Aruba ClearPass Access Management System FREQUENTLY ASKED QUESTIONS

Size: px
Start display at page:

Download "Aruba ClearPass Access Management System FREQUENTLY ASKED QUESTIONS"

Transcription

1 Aruba ClearPass Access Management System FREQUENTLY ASKED QUESTIONS

2 Table of Contents General Product Questions What is ClearPass? How does ClearPass compare with what enterprises are doing today for BYOD Didn t Aruba address BYOD already? What does ClearPass add? Are enterprises prepared for BYOD? What are the different components of ClearPass? Is ClearPass developed at Aruba or licensed? When is ClearPass available? What happens to Amigopod customers? How will Amigopod customers upgrade to ClearPass Policy Manager? Has Amigopod been removed from the pricelist and/or discontinued with the introduction of ClearPass? I already have a RADIUS server. Why would I need to buy ClearPass Policy Manager? Why is ClearPass Policy Manager better than my existing RADIUS server? I already have Active Directory to authenticate users, why would I need this? I already have a NAC solution and want to use ClearPass for provisioning devices. What can I do? Will ClearPass work for users that connect to public cellular networks? Is ClearPass NAC? Is it competitive for NAC opportunities? How does ClearPass fit into Aruba s Mobile Virtual Enterprise (MOVE) architecture? How does ClearPass integrate with Aruba s mobility controller appliance or virtual controller with Instant? How does ClearPass differ from AirWave? Do I need both? What are the key target markets for ClearPass? Can ClearPass be deployed on existing networks or does the customer have to upgrade to Aruba wired and wireless? ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 2

3 22. Is ClearPass easy to deploy? What are some of the opportunities to position ClearPass? How do customers order ClearPass? Does ClearPass provide an interface for integration with other customer infrastructure? 16 ClearPass Access Management System Core Features What are some of the unique capabilities delivered with the ClearPass Access Management System? What are the top advantages of the ClearPass Policy Manager AAA platform? What identity stores are supported by the ClearPass platform? How many unique accounts can ClearPass Policy Manager handle? What devices are supported by the ClearPass Onboard and ClearPass QuickConnect products? What s the difference between ClearPass Onboard and ClearPass QuickConnect How is QuickConnect offered in the Cloud? Why is profiling devices important to an enterprise? How does Aruba s Dynamic Profiling differ from competitive offerings? Where does network access control fit within the ClearPass solution? Is ClearPass Mobile Device Management (MDM)? What about controlling what apps are actually on the device? Some MDM vendors claim they can do this Can the ClearPass Policy solution be used for compliance requirements? ClearPass Access Management Licensing How are the ClearPass products packaged and delivered? How does ClearPass Policy Manager handle redundancy and load balancing? How can customers increase the number of devices that authenticate against the ClearPass Policy Manager? Is ClearPass OnGuard required for Policy Manager to work? When would I purchase additional OnGuard licenses? ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 3

4 Infrastructure Support ClearPass is being advertised as an open, multivendor solution. Which vendor products does ClearPass interoperate with? Is there a limit on the number of devices the ClearPass Policy server can support? Can the ClearPass solution support policies where non-802.1x capable switches exist?.. 24 Device Profiling/Provisioning Support Can ClearPass configure ios, Windows, Android and Mac OS X devices for 802.1X? Once a device has been onboarded is there any software left on the device? What happens if someone loses a device, like a phone, that has been configured to access the secure enterprise network? How does ClearPass uniquely identify and manage devices? Is there an option for users to self-register BYOD devices like smartphones or gaming devices? What type of device attributes are displayed within the ClearPass Policy Manager through self-registration or profiling? ClearPass Appliances Information Is ClearPass available as a turnkey appliance? Can my customer install ClearPass Policy Manager on an existing server, and/or supply their own hardware? Does ClearPass VM appliance software run on Linux or Windows? Customer Evaluation Support Are there evaluation versions of ClearPass Policy Manager and QuickConnect available for Aruba SEs? How can my customer request an evaluation version of ClearPass? Glossary of Acronyms ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 4

