Secure IT consumeration (BYOD), users will like you How to make secure access for smart mobile devices

Similar documents
BYOD: BRING YOUR OWN DEVICE.

The Context Aware Network A Holistic Approach to BYOD

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

Delivering a Secure BYOD Solution with XenMobile MDM and Cisco ISE

ForeScout Extended Module for VMware AirWatch MDM

Phil Schwan Technical

Simplifying the Branch Network

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

Mobile Security using IBM Endpoint Manager Mobile Device Management

Network Access Control

BYOD the HP Way: Secure, Device-Agnostic Network Access Management Jochen Fischer Solution Architect (MASE) September 2013

2013 InterWorks, Page 1

Secure wired and wireless networks with smart access control

Borderless Networks. Tom Schepers, Director Systems Engineering

Enterprise Redefined, Mobility Your Way

BYOD: Focus on User Experience, Not the Device

ForeScout Extended Module for MaaS360

Provide One Year Free Update!

Secure Access - Update

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Why EXTREME NETWORKS. NES Communications Partner event 2018

CounterACT Afaria MDM Plugin

VMware Hybrid Cloud Solution

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

ClearPass Ecosystem. Tomas Muliuolis HPE Aruba Baltics lead

XenApp, XenDesktop and XenMobile Integration

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview

ForeScout Extended Module for MobileIron

A Roadmap for BYOD Adoption. By Jon Oltsik, Sr. Principal Analyst, and Bob Laliberte, Sr. Analyst

Huawei Agile Controller. Agile Controller 1

TITLE GOES HERE RUCKUS CLOUDPATH ENROLLMENT SYSTEM. The only integrated security and policy management platform that delivers: COMPRISED OF:

Five Tips to Mastering Enterprise Mobility

Welcome to the era of the anywhere worker

Securing Today s Mobile Workforce

Mobility in the Network: A Phased Technology Approach

Mobile Devices prioritize User Experience

THE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017

The Future of Mobile Device Management

The Maximum Security Marriage: Mobile File Management is Necessary and Complementary to Mobile Device Management

VMWARE S DESKTOP STRATEGY

NNTF12_51 SIMPLY CONNECTED IN ACTION : AN OVERVIEW OF DIFFERENT USE-CASES. Tim McCarthy

Exam Code: Exam Code: Exam Name: Advanced Borderless Network Architecture Systems Engineer test.

NetSight End to end application visibility and control

Support Device Access

ARUBA CLEARPASS NETWORK ACCESS CONTROL

Huawei Agile Controller. Agile Controller

Windows ierīces Enterprise infrastruktūrā. Aris Dzērvāns Microsoft

Features. HDX WAN optimization. QoS

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

BYOD Business year of decision!

Cisco Borderless Networks Value Proposition

Support Device Access

ForeScout CounterACT Pervasive Network Security Platform Network Access Control Mobile Security Endpoint Compliance Threat Management

Cisco Unified Data Center Strategy

How a Unified Wired and Wireless Architecture Addresses BYOD

Design and deliver cloud-based apps and data for flexible, on-demand IT

Alcatel-Lucent OmniVista 2500 Network Management System

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

The New Enterprise Network In The Era Of The Cloud. Rohit Mehra Director, Enterprise Communications Infrastructure IDC

Citrix XenMobile and Windows 10

Bring Your Own Device. Peter Silva Technical Marketing Manager

The Device Has Left the Building

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

JUNIPER NETWORKS AND AEROHIVE NETWORKS: CLOUD- ENABLED SOLUTIONS FOR THE ENTERPRISE

Discovering ZENworks 11

Forescout. eyeextend for IBM MaaS360. Configuration Guide. Version 1.9

HiveManager Local Cloud

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Trend Micro Guide and solution to help embrace Consumerization and BYOD. James Walker EMEA Product Marketing Manager 26 September 2012

Forescout. eyeextend for VMware AirWatch. Configuration Guide. Version 1.9

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Alcatel-Lucent OmniVista Cirrus Simple, secure cloud-based network management as a service

The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization

Alcatel-Lucent Wireless Solution COPYRIGHT 2011 ALCATEL-LUCENT ENTERPRISE. ALL RIGHTS RESERVED.

