Why a RIM outage affects users on a corporate BES.

IT

Why a RIM outage affects users on a corporate BES.

//

How a RIM outage affects your organization when you have a BES

With the recent massive Blackberry outages, I have had many clients ask me why their Blackberry mail flow was interrupted when they have their own in-house Blackberry Enterprise Server (BES).  The answer always seems to surprise them.  For those of you that don’t know, here it is:

To understand why mail is affected, you must first understand the way message flow works with a BES.  Here is basically what happens:

Message flow to a handheld

  1. New Message arrives: the Microsoft message transfer agent delivers message to user’s desktop email mailbox.
  2. Message notification: Blackberry maintains a MAPI connection to the user’s mailbox. The connection enables the server to use the same notification for new mail, blackberry processes message as it arrives.
  3. Message filters are applied: BES checks message fields against global filter rules.BES then applies user-defined filters.
  4. Message ID is assigned: BES randomly generates a reference id and tag.
  5. Message is compressed and encrypted.
  6. Message sent to wireless network: BES sends the first portion of the message through port 3101 to the wireless network, which verifies the PIN belongs to a valid handheld registered on the network
  7. Confirmation is returned: The network locates the handheld and delivers the message.
  8. Arrives on handheld: The handheld decrypts and decompresses the message and notifies the user of new mail.

Message flow from the handheld

  1. Message sent from handheld, on the handheld the message is assigned a reference id.
  2. Message is compressed and encrypted.
  3. Message is sent to BES Server, through port 3101 to the wireless network to the Blackberry Server.
  4. Message is decrypted and decompressed: BES decrypts and decompresses the message. If the message does not match the users encryption key, the message is discarded.
  5. Message is placed in outbox on the Exchange Store.
  6. Message delivery: The Exchange MTA delivers the message.
  7. Copied to sent items folder: A copy of the message is placed in the user’s desktop email program sent items folder.

When messages are going TO the handheld in the example above, steps 6 and 7 actually occur on a second server.  Not the BES, but an actual RIM server; owned, operated, and physically possessed by Research In Motion.

When messages are going FROM the handheld in the example above, step 3 occurs on the RIM server.  The messages in that case go from the device to the RIM server, then on through to the BES and into the Exchange message store for delivery via the outbox.

So there you have it.  Any email or PIN message that is sent to or from any Blackberry device worldwide will flow through the RIM corporate servers at some point during delivery.

An interesting fact to add is that even the President of the United States carries a Blackberry, and yes, all of his emails flow through the same RIM corporate servers that reside in Ontario, Canada.  It is worth noting, however, that there have been many modifications made to the President’s device to make it more secure.  This includes reportedly increasing the encryption level from the standard 128 bit AES to 256 bit AES, which despite how the two figures look, does not just double the level of encryption, it increases it exponentially.  Other reported modifications include disabling the SMS text features, GPS features, and assigning an IT policy that makes it impossible to forward messages sent from the President.

More About the Author

Will Lyles

Platforms Architect
Kevin Durant and the OKC Thunder Get the Assist from InterWorks What a wild few days for both Oklahoma basketball fans and our team of IT professionals.  The OKC Thunder contacted InterWorks late ...
Mobile Security Topics – Highlights from a Recent Speaking Event Recently I was asked by a client to attend the annual Trucking Industry Defense Association (TIDA) in Las Vegas to speak about mobile ...

See more from this author →

InterWorks uses cookies to allow us to better understand how the site is used. By continuing to use this site, you consent to this policy. Review Policy OK

×

Interworks GmbH
Ratinger Straße 9
40213 Düsseldorf
Germany
Geschäftsführer: Mel Stephenson

Kontaktaufnahme: markus@interworks.eu
Telefon: +49 (0)211 5408 5301

Amtsgericht Düsseldorf HRB 79752
UstldNr: DE 313 353 072

×

Love our blog? You should see our emails. Sign up for our newsletter!