5 General Product Questions 1. What is ClearPass? The ClearPass Access Management System is a new security services platform that offers unparalleled simplicity when managing and applying secure role-based network access across wireless, wired and VPNs. Providing the industry s first and only framework built to successfully manage all aspects of BYOD provisioning and onboarding, ClearPass makes it easy for IT and personallyowned mobile devices to securely connect to any network. The first step is onboarding the device to the network. This includes automatically configuring the devices settings and assigning it a unique ID. Next it will invoke the appropriate policy. This essentially involves looking at all the relevant context of that user, their device and location, etc. while enabling the policy dynamically. It also allows that policy to change as the context of the connection changes. Finally, the framework handles enforcement of that policy across the global organization, over any vendor s wired, wireless and remote network. 2. How does ClearPass compare with what enterprises are doing today for BYOD Because BYOD is relatively new, there are many ways that enterprises are addressing personal devices. Open network/manual device configuration many enterprises have not yet addressed the BYOD challenge. It is not uncommon for organizations to allow users to apply their username and password to any device. This means an employee s personal Kindle Fire would have the same level of access as a corporate-issued laptop ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 5

6 Virtual Desktop some enterprises address the problem of BYOD with virtualization. In this scenario, no corporate data can be stored on the device and no applications can be run natively on the device. The challenge here is that VDI is limited in scope and in many cases, does not provide a user experience that is optimized for mobile handheld devices like the ipad. This is because VDI often replicates a windows machine on a smartphone or tablet. VPN Many enterprises are addressing BYOD with a short term workaround of virtual private networks (VPN). Personal devices must launch a VPN session in order to gain corporate network access. MDM According to Gartner, the enterprise MDM market has more than 60 players with a wide range of products, services and capabilities. These range from lightweight approaches that push small mobile agents to the device. To heavyweight client side management software that supports actions such as containerization and selective wipe. Access Control Access Control vendors ranging from Bradford Networks to Cisco ISE address policy control for personal devices and will often assess the risk of the device before allowing it to access the network. What makes ClearPass unique is that it does what all of the other point-products can t do it offers a comprehensive workflow for BYOD. Onboarding the device. Automatically provisioning the devices settings and checking to make sure the device hasn t be compromised in any way or present any risk. Handling policy decisions and policy enablement. Essentially taking in all the information about the context of the user and device and enabling the appropriate policy. Finally, handling enforcement of that policy across the global organization, over wired, wireless and remote. 3. Didn t Aruba address BYOD already? What does ClearPass add? With the introduction of the Aruba Move architecture in early 2011, Aruba delivered BYOD capabilities that addressed the primary challenge at that time, which were ios devices connecting to Aruba WLAN networks. MOVE also offered device fingerprinting, self-serve provisioning of ios devices and context-based policy enforcement across Aruba networks. ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 6

7 With the addition of ClearPass to the MOVE architecture, Aruba offers far more extensive policy enforcement and device provisioning capabilities which can be used across most vendors network infrastructure devices. The ClearPass system also now provides device posture assessment and remediation, more accurate device profiling, and centralized policy management visibility. 4. Are enterprises prepared for BYOD? While many organizations have started tackling the challenges of personal devices, there are three major questions that remain: How do I keep my network and my users protected? How do I provide a reliable & intuitive experience to my employees & guests? How do I minimize impact to my IT and helpdesk staff? 5. What are the different components of ClearPass? The Aruba ClearPass platform consists of the following products: ClearPass Policy Manager ClearPass Policy Manager provides the baseline platform for policy management, AAA, profiling, network access control and reporting. The result is centrally managed secure network access that accommodates requirements across multiple locations and multivendor networks, regardless of device ownership and connection method. The ClearPass Policy Manager is available as security hardened virtual or hardware appliances and turnkey software. ClearPass OnGuard ClearPass OnGuard, available as a software module of the ClearPass Policy Manager, enables organizations to run advanced endpoint posture assessments, as well as baseline network access control (NAC) health checks to ensure compliance and safeguards before devices connect to a secure network. In addition to anti-virus, anti-spyware and personal firewall checks for devices running the Windows, Mac OS X and Linux operating systems, Aruba s Windows OnGuard agents perform advanced posture assessments, such handling the use of peer-to-peer applications, VM applications and USB storage devices, with automatic and manual remediation options. Assessments can be performed using Aruba s Persistent and dissolvable OnGuard agents and well as Operating Systems native agents. ClearPass Onboard ClearPass Onboard, available as a software module of the ClearPass Policy Manager, fully automates device onboarding for IT via a built-in ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 7

