BES12.6 UEM – Neue Firewall Konfiguration

Ab BES12.6 UEM sind neue Firewall Regeln zu beachten, da BlackBerry an der Infrastruktur gearbeitet hat.

Methode 1

Usage TCP Port Protocol Domain
BlackBerry Control (Starting with UEM version 12.6) 443 TCP bxenroll.good.com
BlackBerry Control, BlackBerry Proxy, Application Servers (Starting with UEM version 12.6) 443 TCP gdmdc.good.com
BlackBerry Proxy (Starting with UEM version 12.6) 443 TCP gdrelay.good.com
BlackBerry Proxy (Starting with UEM version 12.6) 443 TCP gdentgw.good.com
BlackBerry Control, BlackBerry Proxy, BEMS (Starting with UEM version 12.6) 443 TCP gdweb.good.com
Affinity Manager / Dispatcher 3101 TCP <country>.srp.blackberry.com
Core 3101 TCP <country>.bbsecure.com
BlackBerry Connectivity Node (Starting with BES12 version 12.5)
*Note: The BlackBerry Connectivity Node leverages 443 for Enrollment with BES12 only
3101 TCP <country>.bbsecure.com
443 HTTPS <country>.bbsecure.com
BlackBerry Secure Connect Plus (Starting with BES12 version 12.2) 3101 TCP <country>.turnb.bbsecure.com
BlackBerry Secure Connect Plus (Starting with BES12 version 12.2) – only if Knox Work space is used * 443 HTTPS api.samsungapps.com

Methode 2

Region Usage TCP Port Protocol Domain Current IP Addresses
All Licensing 3101 TCP license.blackberry.com 68.171.242.252
BlackBerry Control 443 TCP bxenroll.good.com 206.124.122.130
BlackBerry Control, BlackBerry Proxy, Application Servers 443 TCP gdmdc.good.com 206.124.122.130
BlackBerry Proxy 443 TCP gdrelay.good.com 206.124.122.131
BlackBerry Proxy 443 TCP gdentgw.good.com 206.124.114.89
BlackBerry Control, BlackBerry Proxy, BEMS 443 TCP gdweb.good.com 206.124.114.92
Asia Pacific Region (APAC) excluding Saudi Arabia and UAE Server Routing Protocol 3101 TCP <country>.srp.blacberry.com 216.9.240.6
68.171.240.33
BlackBerry Secure Connect Service 3101 TCP <country>.bbsecure.com 103.246.200.136
BlackBerry Connectivity Node 3101 TCP
443 HTTPS
BlackBerry Secure Connect Plus Service 3101 TCP <country>.turnb.bbsecure.com 103.246.200.138
103.246.200.139
103.246.201.138
103.246.201.139
Canada Server Routing Protocol 3101 TCP ca.srp.blackberry.com 216.9.242.6
68.171.242.6
BlackBerry Secure Connect Service 3101 TCP ca.bbsecure.com 216.9.242.244
BlackBerry Connectivity Node 3101 TCP
443 HTTPS
BlackBerry Secure Connect Plus Service 3101 TCP ca.turnb.bbsecure.com 216.9.242.242
216.9.242.243
74.82.72.242
74.82.72.243
Europe, the Middle East, and Africa Region (EMEA) Server Routing Protocol 3101 TCP <country>.srp.blackberry.com 93.186.25.33
193.109.81.33
BlackBerry Secure Connect Service 3101 TCP <country>.bbsecure.com 93.186.19.240
BlackBerry Connectivity Node 3101 TCP
443 HTTPS
BlackBerry Secure Connect Plus Service 3101 TCP <country>.turnb.bbsecure.com 93.186.19.242
93.186.19.243
93.186.17.242
93.186.17.243
Latin America and the Caribbean Server Routing Protocol 3101 TCP <country>.srp.blackberry.com 216.9.242.32
68.171.242.32
BlackBerry Secure Connect Service 3101 TCP <country>.bbsecure.com 216.9.242.244
BlackBerry Connectivity Node 3101 TCP
443 HTTPS
BlackBerry Secure Connect Plus Service 3101 TCP <country>.turnb.bbsecure.com 216.9.242.242
216.9.242.243
74.82.72.242
74.82.72.243
Saudi Arabia Server Routing Protocol 3101 TCP <country>.srp.blackberry.com 5.100.168.48
5.100.168.49
BlackBerry Secure Connect Service 3101 TCP <country>.bbsecure.com 93.186.19.240
BlackBerry Connectivity Node 3101 TCP
443 HTTPS
BlackBerry Secure Connect Plus Service 3101 TCP <country>.turnb.bbsecure. com 93.186.19.242
93.186.19.243
93.186.17.242
93.186.17.243
United Arab Emirates Server Routing Protocol 3101 TCP <country>.srp.blackberry.com 131.117.168.48
131.117.168.49
BlackBerry Secure Connect Service 3101 TCP <country>.bbsecure.com 93.186.19.240
BlackBerry Connectivity Node 3101 TCP
443 HTTPS
BlackBerry Secure Connect Plus Service 3101 TCP <country>.turnb.bbsecure. com 93.186.19.242
93.186.19.243
93.186.17.242
93.186.17.243
United States only (US) Server Routing Protocol 3101 TCP us.srp.blackberry.com 216.9.242.33
68.171.242.33
BlackBerry Secure Connect Service 3101 TCP us.bbsecure.com 216.9.242.240
BlackBerry Connectivity Node 3101 TCP
443 HTTPS
BlackBerry Secure Connect Plus Service 3101 TCP us.turnb.bbsecure.com 74.82.72.202
74.82.72.203
68.171.242.202
68.171.242.203

Zusätzlich:

Device Operating System TCP Port Protocol Domain
BlackBerry 10 OS / Android / iOS / Windows Phone 443 HTTPS/TLS* <country>.bbsecure.com
Android / iOS 443 HTTPS <country>.swsmanager.bbsecure.com
iOS 5223 TCP gateway.push.apple.com
Android 5228
5229
5230
TCP android.apis.google.com
BlackBerry 10 OS (Starting with version 10.3.2)
Android (Android for Work / Samsung KNOX)
443 TCP <country>.turnd.bbsecure.com
BlackBerry 10 OS (BlackBerry World for Work) 80 HTTP appworld.blackberry.com
enterprise.appworld.blackberry.com (74.82.73.235 – Only applicable if BES12 IT Policy rule “Force Static IP Address for BlackBerry World for Work” is enabled, and only applicable on BlackBerry 10 OS 10.3.1+)
BlackBerry 10 OS (Version 10.3.1+) 80 HTTP icc.blackberry.com/v1/wifi/
BlackBerry Dynamics Apps 443 TCP bxcheckin.good.com
BlackBerry Dynamics Apps 443 TCP bxenroll.good.com
BlackBerry Dynamics Apps 49152 TCP gdmdc.good.com
BlackBerry Dynamics Apps 15000 TCP gdmdc.good.com
BlackBerry Dynamics Apps 443 TCP gdmdc.good.com

KB000036470

Forumsdiskussion

Tagged on: , ,

One thought on “BES12.6 UEM – Neue Firewall Konfiguration

  1. Pingback: BlackBerry Enterprise Service 12 (BES12) – Unified Endpoint Manager (EUM) Kompendium | BB10QNX.de

Schreibe einen Kommentar

bb10qnx