Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.11
  3. Overview and what's new
  4. Key BlackBerry UEM features

Key 
BlackBerry UEM
 features

Feature 
Description
Multiplatform device management
You can manage 
iOS
macOS
Android
Windows 10
, and 
BlackBerry 10
 devices. 
BlackBerry UEM
 installations that have been upgraded from 
BES5
 can also manage 
BlackBerry
 OS (versions 5.0 to 7.1) devices.
Single, intuitive UI
You can view all devices in one place and access all management tasks in a single, web-based UI. You can share administrative duties with multiple administrators who can access the management console at the same time. You can toggle between default and advanced views to see options for displaying information and filtering the user list.
Trusted and secure experience
Device controls give you precise management of how devices connect to your network, what capabilities are enabled, and what apps are available. Whether the devices are owned by your organization or your users, you can protect your organization's information.
Separate work and personal needs
You can manage devices using 
Android Enterprise
 
Samsung Knox
, and 
BlackBerry Balance
 technologies that are designed to make sure that personal information and work information are kept separate and secure on devices. If the device is lost or the employee leaves the organization, you can delete only work-related information or all information from the device.
Secure IP connectivity
You can use 
BlackBerry Secure Connect Plus
 to provide a secure IP tunnel between work space apps on 
BlackBerry 10
iOS
Samsung Knox Workspace
, and 
Android
 devices that have a work profile and your organization’s network. This tunnel gives users access to work resources behind the organization’s firewall while making sure the security of data using standard IPv4 protocols (TCP and UDP) and end-to-end encryption.
Simple user self-service
BlackBerry UEM Self-Service
 reduces support requests and lowers IT costs for your organization while giving users the option to manage their devices in a timely manner. Using 
BlackBerry UEM Self-Service
, users can perform tasks like activating or switching devices, changing their device passwords remotely, deleting device data, or lock their lost or stolen devices, and address other critical support requirements. 
Integration with services such as 
BlackBerry Workspaces
BlackBerry Enterprise Identity
BlackBerry 2FA
, and 
BlackBerry UEM Notifications
You can integrate 
BlackBerry UEM
 with 
BlackBerry Workspaces
BlackBerry Enterprise Identity
BlackBerry 2FA
, and 
BlackBerry UEM Notifications
 that allow you to add value to your organization's 
BlackBerry UEM
 instance.
Powerful app management
BlackBerry UEM
 is a comprehensive app management platform for all devices. You can deploy apps from all major app stores, including 
App Store
Google Play
Windows Store
, and 
BlackBerry World
 storefront. 
Role-based administration
You can share administrative duties with multiple administrators who can access the administration consoles at the same time. You can use roles to define the actions that an administrator can perform and reduce security risks, distribute job responsibilities, and increase efficiency by limiting the options available to each administrator. You can use predefined roles or create your own custom roles.
Company directory integration
You can use local, built-in user authentication to access the management console and self-service console, or you can integrate with the 
Microsoft Active Directory
 or LDAP company directories that you use in your organization's environment (for example, 
IBM Domino
 Directory). 
BlackBerry UEM
 supports connections to multiple directories. You can have any combination of both 
Microsoft Active Directory
 and LDAP.
You can also configure 
BlackBerry UEM
 to automatically synchronize the membership of a directory-linked group to its associated company directory groups when the scheduled synchronization occurs.
When you configure the settings for directory-linked groups, you can select offboarding protection. Offboarding protection requires two consecutive synchronization cycles before device data or user accounts are deleted from 
BlackBerry UEM
. This feature helps to prevent unexpected deletions that can occur because of latency in directory replication.
To integrate 
BlackBerry UEM Cloud
 with your company directory you must install the 
BlackBerry Connectivity Node
. You can install one or more instances of the 
BlackBerry Connectivity Node
.
High availability
If you have 
BlackBerry UEM Cloud
, instead of having to maintain your own highly available service for device management, with all the upfront and maintenance costs, 
BlackBerry
 maintains the service and maximizes uptime for you. 
Migration
You can migrate users, devices, groups, and other data from an on-premises 
BlackBerry UEM
 source database to a new on-premises or 
BlackBerry UEM Cloud
 instance.
Cisco ISE
 integration
Cisco Identity Services Engine
 (ISE) is network administration software that gives an organization the ability to control whether devices can access the work network (for example, permitting or denying 
Wi-Fi
 or VPN connections). You can create a connection between 
Cisco ISE
 and 
BlackBerry UEM
 on-premises so that 
Cisco ISE
 can retrieve data about the devices that are activated on 
BlackBerry UEM
Cisco ISE
 checks device data to determine whether devices comply with your organization’s access policies.
Regional deployment
You can set up regional connections for enterprise connectivity features by deploying one or more 
BlackBerry Connectivity Node
 instances in a dedicated region. This is known as a server group. Each 
BlackBerry Connectivity Node
 includes 
BlackBerry Secure Connect Plus
, the 
BlackBerry Gatekeeping Service
, the 
BlackBerry Secure Gateway
BlackBerry Proxy
, and the 
BlackBerry Cloud Connector
. You can associate enterprise connectivity and email profiles with a server group so that any users who are assigned those profiles use a specific regional connection to the 
BlackBerry Infrastructure
 when using 
BlackBerry Connectivity Node
 components. Deploying more than one 
BlackBerry Connectivity Node
 in a server group also allows for high availability and load balancing.
Wearable devices
You can activate and manage certain 
Android
-based, head-worn wearable devices in 
BlackBerry UEM
. For example, you can manage 
Vuzix M300 Smart Glasses
. Smart glasses provide users with hands-free access to visual information such as notifications, step-by-step instructions, images, and video and allow users to issue voice commands, scan bar-codes and use GPS navigation. Examples of 
BlackBerry UEM
 management capabilities that are supported include: Device activation using QR code, IT policies, 
Wi-Fi
 and VPN profiles, app management and location services.
Microsoft Intune
 integration
For 
iOS
 and 
Android
 devices, if you want to protect data in 
Microsoft Office 365
 apps using the MAM features of 
Microsoft Intune
, you can use Intune to protect app data while using 
BlackBerry UEM
 to manage the devices. 
Intune
 provides security features that protect data within apps. For example, 
Intune
 can require that data within apps be encrypted and prevent copying and pasting, printing, and using the Save as command. You can connect 
UEM
 to 
Intune
, allowing you to manage Intune app protection policies from within the 
UEM
 management console.