BlackBerry

BES12.5 update brings a wealth of new features to the Enterprise

Rapid John·
AppsDevelopersSamsungGoogleBlackBerry
···7 min read
Home
Apps

BlackBerry have released BES12.5 as a service pack update for BES12. The update brings improved mobile device management in the enterprise,  new features to the management console, licensing and  Good Dynamics.

In addition, BES12.5 brings new features for iOS, Android, Samsung KNOX, Windows 10, IBM Notes Traveler, Pulse Secure, the self-service console, and the BlackBerry Connectivity Node.

BES12 is a multiplatform EMM solution from BlackBerry that provides comprehensive device, application, and content management with integrated security and connectivity.

With BES12 you can:

  • Manage BlackBerry 10, iOS, OS X, Android (including devices that use Android for Work andSamsung KNOX), Windows (including Windows 10 tablets and computers), and BlackBerry OS (version 5.0 to 7.1) devices
  • Use a simple web-based interface to manage BYOD, COPE, and COBO devices and protect business information
  • Manage complex fleets of devices using comprehensive reporting and dashboards, dynamic filters, and robust search capabilities
  • Keep mobile workers connected with the information that they need
  • Configure high availability to minimize service interruptions for device users
  • Allow users to activate their own devices with BES12 Self-Service
  • Ensure data security across iOS, Android, Windows and BlackBerry devices

What’s new in BES12 version 12.5

Management console

View available updates for iOS devices: You can now view updates that are available for iOS devices on the User Details page in the management console.

Manage security audit event logging: Security audit event logging can be enabled and configured from the Settings > Infrastructure > Audit configuration menu. You can export the security event audit log to a .csv file.

Use app categories: You can create categories for the apps that you add to the app list and filter your app list by category. On Android and iOS devices, the apps are organized into these categories in the user’s work apps list.

View the status of BlackBerry Collaboration Service instances on the BES12 Instances screen: You can view the status of each BlackBerry Collaboration Service instance in your domain on the Settings > Infrastructure > BES12 Instances screen. The status provides information about whether the BlackBerry Collaboration Service is running or stopped and the BlackBerry Collaboration Service version that is installed.

Create email templates: You can now use an HTML editor to create the templates for device activation emails and compliance notifications, allowing you to format the text and include corporate images. Some new default email templates are provided.

Get expanded device conditions in compliance profiles: You can now specify whether devices that have not been in contact with BES12 for a specified length of time are non-compliant. You can also add a list of restricted OS versions and device models to compliance profiles and select the actions that occur if the user does not correct the issue.

Manage attestation for Samsung KNOX devices: You can turn on attestation so that BES12 sends challenges to test the authenticity and integrity of Samsung KNOX devices.

Simplify management of Android for Work apps: Android for Work apps no longer need to be added to an app group to be sent to Android for Work devices. If you have connected BES12 to a Google domain, you can send apps to Android for Work devices, just like any other Android device.

Customize the console: You can change the color scheme of the BES12 management console.

Gain offboarding protection for directory-linked groups: When you configure the settings for directory-linked groups, you can select offboarding protection. Offboarding protection requires two consecutive synchronization cycles before user accounts or device data are deleted from BES12. This feature helps to prevent unexpected deletions that can occur because of latency in directory replication.

Licensing

Take advantage of Good Secure EMM Suites features: Good Secure EMM Suites allows your organization to use both BES12 EMM and Good Dynamics features. Some suites also allow you to use BES12 value-added services.

Mix device-based and user-based licenses: Device-based licenses allow a user to activate one device with one license. User-based licenses allow a user to activate up to seven devices with one license. You can use device-based licenses, user-based licenses, or both.

Good Dynamics

Migrate profiles: You can create Good Dynamics profiles in BES12 versions 12.4 and 12.5, but you can migrate Good Dynamics profiles only between BES12 version 12.5 instances. You cannot migrate devices that are enabled on the Good Control server.

Generate Good Dynamics access keys: If you have connected your BES12 and Good Dynamics environments, you do not have to login to Good Control to generate an access key for devices that are not activated on BES12. You can simply add the user to BES12 and generate an access key from there.

Perform Good Dynamics app commands: After a Good Dynamics app has been installed on a device, you can perform actions on the apps. For example, you can delete app data if a user has lost a device.

Send user certificates to Good-enabled devices: If you have integrated BES12 and Good Dynamics, you can add a client certificate to a user account that is specifically for Good-enabled devices, or users can add the certificate in BES12 Self-Service.

Disable the ability to add users to Good Control: Users are synchronized between BES12 and Good Control only when users are created in BES12. You can turn off the ability to create users in Good Control to make sure that users are not created in Good Control without also being created in BES12.

iOS

Specify per-app VPN for apps and app groups assigned to device groups: You can configure VPN profiles to force iOS devices to specify which apps on the device must use a VPN for their data in transit. You can specify which apps on iOS devices must use a VPN when the apps or app groups are assigned to device groups.

Manage Apple Activation Lock: The Activation Lock feature on iOS 7 and later devices allows users to protect their devices if they are lost or stolen. In BES12.5, you can now manage the Activation Lock feature on supervised iOS 7 and later devices.

Android

Display organization notices at new Android device activation: You can create a custom notice or user agreement that is displayed when users activate their devices. Users must acknowledge the notice to complete the activation.

Specify required security patches: You can specify which security patches Android devices must be running.

Control which work-space apps on Android for Work devices can use BlackBerry Secure Connect Plus:You can specify the work-space apps on Android for Work devices that you want to restrict from using BlackBerry Secure Connect Plus. By default, Google Play is restricted, as it does not support the proxy configuration used by BlackBerry Secure Connect Plus. Android for Work devices use a direct connection over the internet to Google Play.

Samsung KNOX

Bulk-enroll Samsung KNOX devices: You can use the bulk-enrollment feature of KNOX Mobile Enrollment to activate large numbers of corporate-owned devices in BES12.

Windows 10

Configure Enterprise Data Protection for Windows 10 devices: You can configure Enterprise Data Protection profiles to separate personal and work data on devices, prevent users from sharing work data outside of protected work apps or with people outside your organization, and audit inappropriate data-sharing practices. You can specify which apps are protected and trusted to create and access work files.

IBM Notes Traveler

Gain IBM Notes Traveler support: BES12 now supports IBM Notes Traveler for Samsung KNOX Workspace devices.

Pulse Secure

Use Pulse Secure VPN client support: BES12 now supports the Pulse Secure VPN client for iOS devices.

BES12 Self-Service Console

Customize the BES12 Self-Service console: You can change the color scheme of the BES12 Self-Service console. You can add website bookmarks in the BES12 Self-Service console.

Enable self-service for Good Dynamics users: Users with devices that are enabled for Good Dynamics can use BES12 Self-Service to complete the following tasks:

  • Create access keys to activate Good Dynamics apps
  • Lock, unlock, and delete app data from Good Dynamics apps on their devices

Assign user roles: You can create and assign user roles that specify the capabilities that users have in BES12 Self-Service.

BlackBerry Connectivity Node

Install additional instances of the device connectivity components in your BES12 domain: You have the option to install one or more instances of the BlackBerry Connectivity Node to add additional instances of the device connectivity components to your organization’s domain. Each BlackBerry Connectivity Node contains the following BES12 components: BlackBerry Secure Connect Plus, the BlackBerry Gatekeeping Service, the BlackBerry Secure Gateway Service, and the BlackBerry Cloud Connector.

Enterprise Developers

New APIs

The following new APIs have been added:

  • setUsersCustomVariables – This API allows for adding, updating, and deleting custom variables for a list of users. For more information about the custom variables that can be set, in particular the “name” field which is used to identify custom variables in requests of this API, use the getVariableDefinitions API (in particular, see the “customVariableDefinitions” field in that API’s response).
  • getVariableDefinitions – This API allows for getting lists of information about variable definitions in the system. Note that this API only returns custom variable information.

New classes

The following new classes were added:

  • CustomVariableDefinition – Contains the definition of a custom variable.
  • DeviceWorkSpaceState – Contains the state of the device work space.
  • GetVariableDefinitionsRequest – Contains data that is used in a request to get variable definitions.
  • GetVariableDefinitionsResponse – Contains the results for a request to get variable definitions.
  • SetUsersCustomVariablesRequest – Contains data that is used in a request to set or clear a list of custom variables for one or more users.
  • SetUsersCustomVariablesResponse – Contains the overall return status of a request to set or clear a list of custom variables for one or more users, and lists the response for each user.

New activation types

The “USER_PRIVACY_AFW_PREMIUM” activation type was added to the following class:

  • DeviceActivationType

The BlackBerry Web Services “USER_PRIVACY_AFW_PREMIUM” activation type maps to the “Work and personal – user privacy (Android for Work – Premium)” activation type in the management console.

The “WORK_SPACE_ONLY_AFW_PREMIUM” device activation type was added to the following class:

  • DeviceActivationType

The BlackBerry Web Services “WORK_SPACE_ONLY_AFW_PREMIUM” activation type maps to the “Work space only (Android for Work – Premium)” activation type in the management console.

You can find out more detailed information here.