Mobile Hotspot Security Features

Article ID: KB33009

Type: Support Content

Last Modified: 11-09-2012

 

Product(s) Affected:

  • BlackBerry 7 OS and earlier
  • BlackBerry Enterprise Server
Jump to: Environment | Overview
CollapseEnvironment
  • BlackBerry 7.1
  • BlackBerry Enterprise Server 5.0 SP4
  • BlackBerry Enterprise Server 4.0 to 5.0 SP3 with IT Policy Pack for BlackBerry 7
CollapseOverview

Mobile Hotspot mode allows a BlackBerry smartphone to act as a mobile hotspot so that other Wi-Fi enabled devices can use the mobile network connection on the BlackBerry smartphone. There are several security features that help protect the BlackBerry smartphone that is acting as the mobile hotspot as well as the data that is sent to and from devices connected to the mobile hotspot.

  • Connections between the BlackBerry smartphone and the devices connected to it are protected with WPA2 Personal by default. When a BlackBerry smartphone user turns on Mobile Hotspot mode for the first time, the user is prompted to set a WPA2 password.
  • Devices connected to the mobile hotspot cannot communicate with any other application on the BlackBerry smartphone that is hosting the hotspot. Devices connected to the mobile hotspot can only connect to the wireless network through the mobile hotspot.
  • While a BlackBerry smartphone is in Mobile Hotspot mode, the BlackBerry smartphone cannot otherwise connect to a Wi-Fi network.
  • While a BlackBerry smartphone is in Mobile Hotspot mode, it acts as a NAT (network address translator) that prevents a device connected to the mobile hotspot from receiving packets from any entity the device did not initiate communication with.
  • The BlackBerry smartphone user can force any connected device to disconnect at any time during a mobile hotspot session. If a device is forced to disconnect, it cannot reconnect until the BlackBerry smartphone user starts another session.
  • During a mobile hotspot session, the BlackBerry smartphone user can choose to not allow any more devices to connect.
  • During a mobile hotspot session, the BlackBerry smartphone user can view identifying information about the connected devices, such as the device hostname, IP address, and MAC address.
  • The BlackBerry smartphone user can change the Wi-Fi SSID or password at any time. Changing the SSID or password forces a new mobile hotspot session to start.
  • By default, devices connected to the mobile hotspot can communicate with each other. The BlackBerry user can use the Allow connected devices to exchange data with each other setting to change this.

IT Policy rules for Mobile Hotspot mode

Enterprise administrators can use IT policy rules to manage Mobile Hotspot mode on BlackBerry smartphones in their environments. These IT policy rules are included with BlackBerry Enterprise Server 5.0 SP3. KB28284 provides instructions for importing these and other IT policy rules into earlier versions of the BlackBerry Enterprise Server.

The IT policy rules that govern Mobile Hotspot mode are part of the Wi-Fi policy group.

Allow Mobile Hotspot mode

Specify whether to allow Mobile Hotspot mode on a BlackBerry smartphone. If you do not set this rule, a default value of Yes will be used. This rule applies only to Java-based BlackBerry 7.1 and higher.

Disable data exchange for Mobile Hotspot mode

Specify whether Wi-Fi enabled devices can exchange data when they are connected to a BlackBerry smartphone in Mobile Hotspot mode. If you do not set this rule, a default value of No will be used. This rule applies only to Java-based BlackBerry 7.1 and higher.

Prohibited SSIDs for Mobile Hotspot mode

Specify a list of SSIDs that a BlackBerry smartphone cannot use as Mobile Hotspot SSIDs. Separate multiple SSIDs with a comma. This rule applies only to Java-based BlackBerry 7.1 and higher.

Disclaimer

By downloading, accessing or otherwise using the Knowledge Base documents you agree:

   (a) that the terms of use for the documents found at www.blackberry.com/legal/knowledgebase apply to your use or reference to these documents; and

   (b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.


Visit the BlackBerry Technical Solution Center at www.blackberry.com/btsc.