1. RichTJ99's Avatar
    Hi,

    I have been using Windows Mobile & Activesync for 4 or so years with various windows mobile phones. I have also been using Hosted exchange for a few years too.

    I cant figure out why its so much more to go from Activesync to BES? As far as I can tell, there pretty much the same thing from a functionality perspective.

    I have sprint & there everything plan ($99 per month unlimited data), however, for some reason BES isnt part of that plan & is an extra $20 per month.

    My Exchange host charges a $10/M fee as well.

    So the BB is costing about $30 per month extra for data charges. Sprint did waive the $20 per month, so its only $10 per month out of pocket for me.

    I just dont get why its so expensive when they do the same thing.

    Is there some logical reason I am not getting (aside from it costs money to keep Rim's servers moving)?

    Thanks,
    Rich
    12-14-09 10:33 PM
  2. leskchan's Avatar
    BES is server side system on top of exchange to allow company IT to contol all aspect of the phone and information security.

    ActiveSync is a clinet side app to sync infor infor only.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-14-09 10:42 PM
  3. Sith_Apprentice's Avatar
    12-14-09 10:47 PM
  4. JRSCCivic98's Avatar
    Simple answer... because RIM can charge you for it.

    Also, leskchan, your description of the two technologies aren't as black and white as you seem to view them. Security control of the handset can be made to happen on ActiveSync connected devices as well. An ActiveSync device is no less secure then a BES connected BB device, you've just been brainwashed to think so.
    12-14-09 10:56 PM
  5. leskchan's Avatar
    Simple answer... because RIM can charge you for it.

    Also, leskchan, your description of the two technologies aren't as black and white as you seem to view them. Security control of the handset can be made to happen on ActiveSync connected devices as well. An ActiveSync device is no less secure then a BES connected BB device, you've just been brainwashed to think so.
    With BES, the IT can control what you can do on the BB, prevent you from electronically distribute information to other, wipe your BB, lock you out.

    I don't think you understand what network administration is. This is just like your IT department controlling your computer.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-14-09 11:14 PM
  6. Sith_Apprentice's Avatar
    Civic im gonna have to disagree. The full control over the device, lack of viruses/spyware, and the fact that you cannot access the core of the device (as the OS runs in a VM) make the BlackBerry much more secure.
    12-14-09 11:20 PM
  7. JRSCCivic98's Avatar
    Wow Sith, I'm very surprised at the content of that paper. The writers doc up configs of a BES server on a single box (BES and Exchange) as the basic build, which in 2007 was not a supported configuration based on RIM support. Then they compare the costs of that against the costs of a dual server environment for the MS side of things. Yeah, ok... NOT!

    Add to that the runaround of "BES does Antivirus and Firwarell on the handset" and it gets annoying. There's no AV needs on RIM devices because the platform won't allow for standard viruses or malware to run on the platform. That's not a BES benefit, that's a BBOS benefit. It's no different then a Unix box not getting a standard virus or a Novell server being locally infected with one (the OS architecture side, not the files stored on the public volumes, as those can still have viruses on the files, but will only infect devices that utilize those files, the Novell server will remain immune to them).

    Also, the first few pages about them harping on outside connectivity of the device through the corporate firewalls to the internal ActiveSync server? WTF... how do they think the BBs connect to the BES server on the inside of the network, magic? WTF? I must be missing something because all I can see in terms of BIG differences is the "complete control with policies" that BES can give to a BB. That I will give mad props to RIM about... I don't think I've ever argued against that. It's very cool that I can control what I want and don't want to function on a BB device based on total users, a group of users, or individual users. That part is nice and I do wish ActiveSync devices would allow for this... perhaps in the near future as MS sees the need to implement such finite level control.

    Pretty much all the other stuff is fluff. Antivirus on corporate servers will already be in place in any company, so email scans for viruses and malware would happen server side (on Exchange) before the email even gets to the mailbox and has a chance to ActiveSync to the handheld, hense making their example of gripes a moot point. Certificate authentication via local certs on the handset... again, pretty sure a WinMo device can do that, along with the other ActiveSync capable devices now.

