Skip Navigation
BlackBerry Blog

BlackBerry UEM Cloud Update: Part 2 – New Device, Self-Service Console, BlackBerry Connectivity Node, and Other Features

Businesswoman with cell phoneWe’ve just released the latest update to BlackBerry UEM Cloud (formerly known as BES12 Cloud). Because this update adds so many new features that improve your ability to manage mobile devices in the enterprise, we’ve broken this blog into two parts.

This blog was written by Colin Fullerton.

In this post, learn about the new features for iOS, Android, Samsung KNOX, Windows 10, IBM Notes Traveler, Pulse Secure, the self-service console, and the BlackBerry Connectivity Node. Then, click over to our other blog post to learn about BlackBerry UEM Cloud’s improvements to the Management Console and migration.


  • Specify per-app VPN for apps and app groups assigned to device groups: You can configure VPN profiles to force iOS devices to specify which apps on the device must use a VPN for their data in transit. You can specify which apps on iOS devices must use a VPN when the apps or app groups are assigned to device groups.
  • Manage Apple Activation Lock: The Activation Lock feature on iOS 7 and later devices allows users to protect their devices if they are lost or stolen. In BlackBerry UEM, you can now manage the Activation Lock feature on supervised iOS 7 and later devices.
  • Manage BlackBerry Secure Gateway Service: The BlackBerry Secure Gateway Service allows iOS devices with the MDM controls activation type to connect to your work email server through the BlackBerry Infrastructure and BlackBerry UEM. If you use the BlackBerry Secure Gateway Service, you don’t have to expose your mail server outside of the firewall to allow users with these devices to receive work email when they are not connected to your organization’s VPN or work Wi-Fi network.


  • Display organization notices at new Android device activation: You can create a custom notice or user agreement that is displayed when users activate their devices. Users must acknowledge the notice to complete the activation.
  • Specify required security patches: You can specify which security patches Android devices must be running.
  • Control which workspace apps on Android for Work devices can use BlackBerry Connectivity: You can specify the workspace apps on Android for Work devices that you want to restrict from using BlackBerry Connectivity (formerly known as BES 12 Secure Connect Plus). By default, Google Play is restricted, as it does not support the proxy configuration used by BlackBerry Connectivity. Android for Work devices use a direct connection over the internet to Google Play.

USA, New York City, businesswoman using smartphoneSamsung KNOX

  • Bulk-enroll Samsung KNOX devices: You can use the bulk-enrollment feature of KNOX Mobile Enrollment to activate large numbers of corporate-owned devices in BlackBerry UEM.

Windows 10

  • Configure Enterprise Data Protection for Windows 10 devices: You can configure Enterprise Data Protection profiles to separate personal and work data on devices, prevent users from sharing work data outside of protected work apps or with people outside your organization, and audit inappropriate data-sharing practices. You can specify which apps are protected and trusted to create and access work files.

IBM Notes Traveler

  • Gain IBM Notes Traveler support: BlackBerry UEM now supports IBM Notes Traveler for Samsung KNOX Workspace devices.

Pulse Secure

  • Use Pulse Secure VPN client support: BlackBerry UEM now supports the Pulse Secure VPN client for iOS devices.

BlackBerry UEM Self-Service Console

  • Customize the BlackBerry UEM Self-Service console: You can change the color scheme of the BlackBerry UEM Self-Service console. You can also add website bookmarks in the BlackBerry UEM Self-Service console.
  • User roles: You can create and assign user roles that specify the capabilities that users have in BlackBerry UEM Self-Service.

Cloud ComputingBlackBerry Connectivity Node

There’s a new name for the local BlackBerry UEM Cloud components that you install on your local computer. They are now referred to collectively as the BlackBerry Connectivity Node. You can install up to two instances of the BlackBerry Connectivity Node. Each instance contains the following components:

  • BlackBerry Cloud Connector: Allows BlackBerry UEM Cloud to access your organization’s company directory so that you can create directory user accounts.
  • BlackBerry Secure Connect Plus: Gives users access to work resources behind your organization’s firewall while ensuring the security of data using standard protocols and end-to-end encryption.
  • BlackBerry Secure Gateway Service: Provides iOS devices that use the MDM controls activation type with a secure connection to your organization’s mail server through the BlackBerry Infrastructure.
  • BlackBerry Gatekeeping Service: Makes it easier to control which devices can access Exchange ActiveSync.

For more information about these and other BlackBerry UEM Cloud features, visit the BlackBerry UEM Cloud page on BlackBerry Help. And don’t forget to click over to our other blog post on the new Management Console and migration features in BlackBerry UEM Cloud.

About Inside BlackBerry Blog