8 administration interface. ClearPass Onboard offers full self-service provisioning for Windows, Mac OS X, ios, and Android devices that includes configuration of 802.1X settings as well as the distribution and revocation of unique device credentials. Additional features include the ability to push configuration settings for mobile with Exchange ActiveSync and VPN clients for some device types. ClearPass Profile ClearPass Profile, available as a software module of the ClearPass Policy Manager, offers the only progressively tiered profiling service for discovering, classifying and grouping all attached endpoints, regardless of the device type. A wide range of unique contextual data from MAC organizational unique identifiers (OUIs) and DHCP fingerprinting characteristics to identity-centric data can be collected to create context-based access policies. Stored data is also used to identify device profile changes and dynamically modify authorization privileges. For example, if a printer appears as a Windows laptop, ClearPass Policy Manager can automatically deny access. ClearPass Guest ClearPass Guest, available as a software module of the ClearPass Policy Manager, simplifies workflow processes, allowing receptionists, employees and other non-it staff to create temporary accounts for Wi-Fi access. Once registered, ClearPass Guest delivers account login credentials to users via SMS text message or . Accounts can be set to expire automatically after a specific number of hours or days. Role-based access control scales to thousands of users. Customizable guest portal allows organizations to apply organization branding and user code of conduct messaging. Self-registration and automated credential delivery streamlines IT operations and efficiency. ClearPass QuickConnect ClearPass QuickConnect offers an easy way for users to self-configure their Windows, Mac OS X, ios, Android and Linux devices to support 802.1X authentication on wired and wireless networks. Creating a uniquely simplified workflow, ClearPass QuickConnect dramatically reduces helpdesk calls and IT overhead, while propagating the deployment of secure network policies based on 802.1X. QuickConnect is available as a cloud service and is licensed yearly based on the total number of devices that require onboarding to an organizations secure network. ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 8

9 6. Is ClearPass developed at Aruba or licensed? ClearPass consolidates three distinct integration and development efforts. 1. The acquisition of Amigopod in early The acquisition of Avenda in late Over one year of internal Aruba development on complementary technology that was never productized. These three technologies are brought together into one product offered as either a hardware appliance (ClearPass Policy Manager + licenses) or with limited functionality as a cloud-based service (ClearPass QuickConnect). 7. When is ClearPass available? A limited number of ClearPass products are available on the Aruba pricelist as of January For SKUs and pricing, please download the latest Aruba pricelist. Products available as of the January 2012 pricelist ClearPass Policy Manager ClearPass OnGuard Amigopod (to be transitioned to ClearPass Onboard, ClearPass Guest) Products available on the April 2012 pricelist ClearPass Profile ClearPass Onboard ClearPass Guest Before April 2012 (Current SKUs) April 2012 (New SKUs) AAA CPPM CPPM CPPM NAC CPPM CPPM CPPM August 2012 (Integration) OnGuard OnGuard OnGuard Guest Amigopod Amigopod only Profile Onboard N/A CPPM Profile QuickConnect CPPM + Amigopod+ Amigopod MDPS Onboard CPPM Guest CPPM Profile CPPM Onboard 8. What happens to Amigopod customers? ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 9

10 The April software release of Amigopod will include additional operating system support (Windows, OS X, Android) for MDPS and other incremental updates and bug fixes. This will effectively provide ClearPass Onboard to Amigopod customers In the August timeframe Aruba is planning to release a common ClearPass platform that will be capable of supporting both Policy Manager (+ OnGuard & Profile) and Amigopod (+Guest & Onboard). At that time, Amigopod customers can upgrade to ClearPass Policy Manager with Onboard if required. The following table looks at the upgrade path for both Avenda and Amigopod customers to ClearPass. Avenda Amigopod AAA No change Add CPPM NAC Guest Profile Onboard No change Upgrade license to Guest Add Profile license Add OnBoard license Add CPPM + OnGuard Upgrade to CPPM + Guest license Add CPPM+ Profile Upgrade to CPPM + Onboard 9. How will Amigopod customers upgrade to ClearPass Policy Manager? This will not be a point and click upgrade for Amigopod customers and will most likely require a second appliance (hw or vm) to build and restore that configuration backup in parallel to the existing environment. Details on this upgrade procedure are still to be determined as the development is not complete. 10. Has Amigopod been removed from the pricelist and/or discontinued with the introduction of ClearPass? No, the Amigopod product has not been removed or discontinued from the Aruba portfolio of products. Instead, Amigopod will be absorbed into the ClearPass family and rebranded as ClearPass Guest. At its core, Amigopod delivers enterprise-grade guest access using personally-owned devices into a corporate network, so it is a natural fit to include these capabilities under the ClearPass umbrella of network security services. ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 10

11 11. I already have a RADIUS server. Why would I need to buy ClearPass Policy Manager? ClearPass Policy Manager is required to run the Profile, Guest, Onboard and OnGuard software licenses. Although there may be some overlap in functionality, the Policy Manager provides policy management functionality not provided by standard RADIUS servers. The Policy Manager can co-exist with existing AAA infrastructure by acting as a proxy if needed. Customers can continue to run the two systems in parallel or can migrate to ClearPass as the primary RADIUS server. 12. Why is ClearPass Policy Manager better than my existing RADIUS server? Many existing AAA that include RADIUS and TACACS+ servers are legacy platforms where many releases have reached their end of life. Examples are Cisco s ACS and Juniper s Steel Belted RADIUS. In each case, customers are required to migrate to a new platform or maintain two separate products. If you have experienced problems or if you are concerned about continuing support of the existing platform, you should investigate Aruba ClearPass. In addition, the requirements for AAA and NAC have changed dramatically with the emergence of new demands on access security driven by BYOD initiatives. Legacy platforms are not equipped to deal with this new paradigm. Here are some of the differences between Aruba ClearPass and other AAA offerings Cisco ACS Many Releases Discontinued and EOL d by Cisco No integrated NAC (Posture/health based enforcement) Performance issues when scaling for large deployments Weak multi-vendor network device support Poor reporting functionality Inflexible policy model trouble supporting multiple auth sources & types Difficult to configure, manage, and deploy No integrated guest management function Juniper UAC Difficult to install and manage (Customer feedback) Most expensive solution on the market Works best with Juniper devices. Many features are not available in a multi-vendor network infrastructure Very basic guest management functionality No built-in endpoint device audit capabilities Must use the UAC Client (former Odyssey client) for advanced health capabilities Limited clustering for single management and scalability No utility for self-provisioning and configuration for user endpoints ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 11

