Research In Motion's (RIM's) BlackBerry is an excellent wireless email solution, but most users find that they want more than just email. They want a wireless device that lets them do more of the things they do at their desk. BlackBerry Enterprise Server (BES) 3.6 and BES 3.5 enhance handheld device usability and the overall user experience with features such as the ability to receive email attachments and look up names in the Exchange Server Global Address List (GAL) so that users are more productive when they're on the road. In "BlackBerry Enterprise Server's New Features, Part 1," November 2003, http://www.exchangeadmin.com, InstantDoc ID 40061, I describe the server support for the BES 3.6 and BES 3.5 enhancements; here, I discuss the enhancements from the perspective of the handheld device user.

To use the new features, users need at least BlackBerry Handheld Software 3.5 for the newer, voice-enabled handheld devices (i.e., BlackBerry 7230, BlackBerry 7210, BlackBerry 6750, BlackBerry 6710, BlackBerry 6510, BlackBerry 6210, and BlackBerry 5810) or BlackBerry Handheld Software 2.5 for the older devices (RIM 957, RIM 950, RIM 857, and RIM 850). For more details about devices and where to get the handheld device software, see the "BlackBerry Enterprise Server's New Features, Part 1" article's "Handheld Requirements" sidebar (InstantDoc ID 40062).

Urgent: Please Review!
Reading email wirelessly is great, but often, important messages come with something more: attachments. In BES 3.5 and earlier, the ability to read attachments on the handheld device is available only by adding a third-party product, such as Onset Technology's METAmessage for Wireless or itrezzo's BlackBerry File Attachment Conversion software. But in BES 3.6, users can view ASCII files; Microsoft Word, Excel, and PowerPoint files; Corel WordPerfect files; and Adobe PDF files on the handheld device. Specifically, the supported file formats and application versions are as follows:

  • ASCII
  • Adobe PDF 1.4, PDF 1.3, PDF 1.2, PDF 1.1
  • Office Word 2003, Word 2002, Word 2000, Word 97, Word 95
  • Office Excel 2003, Excel 2000, Excel 97, Excel 95
  • Office PowerPoint 2003, PowerPoint 2002, PowerPoint 2000, PowerPoint 97, PowerPoint 95
  • WordPerfect 2000, WordPerfect 8.0, WordPerfect 7.0, WordPerfect 6.0

When a message has an attachment, users can move the cursor to the attachment reference in the message and select Open Attachment from the track-wheel menu to request that the attachment text be sent to the device. The device then presents the options of retrieving a table of contents for the attachment (if the document has one) or the entire document. The BES attachment-conversion service, BlackBerry Attachment Server, does its best to retain formatting such as indentations, fonts, bullets, tables, and spreadsheet grids, but it strips out graphics and doesn't convert anything other than fairly plain text very well.

You don't need to load copies of Office, Acrobat, and WordPerfect on the server for it to convert attachments. BlackBerry Attachment Server comes with several DLLs (one for each attachment format) to perform the conversions. When a handheld user needs to view an attachment, the device sends a control message over the wireless network to BES. The BES email redirection service listens for these commands and hands them to the attachment service, which renders the attachment contents into a format that's compatible with that particular device (e.g., taking the display size into account). The attachment service passes the rendered version back to the BES redirection service, which delivers the attachment to the device in 3KB chunks. Even a reasonably large Word or Excel document is much smaller when converted to basic text, so a 3KB chunk can contain a big portion of a document. Retrieving successive chunks works the same as retrieving large messages. When users need to retrieve the next section, they select the More option from the device's track-wheel menu.

If your users require additional attachment-conversion formats, you'll need to use a third-party product, but if users don't typically receive attachments in formats other than those listed above, the BES attachment-conversion function should work for you. BlackBerry Attachment Server has the added benefit of supporting all handheld models. Some third-party products don't have client applications for all models. Users who have unsupported models must forward sometimes-cumbersome messages to a specific address (e.g., view-attachment@domain.com) and await a reply message containing the text.

Directory Assistance: May I Help You?
To specify a message recipient in BES versions earlier than 3.5, users manually enter an SMTP address or select someone from their Contacts list. Another BES 3.5 (and later) usability enhancement lets users look up names in the Exchange GAL. The Lookup feature lets users enter a query based on a first name, last name, display name, or alias. Responses can return no matches, one match, or multiple matches. While users are waiting for the Lookup results, they can continue to work on other tasks, such as composing a message or sending another Lookup request to find another name (users can send up to five concurrent requests).

Figure 1 shows a few examples of GAL Lookup results. Lookup results are enclosed in brackets; regular address book items aren't. When a user highlights one of the multiple-match results and selects View Lookup, he or she will see the matches listed by display name. In the case of a large number of matches, the user will receive the results 20 names at a time. A user can highlight a name and select View to see account details such as email address, street address, company name, title, and phone numbers. (BES always sends all the available information for an account—you can't configure it to send only selected fields.) The user can choose to use a matching name as a message recipient or add one or all of the matches to his or her BlackBerry's address book.

Users can also create distribution groups in the handheld device's address book, just the way they can create personal distribution groups in their Contacts folder. Unfortunately, users can't synchronize the groups on their device with the ones in Contacts, so they must maintain groups in two locations.

Synchronize No More—or at Least Less
Although the BlackBerry makes wireless email simple, it also adds a small amount of complexity to users' lives because they periodically must return it to the cradle to synchronize. Some users regularly synchronize their handheld devices and some almost never do. Those who don't can have more trouble discerning which messages they've already read when they use Outlook. BES 3.6 introduces wireless email reconciliation, which mirrors actions that users take on their devices by sending commands over the wireless network to the BES server, which updates user mailboxes. For example, when a user reads a message on his or her handheld device, the device sends a command that instructs BES to mark the message in Outlook as read. If a user deletes a message on the device, BES moves it to the Deleted Items folder. And if a user files a message, BES moves it to the appropriate Outlook folder based on the user's handheld actions. Wireless reconciliation works only for email messages; users still need to use the desktop cradle to synchronize tasks, notes, and contacts. BES competitor GoodLink Server (from Good Technology) has had wireless reconciliation for some time, so I'm glad to see BES catch up.

Another nice feature of wireless reconciliation lets you send a command to empty your Outlook Deleted Items folder. This feature can be helpful if a user is unable to send messages because he or she reached his or her Exchange mailbox size limit.

Because email-related actions performed on the handheld device result in many commands back to BES, you need to consider the effect wireless reconciliation will have on the BES server. (Attachment conversion also increases demand on the server, but not as much because attachment conversion happens by request whereas reconciliation happens each time a user deletes or moves a message.) CPU and network usage will increase, so you'll need to establish new baselines for how many users per server your hardware can support. RIM says you can support as many as 500 users per BlackBerry Server (which adds up to 2000 users on a BES 3.6 or BES 3.5 server because these versions can support as many as four BlackBerry Server instances). You might need to reduce this number of users per server when upgrading to BES 3.6 if many of your users will be using wireless reconciliation. On the server side, you can enable or disable wireless reconciliation on a per-user basis or on a per­BlackBerry Server basis. By default, wireless reconciliation is enabled on the BES 3.6 server but is disabled for each user you add to a BlackBerry Server. You'll need to enable wireless reconciliation when you add an account. On the handheld device, you can let the user enable wireless reconciliation manually, or you can define a BES policy that enables wireless reconciliation as the default. (For more information about server hardware requirements and BES policies, see "BlackBerry Enterprise Server's New Features, Part 1.")

Before you deploy BES 3.6, make sure your users understand wireless reconciliation and how it works. Some of your users are probably accustomed to not synchronizing and routinely delete messages from their handheld device assuming they'll be able to use Outlook to file them later. If you install BES 3.6 and use policies to activate wireless reconciliation or plan to have an installation team provide devices with this feature enabled, make sure users know the repercussions of deleting from the handheld device. If you don't do so, users might be unpleasantly surprised to later find items gone from their Outlook mailbox.

Beyond Email
Earlier, I mentioned that many users would like the BlackBerry to perform more of the functions of a desktop machine. BES 3.6 and BES 3.5 move closer to this objective through the use of the Mobile Data Service (MDS). You can use MDS as a platform on which to build mobile client/server solutions that let users access other systems with their handheld devices. MDS comes with a useful application—a wireless Web browser. Before MDS, any handheld device equipped with a browser had to use an ISP or wireless carrier's gateway as a proxy. In BES 3.6 and BES 3.5, MDS is the gateway. One of the biggest advantages of this arrangement is that users can access systems and applications on your organization's intranet, whereas before they were limited to Internet-accessible and provider-specific sites and systems.

Typically, the wireless carrier­provisioned browsers, such as those found on BlackBerry 6710 and BlackBerry 5810 devices, let you view only sites accessible through the Wireless Application Protocol (WAP). Pages of content on WAP-enabled sites are referred to as cards, which are designed to allow efficient transmission to and display of information on devices that have small screens and don't have high-bandwidth access. MDS provides access to WAP sites, but a second advantage of the service is that it acts as a browser proxy to let users access many sites through HTTP. MDS translates HTML content into a format suitable for the BlackBerry's browser. MDS can, for example, translate and render rich-content pages such as Yahoo!'s driving directions and maps. The map graphics are too small to be of much use, but users can access Web page controls such as drop-down lists and text boxes and retrieve the driving directions text. Depending on your wireless carrier, users might also use less airtime because they can bypass the carrier's WAP gateway.

A third advantage that MDS gives you over carrier-provisioned browsers is logging. MDS logs page requests to debug logs on the BES server. The logs report only the host name (e.g., maps.yahoo.com), not the whole URL, but if your security policy requires you to monitor browsing activity, MDS helps meet that requirement.

MDS works by pairing a client application (e.g., the browser) with a server-side transcoder (a filtering and formatting module). The handheld application sends commands to MDS, which acts as a proxy to the data source. MDS processes what it receives from the client (e.g., a URL), performs the requested action, uses a transcoder to format the results, and sends them back to the handheld device. Between the device and MDS, the communications pathways work the same as they do between the device and the email redirection service, as Figure 2 shows. Like email redirection, MDS doesn't require you to open a firewall "hole." The handheld device communicates with one of RIM's Server Router Protocol (SRP) hosts. The SRP host communicates with BES 3.6 or BES 3.5, which talks to MDS. Between BES and the device, traffic is encrypted using the same Triple Data Encryption Standard (3DES) encryption keys and algorithms that secure user email. Because the BlackBerry services accept messages only from known devices that use user-specific encryption keys, an intruder can't exploit MDS as an access point.

In addition to the 3DES encryption used between BES and the handheld device, MDS can use Secure Sockets Layer (SSL)/Transport Layer Security (TLS) connections. MDS has two SSL modes: End-to-End mode (used on devices that are running BlackBerry Handheld Software 3.5) establishes an SSL connection between the device and the data source. Proxy mode (used on devices running BlackBerry Handheld Software 2.5) establishes an SSL connection between MDS and the data source.

Figure 3 shows the two SSL modes. When a user enters the URL https://secure.site.com on a device that has BlackBerry Handheld Software 3.5, the software uses SSL on top of the 3DES encryption to connect to the secure.site.com host. If the device has BlackBerry Handheld Software 2.5, 3DES encryption alone protects the data between the device and MDS, and SSL secures the communications with the secure.site.com host. In addition to the transport security, if a site requires authentication, MDS passes an authentication request to the device so that the user can enter the necessary logon credentials.

A BlackBerry quickly becomes part of users' routines—letting them make use of spare minutes of formerly unproductive time, such as during flight delays or while stuck in traffic. The ability to read attachments, look up names in the GAL, synchronize more easily, surf the Web, and access corporate data from a BlackBerry are enhancements that your users have probably been asking for. Even a small thing, such as the ability to wirelessly empty the Outlook Deleted Items folder, can be a really helpful feature for people who are constantly on the go because it lets them stay untethered a little longer.