March 21, 2013, 8:44 PM — The new BlackBerry 10 smartphone, the Z10, finally goes on sale this week. Yet enterprise IT groups, who've been waiting for BlackBerry to get its act together, face a bigger challenge than learning the distinctive gestures of the phone's new touch interface.
To fully exploit the new BB10 operating system and devices, BlackBerry customers will need to change their traditional BlackBerry Enterprise Server (BES) infrastructure in whole new ways. Subtly renamed as BlackBerry Enterprise Service (BES) 10, the new server is BlackBerry's attempt to cope with increasingly complex, and multi-vendor, mobile deployments in the enterprise.
"In the past when you upgraded from BES 3 to BES 4 or BES 5, you brought up a new server, ran a configuration tool and migrated your users to the new server," says Brett Wilson, director of mobile engineering for Vox Mobile, a Cleveland-based mobile systems integrator, and a key BlackBerry partner for the BES 10 migration. "Some people assume it's the same process for BES 10, and then you decommission BES 5."
[ FIRST LOOK: BlackBerry Enterprise Service 10 ]
That assumption is wrong, says Wilson. "It's a whole new breed of device and new set of capabilities. And through [BlackBerry] Universal Device Service, it also supports Android and iOS devices. You actually have two environments to maintain." Companies will upgrade to and stick with BES 5 to manage their existing BlackBerry devices, based on the older BlackBerry OS. BES 10 will let them manage the new BlackBerry 10 smartphones and eventually the PlayBook tablet, as well as the upsurge of iOS and Android devices.
BlackBerry has put together a wide range of technical resources to support enterprises that decide to take the step to the brave new world of BES 10, which is actually for now two separate server programs. Together, the servers monitor and manage three classes of mobile devices: the existing older BlackBerry models, through BlackBerry OS 7.x; the recently announced first phones running the all-new BlackBerry 10 operating system -- the Z10 all-touch smartphone, due out this month, and the Q10, with hardware keyboard and smaller touch screen, due out in April, and the BlackBerry PlayBook tablet; and finally, iOS and Android devices, either personally or corporately owned.
One of those resources is Vox Mobile, which originally focused on enterprise BlackBerry deployments but now specializes in a full range of consulting, procurement, deployment, management and support services for large-scale mobile deployments, regardless of the OS platform. For BlackBerry, Vox also currently hosts webinars and information briefings aimed at enterprise IT staff contemplating the move to BES 10 and the new BlackBerry 10 devices.
Reclaiming the enterprise?
The challenge BlackBerry now faces in the enterprise is reflected in how Vox itself has changed since it was spun out of its parent company in 2006, one year before Apple unveiled the iPhone, and changed everyone's idea of what mobility was. At that time, "BlackBerry was the only thing going on in enterprise mobility, and we got very good at it," says Jim Haviland, chief marketing officer for Vox.
But for BlackBerry, and other mobile phone vendors such as Nokia, within a few years sales began falling fast as Apple's iOS devices, first iPhones then iPads, began an unprecedented growth in the enterprise. The advent of Android devices accelerated this shift. Vox followed the market and now offers services to support enterprise deployments for these rival mobile platforms.
"Eighteen months ago, BlackBerry didn't offer a platform for [modern] mobile application development," says Haviland. "And that was next wave of productivity: apps for accessing information, and for collecting it and sharing it, often automatically."
Companies that saw this link -- between apps and new productivity opportunities -- then made tactical decisions, looking at 12- or 18-month horizons, to embrace iOS and Android as the basis for creating new mobile apps to transform the way employees worked, according to Haviland. With BlackBerry 10, the new handsets, a panoply of development tools and aggressive outreach to developers, and a revamped server infrastructure, BlackBerry can now finally offer a competitive mobile platform, according to Vox's Haviland and Wilson.
BES 5 is the first step to BES 10
For the many enterprises that currently run the older BES 4 release, the first step will be upgrading to BES 5, which is "much more robust, and introduces high availability, and features like BlackBerry Balance," says Vox's Wilson. Balance is software that lets a BlackBerry user separate and secure business apps and data and personal apps and data. With BB10, its now "baked into" the new line of BlackBerry devices.
That upgrade, Haviland says, is straightforward. "It's not a major break or shift: They're just updating their existing BES as they have in the past," he says.
"For a lot of companies, the [existing] BlackBerry 6 and 7 devices and their services are still the corporate standard," Haviland says. "They're reliable, secure, rock solid, they work great and they're nearly free."
The BlackBerry 10 devices, co-existing with iOS and Android, need more, which is where BlackBerry Enterprise Service 10 comes in. Adding BES 10 means installing two new BlackBerry server programs (in May, BlackBerry will release a single integrated product), and accepting a new level of complexity, according to Wilson.
BES 10 -- welcome to complexity
"There are more things to 'worry' about," Wilson says. The changes include opening new firewall ports, setting up and managing new certificates, creating and maintaining databases for device configuration. Some of these changes are simple checklists. But how easy it ultimately is may hinge on the level of "IT maturity" with regard to mobility, according to Haviland. So some companies may need to create a mobility strategy first, to guide mobile decision-making. Others may need to create unified deployment teams that bring together IT managers and line-of-business manager to relate mobile technology to business goals.
One big advantage in adding the BES 10 servers is that, together, they let you manage a multi-vendor mobile environment by means of a single management console, across three different groups of devices: existing BlackBerry devices via BES 5, BlackBerry 10 devices via the BlackBerry Device Service (BDS), and iOS and Android via Universal Device Service (UDS). There's a companion native app that lets iOS or Android devices connect to BES 10 for device management and control.
BES 10 also supports both SSL certificates for traffic on Port 443 of the corporate firewall and another certificate specific to Apple iOS: Apple Push Notification Service (APNS).
Another change is that for the first time, BES 10 leverages Microsoft Exchange ActiveSync (EAS) for email, calendaring and other personal information synchronization. That introduces some new things to think about, says Wilson.
"When I toggle that attribute to turn on EAS for a user, how do I make sure that the user can't bring in any device and connect to it?" he asks. "EAS is nothing more than a transport that sits on Microsoft IIS [Internet Information Server]. You're configuring that service to talk not only with BlackBerry Device Service but also you are telling EAS not to accept a request from anyone outside of that service or Universal Device Service."
With BES 10, administrators are now faced with setting up and maintaining three configuration databases, one each for BES 5, for BDS and UDS. BlackBerry provides installation scripts to support initial setup. "It's how these [databases] scale that can sometimes cause trouble," Wilson says. Figuring out how many BES 10 servers one needs for a given user population may be a trial and error process.
Expect a few BES 10 gaps ... for now
Until May, with the next major release of BES 10, these databases don't have built-in failover capability. "That's a challenge right now for enterprise," Wilson says. "But that is going to be fully baked-into the software."
Another missing feature: the ability to "mass configure" large numbers of handheld devices, as used to be possible with older BlackBerry devices. Vox, for example, created its own software program to automate configuring and imaging the traditional BlackBerry devices. But with the new platforms -- Android, iOS, BlackBerry 10 -- this capability is missing, says Jim Haviland. "For these, you're taking about 20-45 minutes per device to get it all boxed and ready to ship to an end user," he says. "It will be similar for BlackBerry 10 devices."
BlackBerry Balance is being pushed as a major feature "baked into" each BB10 device, allowing administrators to set up a secure space for corporate apps and data. Users with a gesture can switch between work space and personal space. "It's genuinely painless," to set up and use, according to Wilson.
"Given where it's come from, the BlackBerry software is mature," says Wilson. "With the May BES 10 upgrade release, for a BlackBerry shop it's a very compelling product."
Read more about anti-malware in Network World's Anti-malware section.