Conquering today s bring-your-own-device challenges. A framework for successful BYOD initiatives

Service Description VMware Workspace ONE

ExtremeWireless WiNG NX 9500

CLEARPASS EXCHANGE. Open third party integration for endpoint controls, policy and threat prevention SOLUTION OVERVIEW MAKE BETTER-INFORMED DECISIONS

Alcatel-Lucent OmniVista Cirrus Simple, secure cloud-based network management as a service

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

REALIZE YOUR. DIGITAL VISION with Digital Private Cloud from Atos and VMware

Forescout. eyeextend for MobileIron. Configuration Guide. Version 1.9

NX 9500 INTEGRATED SERVICES PLATFORM SERIES FOR THE PRIVATE CLOUD

Consumerization: What It Means to IT Operations

Juniper Networks and Aerohive Networks: Cloud-Enabled Solutions for the Enterprise

TRANSFORMING TO IT-AS-A- SERVICE

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

BIG IDEAS FOR SmAll BuSInESS:

Delivering the Wireless Software-Defined Branch

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE

Visibility, control and response

Say Goodbye to Enterprise IT: Welcome to the Mobile First World. Sean Ginevan, Senior Director, Strategy Infosecurity Europe

P ART 3. Configuring the Infrastructure

Virginia Tech IT Security Lab

High-performance. Enterprise Scale. Global Mobility.

Accelerate Your Cloud Journey

Changing face of endpoint security

SIEM: Five Requirements that Solve the Bigger Business Issues

PKI is Alive and Well: The Symantec Managed PKI Service

Bring Your Own Design: Implementing BYOD Without Going Broke or Crazy. Jeanette Lee Sr. Technical Marketing Engineer Ruckus Wireless

Transcription:

Michal Zlesák Area Sales Manager Michal.zlesak@enterasys.com Secure IT consumeration (BYOD), users will like you How to make secure access for smart mobile devices A Siemens Enterprise Communications Company Telfor 2011

Enterprise needs Consumerization Expectations from the network infrastructure today USER ADMINISTRATOR EXECUTIVE Seamless application access - Across any access technology wired, wireless and remote - Using any device laptop, desktop, mobile phone, game console - Reliable and fast access Automation, visibility and control - Reduce complexity and number of of tools to manage mixed wired / wireless access networks - Automated detection and service provisioning for users and endsystems accessing the network - User-centric management & endsystem, application awareness Aligned with business objectives - Optimize CAPEX & OPEX - Support the business with a agile and reliable infrastructure 2

Workforce and users are increasingly mobile More than 50% of organizations spend more than 40% of their day away from their desk 40% of employees have high-speed data cards 90% of workforce are transient or in remote offices 38% of enterprises identify a cellular phone or smart phone as their primary device 45 % of corporations are interested in mobile applications Increasing mobile worker productivity is part of the new CIO mandate

The Challenge with BYO Bring your own PC (BYOPC) programs are becoming increasingly popular for today s businesses - Allows individuals to work from the device of their choice - Increases employee satisfaction - Lowers IT costs Various types of devices - Bring your own (BYO) iphone, ipad, tablet, netbook, smartphone. Higher security and management challenges even corporate devices are used - private and sensitive corporate data reside together on a single device - Apps that get typically installed on today s smartphones and Pads are not controllable - so this opens a huge backdoor into today's enterprise IT infrastructures. - Variety of hardware and software platforms must be supported - Restricting the use of additional apps on the devices via organizational rules is not really a workable solution - If one does so the value of these new devices to the employee is suddenly very limited 4

Foundation - Network & Security Management with Enterasys NMS Manage with a single application framework - Unified wired/wireless access - Core networks - Data center fabrics - Security VM Management Directory, PKI Integrates with existing IT with a SOA approach and automates process - Open API s (XML/SOAP..) and a single database - Does not replicate but leverage available data Fabric management not node management - System wide management instead of node by node since the launch of NMS in 2001 - Interworking with highly manageable switches is in our DNA since the 90 s Enterasys NMS CMDB Asset Management Alarm Management Systems Management 5

Introducing Isaac (Patent Pending) Intelligent Socially Aware Automated Communications Isaac is a Social Media Interface to NMS that securely enables networks to communicate with humans in the language of social networking.

