Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

Reply
New Contributor
Posts: 2
Registered: ‎06-21-2011
My Device: Various Curve models
My Carrier: Verizon

Prevent access from blackberries to company intranet

We're currently in the midst of PCI (payment card industry) 2.0 compliance. I need to prevent Blackberries from accessing the internal network. We have no WiFi. Currently running BES 4.1. Anyone had to do the same? This is a Windows environment with a few models of Curves.

 

Thanks,

Guru III
Posts: 32,114
Registered: ‎06-25-2008
My Device:

I'm rockin the BlackBerry PRIV, Passport, Z30, Z10, Q10, BlackBerry Mini Stereo Speaker, 64 gig PlayBook,BT Headset HS-700

My Carrier: I am on AT&T. Please edit your Personal Profile with your DEVICE TYPE, DEVICE OS and Carrier

Re: Prevent access from blackberries to company intranet

I have seen a few.

 

If you have dedicated exchange and Domain controllers.

 

Bolck access to all other servers via firewall.

 

 

 

Turning of MDS CS service will also prevent access, but will stop internet access as well.

 

You can have them change their default browser to allow them to use their carrier instead of BES for internet access.

  

KB16463 - How to change the default browser on a BlackBerry smartphone

 

 

 




Click here to Backup the data on your BlackBerry Device! It's important, and FREE!


Click "Accept as Solution" if your problem is solved. To give thanks, click thumbs up
Click to search the Knowledge Base at BTSC and click to Read The Fabulous Manuals

BESAdmin's, please make a signature with your BES environment info.


SIM Free BlackBerry Unlocking FAQ
Follow me on Twitter @knottyrope


Want to thank me? Buy my KnottyRope App here


BES 12 and BES 5.0.4 with Exchange 2010 and SQL 2012 Hyper V


Highlighted
New Contributor
Posts: 2
Registered: ‎06-21-2011
My Device: Various Curve models
My Carrier: Verizon

Re: Prevent access from blackberries to company intranet

Yes, I have considered both options. However, Intenet access via carrier is necessary as many travellers tether for Internet access. Now, the firewall rule - "block all other access to servers" - is this to/from the BES server? Can you give me kind of a sanitary example? I have some users that have even downloaded something like an SSH app to log into servers. I want to block ports 21,22,23,80, 8080, 443, 8443 and maybe others.

 

Thanks,

 

Jeff