Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Similar documents
Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Addressing Today s Endpoint Security Challenges

CSP 2017 Network Virtualisation and Security Scott McKinnon

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Office 365: Modern Workplace

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

Välkommen. VMware S4C VMware Workspace ONE ger full mobilitet för alla andvändare. Föreläsare: Christian Nilsson, VMware

Maximize your investment in Microsoft Office 365 with Citrix Workspace

Service Description VMware Workspace ONE

Securing Office 365 with MobileIron

How Microsoft s Enterprise Mobility Suite Provides helps with those challenges

Mobile Security using IBM Endpoint Manager Mobile Device Management

WORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

A tale of Modern Management Part 1

Transforming Security Part 2: From the Device to the Data Center

Go mobile. Stay in control.

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

VMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1

Cloud Mobility: Meraki Wireless & EMM

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

Maximize your move to Microsoft in the cloud

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

RHM Presentation. Maas 360 Mobile device management

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Next-Gen CASB. Patrick Koh Bitglass

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Digital Workspace SHOWDOWN

BRING MAC TO THE ENTERPRISE WITH A MODERN APPROACH TO MANAGEMENT

Mastering the Move to Modern Management using ConfigMgr

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Microsoft 365 Business FAQs

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

The security challenge in a mobile world

Redefine Windows 10 Management. Embrace True Business Mobility

MaaS360 Secure Productivity Suite

8 CRITICAL CAPABILITIES FOR DIGITAL WORKSPACE SECURITY

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

VMware AirWatch and Office 365 Application Data Loss Prevention Policies

Secure Access - Update

MD-101: Modern Desktop Administrator Part 2

ARCHITECTURAL OVERVIEW REVISED 6 NOVEMBER 2018

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

Crash course in Azure Active Directory

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Google Identity Services for work

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

Hybrid Identity de paraplu in de cloud

The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies

SAS and F5 integration at F5 Networks. Updates for Version 11.6

AirWatch Container. VMware Workspace ONE UEM

Enterprise Product Guide

HCX SERVER PRODUCT BRIEF & TECHNICAL FEATURES SUMMARY

The Oracle Trust Fabric Securing the Cloud Journey

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

Windows ierīces Enterprise infrastruktūrā. Aris Dzērvāns Microsoft

Datasheet. Only Workspaces delivers the features users want and the control that IT needs.

Centrify Identity Services for AWS

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

VMware Horizon Suite:

AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs

VMworld 2018 Call for Papers

Next Generation Authentication

Safeguard Application Uptime and Consistent Performance

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

Secure Access for Microsoft Office 365 & SaaS Applications

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

Google Sync Integration Guide. VMware Workspace ONE UEM 1902

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Microsoft 365. A complete, intelligent, secure solution to empower employees. Integrated for simplicity. Built for teamwork. Unlocks creativity

GlobalSign Integration Guide. GlobalSign Enterprise PKI (EPKI) and VMware Workspace ONE UEM (AirWatch)

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Microsoft Intune App Protection Policies Integration. VMware Workspace ONE UEM 1811

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

Quick Heal Mobile Device Management. Available on

Mobile Devices prioritize User Experience

Securing Enterprise or User Brought mobile devices

The Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

REVISED 4 JANUARY 2018 VMWARE WORKSPACE ONE REFERENCE ARCHITECTURE FOR SAAS DEPLOYMENTS

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

WHITEPAPER. How to secure your Post-perimeter world

Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017

SECURITY SERVICES SECURITY

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Modern BIOS Management from the Cloud

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

PROTECTION SERVICE FOR BUSINESS. Datasheet

Table of Contents HOL VWS

Consumerization: What It Means to IT Operations

XenApp, XenDesktop and XenMobile Integration

Transcription:

SIE3197BE Secure Your Windows 10 and Office 365 Deployment with VMware Security Solutions Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel #VMworld #SIE3197BE

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern security architecture for today s workforce Content: Not for publication 2

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitment from VMware to deliver these features in any generally available product. Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind. Technical feasibility and market demand will affect final delivery. Pricing and packaging for any new technologies or features discussed or presented have not been determined. 3

Session Agenda 1 Modern Security Requirements 2 Securing your Windows 10 Deployments 3 Securing your Office 365 Apps and Data 4 Customer Spotlight CONFIDENTIAL 4

Modern Security Requirements 5

The Old World 6

The New World Devices Apps Infrastructure Traditional Apps Cloud-Native Apps SaaS Apps Private Clouds Hybrid Clouds Public Clouds Typical App Connects to 7 Cloud Services Virtualized Compute, Storage, Networking, Security 7

Securing Interactions is Increasingly Complex We have a large and growing surface area that needs to be secured 8

Why Your Security Team is Concerned 34% REPORTED 56% INCREASE 250% INCREASE EMPLOYEES cited as source of compromise in 2015 INTELLECTUAL PROPERTY theft in 2015 RANSOMWARE ATTACKS increase in 2017 9

VMware s Approach to Security Proliferating and diverse endpoints access Protect a Identity range of apps and and Endpoints IT services. TRANSFORM SECURITY New apps and delivery models can t be easily protected Secure with perimetercentric and Data network Applications security. Increasingly complex threat ecosystem and slow Streamline to identify non-compliance. Compliance Intrinsic Security from Device to Data Center 10

The whole IT Security journey Federated Identity, Biometric, Two-Factor Authentication Conditional Access, Secure App Token SSO, Threat Analytics VMworld 2017 Endpoint Security, DLP, App Scanning, Malware Detection Per App VPN, Intelligent Networking, Network Scanning and Security Secure micro VPN, Limited Cyber Attack Footprint, Threat Analytics Content: Not for publication Audit Network and Data Center Traffic Audit Logs for All Infrastructure Components Same Security and Policies work for Public, Private, Hybrid Clouds Self-Encrypt Drives, Analyze Environment for Anomalies Secure OS, Secure Hypervisor, Secure Data at Rest/Transit Sandbox Data Center Application, Limit Cyber Attack Vector 11