NAC NG - Managing the Endsystem Explosion Production Control Facility Management Building Control Sensors, Machines Medical systems Smart Phones xpads System/OS Diversity VoIP Phones IP Printers PC Laptops IP Video Surveillance (Virtual) servers Number of Connected Devices 7

Foundation NAC NG Endsystem & User Awareness Expanding on the dectection capabilities of Enterasys NAC solution NAC NG : - Available since 2005 - Successfully deployed in 1000 s of networks Authorization, policy enforcement based on - End-System information - User information - Location (and tracking history) - Time - Status & Health - Authentication, Identification method MAC Address IP Address Hostname Username Operating System Current Location Access Point /SSID Switch/port Health State Applied Policy Phone# Tracking First/last seen Asset ID Switch/port Location 8

Foundation - Device Profiling Automated profiling and device type detection - NAC NG detects new devices on the infrastructure automatically and profiles them to determine the type of device - Automated policy assignment is possible - Various sources such as - network and agent based assessment - DHCP OS fingerprinting - captive portal (used for remediation and registration, guest services) - and external profilers (via Netflow, IDS Signatures) can be used. - The Device type can be an Operating System Family, Operating System or Hardware Type, for example, Windows, Windows 7, Debian 3.0, HP Printer, iphone, ipad etc. 9

Registration Process an important role BYO devices are not managed by the corporate IT 10 - Lack proper security configuration - Strong authentication - Certificates or/and encryption settings for Wi-Fi NAC NG provides an embedded web portal that allows users to register their device using their credentials Subsequent actions could include - Enrollment of certificates - Configuration of the device in a automated workflow using appropriate protocols - WMI (Windows Management Instrumentation) or MDM (Mobile Device Management)

Leveraging VDI to connect BYO devices The safest alternative - Use of Virtual Desktop and sandbox technology - Restrict access into coorporate network to VDI usage - Enforce user based policies for the VDI session in the data center - All other traffic only destined to external ressources Internet DMZ Other internal traffic blocked Internet traffic from other apps Only VDI (i.e. ICA) traffic to internal ressources allowed policy enforcement at the access layer device based Intranet policy enforcement at the server user based VDI traffic user based enforcement Server with VDI instances 11

Native Access for BYO devices The cost effective alternative - Does not require a VDI intrastructure less CAPEX and OPEX - Restrict access into coorporate network only the necessary ressources - Strong authentication recommended - No full control of the data on the device Internet DMZ Other internal traffic blocked Internet traffic from other apps service access to necessary ressources service access to necessary ressources policy enforcement at the access layer user or device based Intranet Application server B Application server A 12

Fighting A Two Front Mobility War Cloud and virtualization on one side and BYOD on the other Highly Dynamic Data Center Highly Dynamic Access Edge VM VM VM VM VM VM Cloud, Virtualization and Server/storage consolidation BYOD 13

Enterasys OneFabric Delivering the first enterprise class network fabric Introducing the industry's first fabric-based networking solution to extend visibility and control from virtual servers to mobile devices for cloud computing and data center environments 15

OneFabric Difference Consistent controls and automation delivering end-to-end QoS Realizing best in class user experience across the entire network 16

OneFabric Simplified interoperable solutions Innovative single fabric with data center to edge view of application services OneFabric Data Center OneFabric Edge OneFabric Security Uncompromised user experience One Network Fabric. One Network Experience 17

OneFabric Solutions OneFabric Control Center, Data Center, Edge and Security 18

OneFabric Characteristics and unique values OneFabric Characteristics Single fabric management pane Unified wired and wireless Business Value Proposition Allows network manager to know the network Consistent user experience (QoS) across wired/wlan Pervasive security Enables consumerization, reduces risk End-to-end: Data center, Campus, Branch Open and standards based High performance ASIC User and application focused, not infrastructure Migration away from legacy, no rip and replace. No vendor lock-in Purpose built innovation; allows customers to leverage enhancements without a prohibitive price 19 Power and operationally efficient Achieve more with fewer IT resources

Summary Automation - Automates the provisioning of access for any device type entering the corporate network Visibility and Control - Granular control of access increased security for unmanaged, unmanageable and private/byo devices on the corporate network Reduced cost - Leverage the efficiency gains through new and innovative devices - Reduced OPEX through automated service provisioning - No dedicated infrastructure required - Leverages the same technology as for any other device access control 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback