What's new in BlackBerry UEM Part 2
We’ve just released the latest update to BlackBerry UEM and BlackBerry UEM Cloud. Among the many upgrades are improvements to installation, profiles, and profiles. For more information about the release, refer to part 1 of the blog here.
Installation and Upgrade
- Regionalization: BlackBerry UEM version 12.12 introduces regionalization features that allow BlackBerry Dynamics traffic to use the BlackBerry Infrastructure instead of the BlackBerry Dynamics NOC. These features are on by default in new installations of UEM version 12.12. If you are upgrading to UEM version 12.12 and want to enable these features, contact BlackBerry Technical Support. The regionalization features require BlackBerry Dynamics apps released in January 2020 or later. For custom BlackBerry Dynamics apps, BlackBerry Dynamics SDK 7.0 or later is required.
- Migration support: BlackBerry UEM version 12.12 supports migrations from BlackBerry UEM version 12.10 and later, and from Good Control version 5.0.
- Upgrade support: BlackBerry UEM version 12.12 supports upgrades from BlackBerry UEM version 12.10 and later.
- BES5 support: BES5 will no longer be integrated with BlackBerry UEM.
As of version 12.12, BlackBerry UEM no longer supports the following software:
- iOS version 11
- Android OS version 6
- BlackBerry 10 OS (see the BlackBerry Software Lifecycle Overview)
- Windows Server 2008
- Compliance profile updates: In a compliance profile, you can now set the Enforcement action for BlackBerry Dynamics apps to Monitor and log. For new compliance profiles, ‘Monitor and log’ is now the default setting. The default option for Prompt interval expired action is also ‘Monitor and log.
- Improvements to device filtering: You can now filter devices by model number. For example, you can now filter different Samsung Galaxy device models such as Samsung A5 SM-A520F and Samsung A5 SM-A510F. This allows administrators to apply policies, profiles, and group status to multiple devices of a specific model.
- App configuration: When you add a new version of an internal app to BlackBerry UEM, the app configuration is automatically copied from the older version of the internal app to the new version.
- Event notification update: The “Metadata updated” event notification has been improved to display the full name of the device hardware vendor.
- Override BlackBerry Dynamics connectivity profile on a per app basis: You can now specify a BlackBerry Dynamics connectivity profile to associate with each BlackBerry Dynamics app in BlackBerry UEM. When a profile is assigned to an app, that profile takes precedence over the profile assigned to the user of that app.
- App shortcut filter: A new filter on the UEM management console Apps page lets you search for app shortcuts.
- Dedicated device groups: BlackBerry UEM has a new Dedicated devices menu item. You can view, add, edit, and delete shared device groups and public device groups under the Dedicated devices menu. Public device groups are used to manage single-use devices that are not assigned to specific users. Shared device groups are used to manage devices that can be checked out by multiple users. Previously, shared device groups were located under the Users menu item.
- Microsoft Azure single tenant application registration: When you add or edit a Microsoft Azure Active Directory connection, you can choose to enable single tenant application registration.
- Restrict enrollment using device IDs: On the Activation defaults page, you can import and export a list of unique device identifiers to restrict which devices can enroll with BlackBerry UEM. You can specify whether BlackBerry UEM can limit activation by device ID in the following activation types:
- Work space only (Android enterprise fully managed device)
- Work and personal – full control (Android enterprise fully managed device)
- MDM controls
- Configure BlackBerry Dynamics proxy settings with a PAC file: You can now use a PAC file to configure HTTP proxy settings for app traffic connections to the BlackBerry Dynamics NOC. PAC files are supported only for apps that use BlackBerry Dynamics SDK version 7.0 and later.
- TLS v1.2: BlackBerry Dynamics apps now allow only TLS v1.2 for secure communications by default. To allow TLSv1 and v1.1, you must manually configure them.
New IT policy rules
- Access Point Name profile: You can use Access Point Name profiles to send APNs for carriers to your user’s Android devices. If you want to force a device to use an APN sent to it by an Access Point Name profile, you can use the "Force device to use Access Point Name profile settings" IT policy rule in the Android Global IT policy rules.
- Hide certificate: For certificates pushed to Android Enterprise devices with Android 9.0 and later, SCEP, shared certificate, and user credential profiles now allow you to hide the certificate from users to prevent them for using it for unintended purposes.
What’s new in BlackBerry UEM Cloud
The following features are specific to BlackBerry UEM Cloud.
- SCEP profile update: A new button in the SCEP profile lets you test the connection between the BlackBerry UEM Cloud instance and the SCEP server over the BlackBerry Connectivity Node. The button is enabled only if the BlackBerry Connectivity Node is configured to route SCEP calls. You can use a BlackBerry Connectivity Node to connect a BlackBerry UEM Cloud instance to a SCEP server inside the firewall.
- Google notifications: You can enable Google notifications for BlackBerry UEM Cloud. You must reconnect to your Google domain to create a unique identity for your tenant, and then reactivate devices.
- BlackBerry Online Account credentials: Administrators can now create users in BlackBerry UEM Cloud that can use their BlackBerry Online Account credentials to log in.
BlackBerry Enterprise Mobility Server
- Trusted connection to the Microsoft Exchange Server enhancements: You can now import and remove individual CA and Intermediate certificates from the BEMS certificate store using the BlackBerry UEM console. This allows administrators to import and replace individual self-signed and custom CA certificates as required to create the trusted connection between BEMS Cloud and the Microsoft Exchange Server.
- Email notifications error message enhancements: When you test the connection of a user profile to the Microsoft Exchange Server or Microsoft Office 365 for email notifications (Settings > BlackBerry Dynamics > Email notifications) in the environment, BEMS Cloud includes clearer messages on why the test failed (for example, Invalid credentials, please verify the Microsoft Exchange credentials are correct).
- BlackBerry Connectivity Node configuration enhancements: Administrators can specify that BEMS Cloud uses the internal Exchange Web Services URL for BEMS Cloud email notifications (Settings > BlackBerry Dynamics > Email notifications) when the environment is configured to use an internal URL to access and communicate with an on-premises Microsoft Exchange Server.