Securing your Windows 10 Deployments VMworld 2017 Content: Not for publication 12

Traditional PC Management Falls short for your modern security demands Traditional Systems Management GPO Policy Servers (AD) Software Distribution Servers OS Update Servers (WSUS) Modern Workforce Increasingly mobile and off-network Limited Visibility Policies and updates pending Compromised Security Slow to identify non-compliance Data Proliferation New ownership models; cloud apps / services 2017 VMware Inc. All rights reserved. Confidential Not for Distribution

Unified Endpoint Management Enables a modern approach to Windows security Unified Endpoint Management Configuration, Apps, Store Updates, B Security Modern IT Instant, cloud-based management Real-time Visibility Policy and updates in seconds, not months Security Across Networks Backed by a powerful compliance engine Data Loss Prevention Protect data at rest, in use, in transit 2017 VMware Inc. All rights reserved. Confidential Not for Distribution

Protect Identity and Endpoints Safeguard user identities and endpoints Across any user, application and device Establish user trust with new identity features; multifactor authentication based on context Ensure desired OS state with over the air configuration of hardware and OS Harden OS with real-time device and OS health data; block access for compromised endpoints or distribution 15

Secure Apps and Data Gain transformative insights into application infrastructure VMworld 2017 Content: Not for Secure access to any app with context of identity, endpoint and app interactions Lock down access to unapproved and un-trusted apps and malware publication Protect data with encryption, native DLP, per-app tunneling, and traffic filtering Across any app, app type, and location Remote wipe company data from admin console or self-service portal 16

#VMworld #SIE3197BE

#VMworld #SIE3197BE

Office 365 CONFIDENTIAL 21

Managing and Securing Office 365 Today s evolving workforce requires a new Simplified identity and user Authentication trust model. TRANSFORM SECURITY Traditional access control methods based on network and Conditional perimeter security are Access no longer useful. Providing Holistic Support for Office 365 Mobile and BYOD adoption present new data Data security Loss challenges. Prevention 22

Federated Identity and SSO Ensure Single Version of Truth VMworld 2017 Content: Not for Works across Office 365 and all other app investments Integrates with existing identity solutions publication Automatic SSO based on native OS APIs, certificates and Kerberos authentication Password-less authentication for Modern Authentication clients 23

Workspace ONE Conditional Access Remote Apps Web Apps Native Apps OS DEVICE COMPLIANCE Managed AUTHENTICATION MODULE DEVICE POSTURE USER AUTH Workspace ONE Jail Broken IDENTITY CONTEXT Authentication Strength Authentication Provider APP SERVICE 3rd Party MSA Malware Trust Location Blacklist Apps Session Time Network Scope Per Application 24

Conditional Access For Office 365 Browser OWA Client App Modern Auth. Clients Client App Active Sync & Legacy Clients VMworld 2017 Conditional Access Policy Content: Not for publication 25

Conditional Access Example: Restrict Office 365 Access to Managed and Compliant Devices Only Unmanaged X Access Denied Access Granted SSO to Apps VMware Identity Manager Validates User Identity Managed by AirWatch 26

Data Loss Prevention Controls for Office 365 Office 365 App Settings Copy / Paste Blocking App-level PIN / Passcode DLP Settings (save data in personal OneDrive) OS MAM Settings Open-with controls SSO, remote wipe Intune Graph MAM API Workspace Intune MDM ONE Configure Intune DLP policies from Workspace ONE console 27

#VMworld #SIE3197BE

DB Systel Deutsche Bahn's digitalisation partner DB Systel takes an integrative and value-enhancing approach to its work for the Group. 3,600 employees Revenues: 838 Million (2016) It offers a range of solutions and consulting services that are holistic and customer-specific. They meet the highest IT standards and make use of innovative developments in the sector. DB Systel combines this expertise with its outstanding knowledge of the rail sector and IT industry. It is a business partner that always takes the long view of a project and follows supplier-neutral strategies as it works towards the collective goals that everyone at DB AG shares. 30

DB Systel services all kind of workspaces Office worker (Mobile Mail) Train driver (Rail in Motion) Maintenance worker (e.g. Puma) 31

What we have achieved so far moved from MDM to Airwatch EMM in 2015 migration of 30,000 devices up to 700 per day currently serving 75,000 throughout Europe (ios, Android) Empower Digital Workspaces VMworld 2017 implemented SSO for mobile 2 factor authentication of device during rollin per app VPN Content: Not for publication Transform Security 32

DB Systel current challenges Modernize Data Centers Integrate Public Clouds Empower Digital Workspaces Transform Security DB Systel is moving all kind of workloads into cloud services like AWS oder SaaS The own datacenter will be sold O365 is being implemented as hybrid cloud service replacing Lotus Notes email infrastructure as well as other products e.g. storage move from EMM to UEM (Unified Endpoint Management) gain market share within the imaged desktop environment currently 90k Desktops with our basic Workplace (Win10, Mac) SSO 2 factor authentication of device during rollin per app VPN 33

Ways to Learn More Sessions UEM1359BE - Best Practices in Migrating Windows 7 to Windows 10 13/09 5.00 PM SAAM2291BE - Securing Access and Protecting Information in Office 365 with Workspace ONE 13/09 12 PM Content www.vmware.com/it-priorities/transformsecurity www.airwatch.com/solutions/windows VMworld 2017 Content: Not for Hands-on Labs Stop by our hands on labs at VMworld https://www.vmware.com/try-vmware/tryhands-on-labs.html publication ASK THE EXPERTS 34

Questions? 35

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback