12-27-2012 04:17 AM
I'm looking to enable MDS on BES Express 188.8.131.52 in a FIPS environment, however have not been able to find any support articles on the BlackBerry website that suggests that MDS either meets FIPS as standard or if there are any required configuration changes/IT Policy rules that need to be made in order to ensure it meets FIPS.
The last thing i want to do is enable MDS and break half of the environment in doing so.
Anybody got any ideas?
12-27-2012 09:06 AM
BES express was made for BYOD and it might not have everything you require to lock down your devices.
what FIPS spec do you need with MDS?
12-27-2012 10:20 AM
BES does supply end to end encryption. But BES express is limited in controlling devices like Full BES can.
Last i knew, you can not force users to use on MDS only for web surfing with express.
MDS also allows intranet access which is encrypted to network shares and web servers.
12-27-2012 11:17 AM
Do you know of any support articles that advise what the IT policy and MDS configuration needs to be to meet the FIPS Compliance i previously stated?
I don't want to just go in and blindly enable MDS without having a firm grasp on how it needs to be configured so that it doesnt break everything else which is already FIPS controlled.
12-27-2012 12:02 PM - edited 12-27-2012 12:04 PM
do you see this in IT policy?
FIPS 140-2 Level 2 compliance under IT Policy > Security is enabled.
The descriptions for certain IT policy rules in the BlackBerry® Administration Service mention the FIPS level IT policy rule, but the FIPS level IT policy rule is not available in the BlackBerry® Enterprise Server Express. (DT 839622)
So I am guessing that express is not FIPS enbled and you need the full version of BES.
IT Policy guide for BES 5 SP4 search FIPS in it