Subject lines are also encrypted via BES even corproate MDS apps and Goodlink couldn't significantly prove that statement.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
RIM's BlackBerry vs iPhone's ActiveSync
- Thread starter MacRumors
- Start date
- Sort by reaction score
Subject lines are also encrypted via BES even corproate MDS apps and Goodlink couldn't significantly prove that statement.
Yeah right! Sure jo blo you and others buy their own PERSONAL device. But I have yet to seee a REAL corporate IT Department order iPhones as a means of corporate intranet, and email and ticketing or db system access remotely.
WHY do so many ppl NOT experienced or trained using a BES in a large corporate environment spread such saggin bull?
Can you use the Iphone to access corporate Remedy Ticketing system, sales force implementation, or even update or lookup calendaring appointment information? NO!
* Maybe with the upcoming MSMDS implementation but NOTHING in this SDK or licensing states that Microsofts Mobile Data System Server will support the iPhone. IF it did THEN we'd be talking.
Lets see how the average corporate user can type an FULL email after 3mths daily usuage on a BB vs an iPhone! Also on the BB I can run applications SIMULTANEOUSLY ... you cannot do this on the iPhone which makes this limitation BUNK at best - I'm saying the iPhone CANNOT do multi-tasking but its been limited a POOR move by Jobs & Co.
Loose your iPhone and have some punk set it up on the network. Sure you're data will be wiped with the Kill signal sent from your IT department - but PUNK can STILL use it as his own. All providers that support the BB can track the PIN and also specify the device to be a PUCK/Paper weight and disable message collaboration services.
There is SOO much ppl don't know about the RIM infrastructure!
Remember you're government rely's on RIM ... and their NOC setup is SEPERATE from ALL other corporate & consumers email ... so when a nationwide outtage occurs the US Gov is NOT affected.
(my statements are made with emotion but based on direct hands-on experience, fact & training in the Blackberry/BES/BIS field, and years of cellular experience.)
Then you should know that the Proxy is the least secure method to obtain corporate intranet information then, hmm?!
You're kidding, right?
If not, then it appears you're the only person spreading FUD here.
He was merely referring to the NOC (part of the equation) as the security risk, not Canadians.
I'm not sure I followed this part of the conversation. I think the other cannuck was refering to the large media following with NTP vs RIM case back in 2006. But he/she should've stated so.
Has anyone YET proven a security hack to the RIM infrastructure at ALL, ever?? Not that I've seen or googled and not with proof backing it.
Good move Apple but I'd like to see support for MSDMS implemented with ActiveSync. MSDMS uses ActiveDirectory for provisioning along with MobileVPN.
For what it does, Blackberry is an excellent device. It is quite secure and functional with BES. The major drawback to Blackberries is that it is all rather drab and limited. I don't think RIM has it in them to innovate/update to maximize what a portable push device can do.using Exchange server is pretty clever given that all BES are built upon an existing Exchange server so the changeover would be pretty painless.
What do you mean by rather drab & limited? HOW ... clarify, qualify, or quantify this statement pls?
Can you integrate your iPhone with a corporate PBX system? I'm still waiting for that solution. Can you look up Remedy tickets securely? Can you access your Oracle 8i, 9i DB's? Can you restrict a group of ppl from access certain outside sites vs other who get all ALL internet on their BB's? Corporate IM (not GoogleTalk or AIM/MSN) - SameTime, etc.
Again there is soOOOooo much more to a Blackberry than meets the eye, folks. I'm GLAD that Apple is going for the corporate market ... I just wanted to see MORE. For those of you that are old enough to remember ... the NEWTON offered so much as well and really had no competition. I personally see the iPhone as a next get Newton with SOOO much more potential but Apple is limiting it for some reason that I cannot understand (Bluetooth for example).
Maybe there is more to this "ActiveSync" agreement that'll show its head later this quarter.
PS: RIM has been working on changing the BES flow of corporate data/email to match with the competition; not available yet - 3rd party implementations handle this.
No I'm not. I was talking about the corporate world. I do not included government in the corporate world. They have their own set of rules. With that said, all Apple needs to do is remove the camera in the iPhone and they have a government phone.
Hands up anyone that thinks Apple will remove the camera and upset their core* iPhone buyers!
*Core iPhone buyer: Consumer that likes all-in-one devices (Music player, mail client, phone, camera and bog-standard earphones).
Duh, that's not what he meant. Apple will sell a special version of the iPhone with a camera for those who do not allow cameras on their sites.
I had thought that SMS was no longer used. Thanks for the clarification; I learned something new today. I don't like 30min heartbeat interval part though. What if my WMPro device has a data connection with my provider and I go underground in the subway? (typically from West end of Toronto to North end takes around 40mins - with only a brief 2min outside window of network connection - not fast enough to fully establish an HSDPA/UMTS connection; GPRS/EDGE maybe but will it be long enough for MSExchange PUSH to establish another connection?)
What point of failure are you mentioning? The data network (ie AT&T, TMobile USA/Germany/UK) is one such failure ... one that has been at fault (APN) lately except for the 2 RIM NOC outtages in 2007 - 1 in 2008 thus far. IF the NOC goes down, ppl can STILL use BBMessenger or direct PIN to their colleagues to send messages or attachments (if BES allowed).
That doesn't change the consumer part, methinks. Some places don't allow it, and I truly think that Apple introduced it, only to sell to broader segment. The same reason they tried ditching the FW800-port: "It's not broadly used feature".
Edit: You could use the same argument for a camera phone. It'll be useful for some for instance to take a quick picture of something and mail it back to HQ. Or for video conferencing (assuming a two-camera product). It just doesn't change the basics: It's a liability, and to most "pros" (I use this term loosely here) it's useless.
Anyway, just a tad off-topic
This is VERY RELEVANT!
Some business' like LE LePage or other RealEstate corporations use the Camera on their BB's or WMPro devices to take pictures of houses, rooms, lawns etc to help sell the property. Your Governement will disable this feature OUTRIGHT. Remember when we're talking about using a smartphone as a corporate tool then anything that the IT department would like/want to administer is full game in this converstation/rebuttal.
Many ppl thought the same way with BB before the 8100 Pearl was introduced with BES Admins the ability to fully disable it or the MicroSD card.
I guess the VPN thing could work, provided your users don't mind the extra step, and assuming that there is a supported IPSec client available for the iPhone. Not everyone uses Cisco. In my case we have an F5 SSL VPN, which supports ActiveSync connections by proxying the request to the Exchange server, unfortunately direct push didn't work in this manner. And although we can support network access like a regular IPSec VPN, there is no F5 client available for the iPhone (or the Blackberry for that matter). So The VPN is out, the Firewall is out, that leaves only BES, or some other middleware solution like Visto.
So you don't have to pay a voice plan to use phone calls on your Windows Mobile device or regular phone? You don't have to pay a data plan to use internet or email connections either on your smartphone or regular phone? Please mentioning those costs is irrelevant. Stating BES charges from a prior installation is not relevant for current plans. Also I'm sure with that BES license if your BES Admin cannot resolve a problem he can call into Waterloo, or Texas, or NovaScotia, or Vancouver for support to get things resolved, right?
What do you mean "your [my] government"? I'm a dane, living in Copenhagen, Denmark, Europe, outside the US
Anyway, thanks for thinking it wasn't off-topic. I somewhat see your point: Since the iPhone is the challenger, the way the hardware functions (or not) could be relevant.
It's weird. Even as a journalist, audio recorder in hand, on my way to do an interview with someone up high in the hierarchy, I sometimes get my camera taken while doing the interview. I don't mind, as I'm not a photographer (I work with radio and write), but some places, they're very wary of camera phones/pocket cameras.
I can tell you now the FBI doesn't care if you can disable the camera, if it is on the phone you can't bring it in to the facility. Period. To be honest I know there are lots of DoD places that are the same way (basically anywhere that processes classified info). Yes that doesn't matter to the Real Estate person, but you would have to figure who spends more money on licenses, the government or a small mom and pop shop?
I think it might be because I could "nip to the toilet" and get me some pictures, whereas a huge-arse camera (for the photographer) or my audio recorder can't do much inconspiciously on the way to the toilet. I don't know, though, it's just my guess.
You should have placed you disclaimer before your comments.
With that said, perhaps it's time that you hedge your bets and stop thinking like a typical "know it all IT person" and open up to other technologies.
RIM and Blackberries had a nice run and it may continue, but if it doesn't you shouldn't be so closed minded to newer technology.
I've seen this a million times. Sure yesterday's technology may have some cool features and may be technically better, but if that's not what the enduser wants to use then....
What I'm seeing more and more are people, mostly sales people either carrying both a Blackberry and a iPhone around (with the iPhone being their preferred device) during work hours and then when it comes time to just carry one device they choose the iPhone.
I've also seen many small to medium business buy into the Blackberry and then when it doesn't work they go to their Exchange Administrator who tells them that their server is up, it must be something in the black cloud which is RIM. Just recently RIM customers had to suffer through a 3 - hour service outage because RIM had problems upgrading an internal data routing system. Alright I'm a sales person on the road and I want to connect to my e-mail and I can't because of this. I call my IT department and they tell me that they're up, but RIM is down.
Nothing wrong in that scenario, it happens all the time. That heartbeat is just used to keep the connection alive. If the connection is dropped, the client just re-establishes it the next time it has connectivity and resets the interval again.
It works quite well on the latest Windows Mobile devices (even going in and out of coverage as you mention), it is just a pain to get going. I think Apple has a great opportunity to do this right...
LOL. There's no port 80 involved, it's all SSL (port 443). Which is already open on any exchange setup that is offering OWA (which is most). Anyone serious is filtering that traffic through a hardware firewall appliance or software firewall such as ISA. And it's encrypted end to end - you don't seem to know too much about exchange. Enjoy your crackberry now because the sun is setting =)
As for the earlier question about exchange 2007 - I know a number of administrators who have pushed it out. It will get another big push with the advent of Small Business Server 2008 and the mid-sized business equivalent microsoft is releasing soon. 2007 offers far greater control and scalability, and has some much-needed enhancements to activesync and device management that 2003 doesn't offer. ex2003 service pack 2 is extremely solid, however, and will continue to be run for a loooong time due to ex2007 requiring 64 bit hardware.
Hi all,
this is a real interesting thread and I have learn A LOT. Thanks for those comment now I do have one question for you. I would appreciate if you could enligthen me here..
My gf got a Blackberry Pearl few months ago for personal usage. She took the special "Blackberry option with the cellphone provider.
She had to go to the cellprovier website and to open an account to set up her Gmail account in order to receive her GMail messages as push.
What happened there? How can Gmail suddenly offer push? Does the cellprovider run a BBExchange server that communicate in some way with Gmail to push it to the phone
I mean what is this account that she created?
And could it be possible for Apple to offer such a server to provide ush mail to everyone?
Thank you
this is a real interesting thread and I have learn A LOT. Thanks for those comment now I do have one question for you. I would appreciate if you could enligthen me here..
My gf got a Blackberry Pearl few months ago for personal usage. She took the special "Blackberry option with the cellphone provider.
She had to go to the cellprovier website and to open an account to set up her Gmail account in order to receive her GMail messages as push.
What happened there? How can Gmail suddenly offer push? Does the cellprovider run a BBExchange server that communicate in some way with Gmail to push it to the phone
I mean what is this account that she created?
And could it be possible for Apple to offer such a server to provide ush mail to everyone?
Thank you
Newton
Well.. you might be missing a point: Palm did kill the Newton, an early iPhone incarnation (without the telephone and multimedia bit)
Well.. you might be missing a point: Palm did kill the Newton, an early iPhone incarnation (without the telephone and multimedia bit)
She is probably using BIS (blackberry internet services) which is kind of a BES "lite" that cell providers use to provide basic email services for standalone crackberries. It doesn't do contacts/calendar like Exchange/BES does.
Paranoid Canadian
Just one more paranoid canadian, I don't recall that Steve Jobs said that Canadians are a huge security risk just RIM's system. You obviously live in the east!
Just one more paranoid canadian, I don't recall that Steve Jobs said that Canadians are a huge security risk just RIM's system. You obviously live in the east!
+1
Firewalls can be configured to temporarily authenticate a device IP to pass through the firewall using either a certificate or token+pin and domain credentials. No permanent open ports are necessary.
True, I'm not an Exchange expert, although I'm not sure how you've determined that from my post. I have a working knowledge, which includes the configuration of Exchange for ActiveSync and OWA, and while both support SSL, neither requires it. My implementations of both of these have used run-of-the-mill HTTP, but neither were exposed directly to the Internet, both required a VPN connection.
My issue was not so much about encryption, SSL is easy enough to set up. My concern is about exposing the Exchange server directly to the Internet. Regardless of whether I expose it on port 80 or 443, there's inherent risk that has nothing to do with encryption.
While I'm not an Exchange expert, I am an expert on our Firewall and VPN. I know that there are complicated DMZ arrangements which mitigate some of my concerns. VPN is also an option, as long as iPhone has a client that supports it, and your users don't mind the extra step. But why go through these contortions to solve a problem that Blackberry has already solved?
Don't get me wrong. I have no love of the Blackberry. It has been the bane of my existence from the first day it appeared on my network. I have stubbornly resisted the tide and stuck with my Palm Pilots and iPaqs, using Visto or ActiveSync for e-mail. Neither Visto or ActiveSync matched what was available on the Blackberry, but I didn't care. I was more concerned with other functions. Blackberry has always been strong on e-mail, but weak on applications, WiFi, and VPN support. So while I, as an individual, could live with the shortcomings of Visto or ActiveSync, neither of these proved to be viable for the enterprise as a whole, where access to e-mail was the driving factor.
Blackberry, however, has come a long way in supporting my individual requirements, plus the Exchange integration that has always been there. Visto on the iPhone doesn't support Calendar, and ActiveSync didn't work properly through our SSL VPN. So I think Blackberry wins out in our case, much to my chagrin.
As I mentioned, Outlook Web Access requires port 443 for SSL connections from web browsers already. And very few large shops would be passing traffic directly to the exchange server - again most run this traffic through a hardware firewall appliance and/or ISA 2006 firewall (which is designed specifcally to work with exchange 2007). If you know how to set it up properly (which it sounds like you probably have to know-how to handle) then it is no less secure than RIM's solutions at their NOC. In fact it is perhaps a bit MORE secure due to the obscurity of not having your traffic all flowing to a very well-known and probably highly-targeted NOC!
I understand your concerns but you have to allow some traffic (smtp for example) otherwise nothing works =) Nothing gets in our out of my infrastructure but SMTP and SSL, with the exception of a single box that serves up a few websites on port 80 from my DMZ. SMTP is also locked down to a particular IP range since our email is pre-screened by MXLogic (similar to postini).