I have always been partial to BlackBerry smartphones. I prefer the feel of a physical keyboard over an on-screen keyboard. Research in Motion is a Canadian company, and their devices changed the way everyone (not just IT people) does business by removing the shackles that had most office worked connected to their PC for communication.
So why is RIM trying so hard to lose my business?
As an IT professional I have many people trying to convince me that the iPhone is a superior tool. That may be true for browsing Internet sites and watching videos, but I have seen no evidence that it is a superior business tool.
System Lifeline is not a big company. We have not invested in a local Exchange server, and as a result we are not able to work with a Blackberry Enterprise Server. For field communications, we rely on our carrier’s network.
Since the beginning, we have had our monitoring application accessible to field technicians via HTTP on TCP port 88. Earlier this year, we purchased BlackBerry devices for the technicians and, to our surprise, suddenly received an “Access is Denied” message when attempting to connect to our monitoring suite.
Access Denied? Everything works fine on WiFi, but access was denied on the 3G network. So, we called our cellular carrier asking why they were blocking ANY access at all. After we performed some diagnostics, we found iPhones and Android phones can both access the site without issue. Only Blackberry devices refused to work.
Checking the Public IP picked up by the phone, we discovered, to our amazement, that we had an IP address owned by RIM!
At this point, our Carrier as well as our staff open tech support requests with RIM asking why this was happening and what could be done to fix it. For 6 weeks this process went back and forth with RIM. Level after level of support claimed they were not blocking any access to port 88. Each level of support (although friendly and willing to assist) needed to be walked through screen sharing sessions to prove that the problem is not the System Lifeline Firewall, nor the carrier network (which is the first place blame was placed at the beginning of each conversation).
I know speaking with RIM is like speaking with an insurance company or a big bank. They employ thousands of people, and only a very small fraction of that number can actually assist me with my issue.
Finally, although not happy with the result, I was given a concrete answer from a RIM technician: “Yes, if you do not have a BES, your data flows through the RIM network. For security reasons (which were not elaborated on) we block all non-standard low ports (so they allow HTTP and HTTPS?) below TCP/1024.”
TCP/88 is set aside for Kerberos (which I could see a need for).
RIM, why are you restricting what your clients can do? Give me the option to either run my Smart Phone over the unrestricted carrier network, or let ME decide what I do and do not need access to.
We have now wasted six weeks of troubleshooting, and had to reconfigure our network application for accessibility on a high port. Yes, I have a workaround, but I should not have needed that in the first place.
For the first time since the introduction of Blackberry devices, I am looking at my Bold 9900 and thinking that it may not be a bad time to try an Android.