000 black 0xff0000 red 0x00ff00 green 0x0000ff blue Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Security Transcoder Cod File Hashes IT policy rule Description This rule specifies which cod files the BlackBerry device permits to register as ...

Страница 157: ...e that use the thumbprints that appear in the defined list Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Exceptions The BlackBerry Enterprise Server for Novell GroupWise supports this IT policy rule in BlackBerry Device Software Version 4 0 and later Weak Digest Algori...

Страница 158: ...device can use other browser services Default setting The default setting is True Usage Set this IT policy rule to False to make it mandatory to send browser data through your organization s BlackBerry Enterprise Server and to prevent users from installing other browser services on their BlackBerry devices Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 Bla...

Страница 159: ...tosendoutgoingemailmessagesthroughyourorganization sBlackBerry Enterprise Server and to prevent users from sending email messages using other email message services ThisITpolicyruledoesnotpreventusersfromreceivingemailmessagesontheirBlackBerrydevicesfromotheremailmessage services Minimum requirements Java based BlackBerry device that is running BlackBerry Device Software Version 3 6 C based BlackB...

Страница 160: ...alk for BlackBerry devices application the Google Talk for BlackBerry devices icon remains on the Home screen If users attempt to sign into the application a message appears indicating that they cannot use the application Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 4 0 SP4 Allow Public ICQ Services IT policy rule Des...

Страница 161: ...ts Java based BlackBerry device that is running BlackBerry Device Software Version 3 6 C based BlackBerry device that is running BlackBerry Device Software Version 2 5 BlackBerry Enterprise Server Version 4 0 SP4 Allow Public WLM Services IT policy rule Description This rule specifies whether the user can use the public Windows Live Messenger for BlackBerry devices application Default setting The ...

Страница 162: ...twork Location Query IT policy rule Description This rule specifies whether to prevent the wireless network or SIM card from querying the BlackBerry device for certain location related information Default setting The default setting is False Usage The information that the SIM card can query is limited to the current wireless network and cell identities the BlackBerry device IMEI the date the time ...

Страница 163: ...SIM card from making a call performing a supplementary service operation or sending an SMS text message Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 S MIME Support Package for BlackBerry devices Version 4 0 BlackBerry Enterprise Server Version 4 0 SP3 BlackBerry Connect Transport Stack Version 4 0 Smart Dialin...

Страница 164: ...on 4 0 BlackBerry Enterprise Server Version 4 0 SP1 Set Local Country Code IT policy rule Description This rule specifies the local country code for phone numbers Default setting The default setting is a null value Dependencies The BlackBerry device uses this IT policy rule only if you set the Enable Smart Dialing IT policy rule to True Minimum requirements Java based BlackBerry device BlackBerry ...

Страница 165: ...g is True Dependencies The BlackBerry device uses this IT policy rule only if you set the Enable Smart Dialing IT policy rule to True Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 SP1 TCP policy group TCP APN IT policy rule Description This rule specifies whether a default APN must be used when the BlackBerry devic...

Страница 166: ... Description This rule specifies whether a default APN user name must be used when the BlackBerry device uses TCP Default setting The default setting is a null value Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 TLS policy group TLS Device Side Only IT policy rule Desc...

Страница 167: ...rmitting TLS connections to servers with invalid certificates Default setting The default setting is 2 Usage Set this IT policy rule to 0 to prevent invalid connections Set this IT policy rule to 1 to permit invalid connections Set this IT policy rule to 2 to prompt the user Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 1 BlackBerry Enterprise Server Vers...

Страница 168: ...ing is 2 Usage Set this IT policy rule to 0 to prevent weak algorithms Set this IT policy rule to 1 to permit weak algorithms Set this IT policy rule to 2 to prompt the user Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 1 BlackBerry Enterprise Server Version 3 6 BlackBerry Connect Transport Stack Version 4 0 TLS Minimum Strong DH Key Length IT policy rule...

Страница 169: ...on This rule specifies the minimum DSA key size in bits to use during TLS connections Default setting The default setting on the BlackBerry device is 1024 bits The default setting on the BlackBerry Enterprise Server is 512 bits Usage If you set the minimum key size on the BlackBerry Enterprise Server higher than the minimum key size on the BlackBerry device the BlackBerry device continues to promp...

Страница 170: ...imum key size on the BlackBerry device is set to 160 bits If you set the minimum key size on the BlackBerry Enterprise Server to 233bits theBlackBerrydevicecontinuestoprompttheusertotrusteverysecurewebsitethatusesakeysizeinitscertificate that is less than 233 bits Minimum requirements Java based BlackBerry device BlackBerry Device Software version 3 6 1 BlackBerry Enterprise Server version 3 6 TLS...

Страница 171: ...ersion 4 0 TLS Restrict FIPS Ciphers IT policy rule Description This rule specifies whether the BlackBerry device can use an algorithm with TLS that is not FIPS compliant Default setting The default setting is False Usage If the FIPS Level IT policy rule is set to 2 by default the BlackBerry device ignores this IT policy rule and uses only algorithms that are FIPS compliant Minimum requirements Ja...

Страница 172: ...Version 4 5 BlackBerry Enterprise Server Version 4 1 SP4 Disallow Device User Requested Upgrade Description This rule specifies whether to prevent the BlackBerry device user from requesting available wireless software upgrades Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 5 BlackBerry Enterprise Server Version 4 ...

Страница 173: ...rsion 4 5 BlackBerry Enterprise Server Version 4 1 SP4 Disallow Patch Download Over WAN IT policy rule Description ThisrulespecifieswhethertopreventthewirelesssoftwareupgradeapplicationontheBlackBerry devicefromdownloading software upgrades over a WAN connection Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 5 Bla...

Страница 174: ... is 2 Usage Set this IT policy rule to 0 to prevent invalid connections Set this IT policy rule to 1 to permit invalid connections Set this IT policy rule to 2 to prompt the user Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 3 6 BlackBerry Connect Transport Stack Version 4 0 WTLS Disable Untrusted Connection IT policy ...

Страница 175: ...setting The default setting is 2 Usage Set this IT policy rule to 0 to prevent weak algorithms Set this IT policy rule to 1 to permit weak algorithms Set this IT policy rule to 2 to prompt the user Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 3 6 BlackBerry Enterprise Server Version 3 6 BlackBerry Connect Transport Stack Version 4 0 WTLS Minimum Strong DH Ke...

Страница 176: ...ption This rule specifies the minimum ECC key size in bits to use during WTLS connections Default setting The default setting on the BlackBerry device is 163 bits The default setting on the BlackBerry Enterprise Server is 160 bits Usage If you set the minimum key size on the BlackBerry Enterprise Server higher than the minimum key size on the BlackBerry device the BlackBerry device continues to pr...

Страница 177: ...nd selects the Don t Ask Again option the minimum key size on the BlackBerry device is set to 512 bits If you set the minimum key size on the BlackBerry Enterprise Server to 2048 bits the BlackBerry device continues to prompt the user to trust every secure web site that uses a key size in its certificate that is less than 2048 bits Minimum requirements Java based BlackBerry device BlackBerry Devic...

Страница 178: ... BlackBerry Enterprise Server Version 4 0 BlackBerry Connect Transport Stack Version 4 0 Policy Reference Guide WTLS policy group 176 ...

Страница 179: ...f a default application control policy exists the user cannot change the application control settings Setting application control policy rules You can assign application control policy rules to satisfy your organization s security policy requirements and to reflect the needs of the users who are assigned to that application control policy You can set a default application control policy that block...

Страница 180: ......

Страница 181: ...e Medium Security application control policy rule Description This rule specifies whether an application can access key store items stored at the medium security level The application must prompt the BlackBerry device user for the key store password when it tries to access the private key for the first time or when the private key password timeout expires Default setting The default setting is All...

Страница 182: ...s rule specifies the list of domains for which an application can apply browser filters to web page content on the BlackBerry device For example you can specify www google com and www yahoo com as domains for which an application can use a browser filter for search engines Default setting The default setting is a null value Minimum requirements Java based BlackBerry device BlackBerry Device Softwa...

Страница 183: ...kBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 1 SP2 Disposition application control policy rule Description This rule specifies whether an application is optional required or not permitted on the BlackBerry device You can use this rule to make a specific application mandatory on the BlackBerry device or to prevent unspecified or untrusted applications ...

Страница 184: ...erry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 External Network Connections application control policy rule Description This rule specifies whether an application can make external network connections You can set this rule to prevent the application from sending or receiving any data on the BlackBerry device using an external protocol such as WAP or TCP...

Страница 185: ...ample the BlackBerry MDS Connection Service You can also set this rule so that an application prompts the user before it makes internal connections through the BlackBerry device firewall Default setting The default setting is Prompt User Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 Cross Application Communication ...

Страница 186: ...s application control policy rule Description This rule specifies whether an application can send and receive email messages on the BlackBerry device Default setting The default setting is Allowed Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 Phone Access application control policy rule Description This rule specif...

Страница 187: ...nd all of the user s personal information from the BlackBerry device Default setting The default setting is Allowed Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 0 Themes application control policy rule Description This rule specifies whether custom theme applications developed using the Plazmic Content Developer s K...

Страница 188: ...urrently only smart card drivers are supported This application control policy rule applies to the BlackBerry Device Software and third party Java applications Default setting The default setting is Allowed Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 1 SP2 Policy Reference Guide User Authenticator application contr...

Страница 189: ...devices Devicepoliciesdefinewhether userscanupgradetheBlackBerryMDSRuntime andwhetheruserscandiscover install andremoveBlackBerryMDSRuntime Applications from their BlackBerry devices You can also use device policies to define whether BlackBerry MDS Runtime Applications can access data and other applications on the BlackBerry devices and to specify message queue limits for data that BlackBerry MDS ...

Страница 190: ......

Страница 191: ...ch a BlackBerry MDS Studio Application Repository for BlackBerry MDS Studio Applications that can be installed on their BlackBerry devices Default setting The default setting is True Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 1 Allow Application Install by User BlackBerry MDS Services rule Description This rule sp...

Страница 192: ...4 0 BlackBerry Enterprise Server Version 4 1 Allow Application Delete by User BlackBerry MDS Services rule Description This rule specifies whether users can delete BlackBerry MDS Studio Applications from their BlackBerry devices Default setting The default setting is True Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4...

Страница 193: ...ns BlackBerry MDS Services rule Description This rule specifies whether BlackBerry MDS Studio Applications that are installed on the BlackBerry device can access web services in multiple domains Default setting The default setting is False Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 1 Queue Limit for Inbound Applic...

Страница 194: ...ber of messages to BlackBerry MDS Studio Applications that can be queued locally on the BlackBerry device The permitted range is 1 through 50 messages Default setting The default setting is 16 messages Minimum requirements Java based BlackBerry device BlackBerry Device Software Version 4 0 BlackBerry Enterprise Server Version 4 1 Policy Reference Guide Queue Limit for Outbound Application Messages...

Страница 195: ...mpliance for the embedded cryptographic module that is required for basic operation of the BlackBerry device Control application installation and use on BlackBerry devices PreventBlackBerrydeviceusersfromdownloadingthird partyapplications over the wireless network Specify whether applications on the BlackBerry device can establish specific types of connections Block viruses and malicious user acti...

Страница 196: ...n Checks 2 requires at least one alphabetic onenumeric andone special character Forbidden Passwords obvious and insecure passwords for example password usernames and company names Set Password Timeout 5 minutes User Can Change Timeout False Delete all user data on the BlackBerry device if the user types the password incorrectly Set Maximum Password Attempts 10 number of incorrect passwords that ar...

Страница 197: ...nge Time 60 minutes after which the user must type a password Lock the BlackBerry device automatically when a user inserts it in the holster Force Lock When Holstered True Lock the BlackBerry device automatically after a period of user inactivity Maximum Security Timeout 5 minutes of idle time that is allowed before the BlackBerry device locks Defining the encryption strength that the BlackBerry d...

Страница 198: ...ecorded Allow Other Browser Services False Allow Other Message Services False Allow Peer to Peer Messages False Allow SMS False Disable Forwarding Between Services True Disable Cut Copy Paste True Prevent users from sending PIN messages Users can still receive PIN messages Allow Peer to Peer Messages False Prevent users from sending SMS messages Users can still receive SMS messages Allow SMS False...

Страница 199: ...tion Disallowed Permit a third party Java application to access the phone application on BlackBerry devices Phone Access Allowed Permit a third party Java application to create public external network connections and allow connections to external domains without promptingusersforapasswordontheirBlackBerry devices External Network Connections Allowed External Domains addresses of the external domai...

Страница 200: ...ication from their BlackBerry devices Disposition application control policy rule Required Prevent users from installing a third party Java application on their BlackBerry devices Disposition application control policy rule Required Remove a third party Java application from BlackBerry devices over the wireless network Disposition application control policy rule Required Prevent users from turning...

Страница 201: ...uletoblockallthird partyapplications or apply an application control policy to block specific RIM value added applications if you want to remove the RIM value added applications from BlackBerry devices Set the Disable RIM Value Added Applications IT policy rule to True ecommerce content optimization engine for the BlackBerry Browser Set the Disable Ecommerce Content Optimization Engine IT policy r...

Страница 202: ...tion screen click Manage Application Policies 2 Create and name an application control policy 3 To remove all existing third party applications from the BlackBerry device and prevent the BlackBerry device from installing any new third party applications set Disposition to Disallowed 4 Select a software configuration 5 Click Edit Configuration 6 Apply the application control policy to the default t...

Страница 203: ...ts to application security without banning all third party applications on BlackBerry devices you can replace a default application control policy that blocks all third party applications with a less restrictive application control policy that controls the behavior of third party applications You can allow specific behavior for registered third party applications while preventing other third party...

Страница 204: ......

Страница 205: ...search In Motion Limited and its affiliated companies RIM and RIM assumes no responsibility for any typographical technical or other inaccuracies errors or omissions in this documentation In order to protect RIM proprietary and confidential information and or trade secrets this documentation maydescribesomeaspectsofRIMtechnologyingeneralizedterms RIMreservestherighttoperiodicallychangeinformation ...

Страница 206: ... DEMAND OR ACTION BY YOU INCLUDING BUT NOT LIMITED TO BREACH OF CONTRACT NEGLIGENCE TORT STRICT LIABILITY OR ANY OTHER LEGAL THEORY AND SHALL SURVIVE A FUNDAMENTAL BREACH OR BREACHES OR THE FAILURE OF THE ESSENTIAL PURPOSE OF THIS AGREEMENT OR OF ANY REMEDY CONTAINED HEREIN AND B TO RIM AND ITS AFFILIATED COMPANIES THEIR SUCCESSORS ASSIGNS AGENTS SUPPLIERS INCLUDING AIRTIME SERVICE PROVIDERS AUTHO...

Страница 207: ... SUPERSEDE ANY EXPRESS WRITTEN AGREEMENTS OR WARRANTIES PROVIDED BY RIM FOR PORTIONS OF ANY RIM PRODUCT OR SERVICE OTHER THAN THIS DOCUMENTATION Research In Motion Limited 295 Phillip Street Waterloo ON N2L 3W8 Canada Research In Motion UK Limited Centrum House 36 Station Road Egham Surrey TW20 9LF United Kingdom Published in Canada Policy Reference Guide Legal notice 205 ...

Результаты поиска

Содержание Enterprise Server 33

Отзывы:

Похожие инструкции для Enterprise Server 33

Бренды по названию

Популярные бренды

Blackberry Enterprise Server 33, Справочное руководство

Результаты поиска

Содержание Enterprise Server 33

Отзывы:

Похожие инструкции для Enterprise Server 33

Бренды по названию

Популярные бренды