01-07-13 03:35 PM
33 12
  1. k_a_s_m_i_t_h's Avatar
    Exchange/ActiveSync being directly exposed to the internet is in itself a risk. No chance i will trust or allow my exchange server to be accessible from the internet.
    09-13-12 09:16 PM
  2. adrenaline_x's Avatar
    Being a virtual machine doesn't mean:

    A) no OS license needed
    B) no overhead in management

    Those things exist regardless of being physical or virtual so this is a non-win for every shop that's heavily virtualized.

    We happen to be and it doesn't matter. Since supporting both Blackberry lines means supporting multiple BESes, unfortunately we're just going to simplify and do away with BOTH. Afraid we won't be the only ones either...

    8 servers for 15 users is too much. But i don't see why they won't put bb10 on the BDS like the playbook.. If the underpinnings of the playbook os is infact the same as bb10 except the bb10 has a different GUI then why not add the BB10 to that.. Then its a migration strategy vs server sprawl in the intermediate future.

    If you are virtualized then you MUST be running DATA center versions of server 2008.. If you aren't thats your first mistake. if you aren't using scripting or cloning of a secured template for your production servers you are doing it wrong..

    Adding another guest is going to increase you management a bit.. But very slighty..

    You say you are going to do away with bes etc.. but what are you going to replace it with? we are currently using a third party for ios/android and its more cumbersome then you may think. I spend more time making changes, adding users, troubleshooting policy issues because it doesn't work the same on the different devices (Android version or device (htc,samsung etc) or ios version then i do with the bes server. Exchange activesync doesn't offer enough i don't think.. But i'm not running exchange 2010 yet.

    I'm going to switch to the Blackberry universal device server soon because i spend way more time dealing with IOS and Android issues with the "easier" management tools for them.

    Good luck with the migration away, but report back in a year and let us know how its doing.. i thought it would be way better then bes, but its not. not even close unfortunately.

    Change managetment tools because blackberry devices don't meet your needs.. Not Because the management tools don't work, because they do and they work well together.
    Last edited by adrenaline_x; 09-13-12 at 11:29 PM.
    09-13-12 11:10 PM
  3. adrenaline_x's Avatar
    Exchange/ActiveSync being directly exposed to the internet is in itself a risk. No chance i will trust or allow my exchange server to be accessible from the internet.
    Then what do you use for OWA?

    if you are patching and are using NAT to route public ip address and specific ports to your exchange server what are you risking? Possibly a 0 day vulnerability but that is a pretty low risk.

    You bes server needs access to the internet (no nat i suppose) but a BES vulnerability could just as easily cause u similar headaches.
    09-13-12 11:26 PM
  4. ColdFistOfTruth's Avatar
    Exchange/ActiveSync being directly exposed to the internet is in itself a risk. No chance i will trust or allow my exchange server to be accessible from the internet.
    Um, yeah. Says who? And how? EAS/EWS/OWA is well-vetted and pentested 6 ways to Sunday by everyone on the planet... (exaggeration for effect).

    AdrenalineX, you are right -- it will be interesting to see in a year as you note. But there may not be any user demand left for BB in a year (in our company) and if so then it won't matter.

    We do all the stuff you mention (outside of datacenter; we're currently a vSphere 5 shop, not Hyper-V, although paralleling RIM/iOS, vSphere will probably be punted in a year because Hyper-V 2012 has reached that critical "good enough" / cost-effective point).

    My overall point was RIM has to sweat ALL the details or things like this move away by small-midsize biz will happen. (And they ARE happening. And they were avoidable). We're customers, not fanboys.

    09-14-12 06:42 AM
  5. Frank Castle's Avatar
    For less than <100 users just use Blackberry Server Express. Your not going to lose much security and it's fully free. You won't have full HA but the cold spare model is the best your going to get with any of the other MDM solutions.

    Whats funny is I talk to peers all the time. People on Good Technology are looking at Mobile Iron, people on Mobile Iron are looking at Air Watch and those on Air Watch are looking at the other two. There is no perfect MDM, at least nothing at the level that BES is / was. If BB10 can be that again that will be a good thing.

    You really need to decide what your mobile needs are. We're way beyond simple email / PIM sync. Application management, secure content, VPN functionality. We use MDS heavily and now with SharePoint and Lync deployed we're seeing a rush of people that want a Blackberry again. It's all about functionality.

    Most people that want to use iOS / Android due to they know it cannot be supervised and restricted as much as their old Blackberry. What's ironic is as Apple provides more MDM API controls and we lock down iOS more I see more and more people switch to Android or carry the corporate iPhone AND their own device. It's going to be real fun when we drop corporate liable and force all employees into BYOD. That'll rattle some cages (not my idea and I think it will back fire big time)
    09-15-12 07:09 AM
  6. tk-093's Avatar
    We've gone from about 900 Blackberry devices to about 150 since November 2011 when we first introduced Good and allowed corporate liable Android devices and iPhones. We also allow BYOD as well so we have a huge mix of deviecs.

    With all my other duties I don't know why it would be worth putting up yet another mobile device management server for a tiny amout of devices. Now the fact that our CEO is a Blackberry user might answer that question for me... hehe.
    edwintg likes this.
    09-26-12 11:38 AM
  7. SoUnCool's Avatar
    WOW, a lot of strong opinions in this thread, well I am a tech junkie so let me get this open to discussion, regardless of parallele infrastructure, virtual or non virtual, licensing, etc

    What I learn from RIM, that at the launch of January 30 the BB10 device will work with current version of their BDS which is version 6.1 - for us corp security folks this version of BDS lacks one major thing that is IT policy sets (like BES 4.x and BES 5.x). Also the BB10 device will come in two plan flavors from service providers , personal and corporate. If I go to a store and buy a BB10 device it will be personal device working like any other smart phone, IF I ask the service provider store to give me a corporate plan then and only then I will get the goodies or service books on the phone that will enable me to activate this on my BDS. In this case my device WILL NOT make direct active sync connection to Exchange, it will make it via BDS. BDS has MDS running on it, which is making the active sync connection to Exchange. Now after this initial release of BB10 device, there will be BDS 6.2 release which will give me all the IT policies that we need to run our corporate owned devices. There is no firm up release date of BDS 6.2.

    So if RIM is banking on iPhone like lines and sales for BB10 then good luck, it ain't happening.
    If they are looking for corporate to jump on launch of BB10 it ain't happening either due to following reasons
    - Security policies are not going to be available at the launch, this will be a major road block for any medium to large size corp and govt
    -Service providers have not being forthcoming on how they will manage device upgrade request from BB legacy to BB10? we have thousands of users not upgrading their devices for free after 2 years of usage, because they want free upgrade they ain't going to cough up new money
    -Cannot justify net new BB10 purchase if they are not ready for full corp prod
    -We use couple of apps that are must for all business users, when we spoke with them and RIM, guess what RIM development team was not very helpful and forthcoming on BB10 and these apps support, after a lot of arm twisting we now know that by the end of 2013 our app MAYBE ported over to BB10.

    It seems that RIM is betting a lot on consumer market, not to their loyal corp customers
    12-03-12 12:34 PM
  8. knottyrope's Avatar
    Bes admin as well.

    Its simple to setup BB device manager for the playbooks.. I did it in 4 hours start to finish including the time to launch a vm and install and configure.

    I doubt it will be much different.

    Hopefully they have BESX 10 to keep the costs of operating BBs by using BIS data plans and Free cals for the Bis users. Most companies that i know made the switch to Besx as most didn't require policies beyound what is found in BESX.
    BES Express wont be needed anymore. BB10 can just use EAS.
    BES 10 is going to make my life easier. We are going to manage all devices with BES 10. So its just one more server to add in or get a MDM solution to figure out. We decided to stick with what we know and BES 10 will be it.

    We are currently upgrading to a Virtual system and with DataCenter we can spin as many VMs as we want.
    01-07-13 03:35 PM
33 12