    So, as I've always said, aside from the handheld control that comes from the BES Policies, I would like anyone to argue some more valid points on RIM's side... at least ones that can't generally be covered/answered by something that's generally already in place within the same Enterprise environment before BES was brought in.... after all, I'm pretty sure places have AV solutions long before BES ever was implemented and BBs were handed out.

    Come on... let's not be so gullible.


    BTW, I'm not arguing with you Sith, I respect you, but I do argue the vague and one sided view of that paper and the people that wrote it. I can't help but view it as a PR push for RIM solutions rather then a everyday reality of IT infrastructures and implentations.

    Oh, BTW, I love how the handset of choice was a T-Mobile Dash for their WinMo test devices... a device that only comes with WinMo Smartphone Edition and not Professional. There's a bit of a difference between the versions and let's not even argue the fact of how slow a Dash would be if really pushed through its paces. I know, because I had a client who tried to have 2000+ contacts on the Dash via ActiveSync and pretend they could use it without major slowdowns due to crappy hardware specs. But that's another story.
    Last edited by JRSCCivic98; 12-14-09 at 11:27 PM.
    12-14-09 11:23 PM
  8. JRSCCivic98's Avatar
    With BES, the IT can control what you can do on the BB, prevent you from electronically distribute information to other, wipe your BB, lock you out.

    I don't think you understand what network administration is. This is just like your IT department controlling your computer.

    Posted from my CrackBerry at wapforums.crackberry.com
    Oh trust me, I know what policy control from the server down is. See my post above and you'll see that part of RIM's capabilities I won't argue against because currently ActiveSync doesn't do that at the same extent. Everything else... arguably covered in one way or another.
    12-14-09 11:31 PM
  9. JRSCCivic98's Avatar
    Civic im gonna have to disagree. The full control over the device, lack of viruses/spyware, and the fact that you cannot access the core of the device (as the OS runs in a VM) make the BlackBerry much more secure.
    See my post above. I agree with this. However, as I indicated above, BES does not make the Blackberry more secure onboard as you indicate. It's the design of the BBOS that does this. BIS or BES connectivity doesn't govern this aspect. Onboard security on the device is the same regardless of which connectivity a user has. I don't think you'll disagree with this.
    12-14-09 11:34 PM
  10. leskchan's Avatar
    That's my point between BES and ActiveSync. It is not just about syncing. That's where the money is, whether you like it or not.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-14-09 11:37 PM
  11. JRSCCivic98's Avatar
    That's my point between BES and ActiveSync. It is not just about syncing. That's where the money is, whether you like it or not.

    Posted from my CrackBerry at wapforums.crackberry.com
    Thousands of dollars just to control the capabilities of a BB's core functions... thanks, but no thanks. That doesn't add "security", that adds "control". There's a big difference there. With ActiveSync you can still password protect a device, wipe it, etc. What you can't do is push down limits to lock people out of capabilities of said device, like no memory card access or no camera support or no SMS, etc. But in reality, a lot of these policies came into fruition when BB was still very young and back then things like cameras and memory cards weren't part of the architecture. At that time, the policies were used to limit "bandwidth consumption", be it text messages or actual data usage (because when a BB is connected all standard data flows through the corporate network and out its Internet gateway). SMS cutbacks would also be a benefit to companies who handed out BBs and didn't want a user running up their corporate cell phone bill with text messages... something the company might not have bought for them. This along with the remote wipe and password lock capabilities were the core principals that drove BB policy implementation from a BES. It wasn't until later that the policies grew to cover disabling of cameras and such.
    12-14-09 11:48 PM
  12. CanuckBB's Avatar
    The ability to control messaging apps is a huge deal in regulated industries. They need to be able to track every communication from company owned assets.

    I can log SMS, I can log PIN. I can't log I, I can't log BIS emails. So they need to be blocked.

    If all you need is flow of email, then yeah, BES may be overkill. But it is not an equivalent to ActiveSync.
    12-15-09 10:37 AM
  13. se1000's Avatar
    Thousands of dollars just to control the capabilities of a BB's core functions... thanks, but no thanks. That doesn't add "security", that adds "control". There's a big difference there. With ActiveSync you can still password protect a device, wipe it, etc. What you can't do is push down limits to lock people out of capabilities of said device, like no memory card access or no camera support or no SMS, etc. But in reality, a lot of these policies came into fruition when BB was still very young and back then things like cameras and memory cards weren't part of the architecture. At that time, the policies were used to limit "bandwidth consumption", be it text messages or actual data usage (because when a BB is connected all standard data flows through the corporate network and out its Internet gateway). SMS cutbacks would also be a benefit to companies who handed out BBs and didn't want a user running up their corporate cell phone bill with text messages... something the company might not have bought for them. This along with the remote wipe and password lock capabilities were the core principals that drove BB policy implementation from a BES. It wasn't until later that the policies grew to cover disabling of cameras and such.
    The addition of control can bring the addition of security. Although I am not one now, from the perspective of a mobile device admin, the ability to control the client device is huge, especially in enterprise environments where thousands, possibly tens of thousands of devices need to be maintained. Security goes beyond viruses and malware. What if a windows mobile device is lost? Can the information be remotely erased? Can you as an administrator guarantee that a password had been set and it meets corporate complexity requirements? Can you say that information on the memory card is encrypted? Other security advantages include the ability to push a custom browser and the aforementioned messaging policies.
    12-15-09 11:18 AM
  14. JRSCCivic98's Avatar
    The addition of control can bring the addition of security. Although I am not one now, from the perspective of a mobile device admin, the ability to control the client device is huge, especially in enterprise environments where thousands, possibly tens of thousands of devices need to be maintained. Security goes beyond viruses and malware. What if a windows mobile device is lost? Can the information be remotely erased? Can you as an administrator guarantee that a password had been set and it meets corporate complexity requirements? Can you say that information on the memory card is encrypted? Other security advantages include the ability to push a custom browser and the aforementioned messaging policies.
    Yes and Yes.
    12-15-09 12:32 PM
  15. Xopher's Avatar
    BES also gives you the capability to add things like MVS, where a user's office extension can be tied to their BlackBerry. They can call as if sitting at their desk. There are also other applications that can be tied into corporate databases, VPN, and other apps for accessing sensitive data. I believe the IT department can also push application updates out as needed.
    12-15-09 03:39 PM
  16. notfol's Avatar
    With BES, the IT can control what you can do on the BB, prevent you from electronically distribute information to other, wipe your BB, lock you out.

    I don't think you understand what network administration is. This is just like your IT department controlling your computer.

    Posted from my CrackBerry at wapforums.crackberry.com
    Activesync on Exchange 2003 & later supports all of those functions. I assume Blackberry doesn't want to pay Microsoft licensing fees for Activesync.

    iPhones, Palms & most Androids support Activesync as well as the WinMobile devices, so it's not like you need a Windows phone to use Exchange Activesync.

    If your using Lotus or Groupwise, Blackberry is still the only way to get Push email, but if you're running Exchange, it's just more work to support BES.
    12-17-09 12:04 PM
  17. leskchan's Avatar
    Activesync on Exchange 2003 & later supports all of those functions. I assume Blackberry doesn't want to pay Microsoft licensing fees for Activesync.

    iPhones, Palms & most Androids support Activesync as well as the WinMobile devices, so it's not like you need a Windows phone to use Exchange Activesync.

    If your using Lotus or Groupwise, Blackberry is still the only way to get Push email, but if you're running Exchange, it's just more work to support BES.
    I don't think you know what BES is. BES is on top of and in addition to Exchange to control the BES phones, like a server controlling all aspect of client computer. You are just talking about syncing.
    12-17-09 12:13 PM
LINK TO POST COPIED TO CLIPBOARD