12 Microsoft NPS No support for captive portals Only supports AD as an auth source (no SQL, no LDAP, no Token server, etc.) No context-based policies. Access can only be grated on identity - not location, device, time of day, etc. Only VLAN-based enforcement Limited VSAs and no downloadable ACLs, TACACS+, or web-based enforcement Limited windows-only health checks with NAP NO VM deployment option 13. I already have Active Directory to authenticate users, why would I need this? In order to satisfy the many of today s usage scenarios while increasing the level of security provided, an identity based policy management system would be the best approach. A full featured solution like Aruba s can provide many more capabilities to improve overall security and offload your IT staff from having to manage many aspects of access control, guest management and helpdesk activities. 14. I already have a NAC solution and want to use ClearPass for provisioning devices. What can I do? For ClearPass Onboard the NAC solution would first scan the device for vulnerabilities and only pass validated clients to ClearPass Onboard for provisioning. ClearPass QuickConnect can be used to configure devices prior to connecting to 802.1X networks. The existing NAC solution would then perform a basic health check once the device authenticates onto the network. 15. Will ClearPass work for users that connect to public cellular networks? Yes, for clients that use VPN clients such as Aruba s VIA client, a mobile device will always redirect enterprise data back to the enterprise network and be subject to policies defined for that network. In the case of Aruba s VIA client, the VPN session is setup automatically, without requiring the user to initiate. This is very important as many devices today that have both Wi-Fi and cellular capabilities will tend to roam between the two networks without alerting the user. 16. Is ClearPass NAC? Is it competitive for NAC opportunities? While the definition for Network Access Control varies, ClearPass can be considered a NAC offering. However, unlike traditional point NAC solutions, ClearPass brings together role- ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 12

13 based policy management, device onboarding, policy control and reporting into one cohesive, easy to use system. Competitive solutions are either multi-box or just point products, and do not offer the ease of use or the multivendor support of ClearPass. Note that Gartner rates ClearPass as the Most Visionary NAC solution on the market today! According to Gartner; The company's ability to support Microsoft NAP-enabled endpoints (Windows 7, Vista and XP SP3) without requiring an agent, its support for non- Microsoft endpoints (via agents), and a strong road map for profiling features has earned it a high score for Completeness of Vision 17. How does ClearPass fit into Aruba s Mobile Virtual Enterprise (MOVE) architecture? ClearPass enhances the Aruba MOVE architecture with access management functionality. The ClearPass solution provides three key advantages: Works across every major mobile OS: Extends MOVE device onboarding benefits to include not only ios but now Mac OS X, Windows and Android operating systems to deliver the most dynamic provisioning capable solution in the industry. ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 13

14 Works over any vendor s network: ClearPass easily and securely extends Aruba s policy definition and enforcement capabilities, allowing Aruba customers to define and implement policies across multivendor wireless networks, switches, routers, and clients. As a result, Aruba can now delivery policy and role-based network access for any organization without the cost and complexities of other solutions while also providing full-featured device posture assessment and profiling. Security visibility and reporting: ClearPass extends Aruba s AirWave RF visibility to now include comprehensive security visibility and forensics needed to pinpoint root causes for network access issues, per user bandwidth concern and known endpoint vulnerabilities. 18. How does ClearPass integrate with Aruba s mobility controller appliance or virtual controller with Instant? Although ClearPass can be used on any vendor s wireless, wired, and remote network, there are inherent advantages to using Aruba access networks for policy enforcement. With the Policy Enforcement Firewall (PEF) capabilities that reside on the Mobility Controller appliance and Instant virtual controller, policies that are defined on ClearPass can be mapped directly to firewall roles on the controller. These firewall roles can then take a variety of actions to improve the security and reliability of the network. Other access networks will typically enforce policies by defining VLANs or downloading Access Control Lists (ACLs) within switches and routers. This doesn t work very well in a mobile environment because it maps to a VLAN centric architecture. Because VLANs weren t designed for policy enforcement, their use is limited and they are very difficult to setup and maintain. 19. How does ClearPass differ from AirWave? Do I need both? Aruba s AirWave product is designed to provide management and visibility for mobile networks and connected users. AirWave is a network management system that employs a user-centric approach, identifying who is on the network, where they are accessing the network, the mobile devices they re using, and how much bandwidth is being consumed by specific devices. ClearPass compliments a network management system like AirWave by providing comprehensive management and reporting of security and policy transactions across the network. ClearPass also provides advanced troubleshooting and forensics needed to pinpoint root causes for network access issues and known endpoint vulnerabilities. ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 14

15 20. What are the key target markets for ClearPass? Enterprise-class RADIUS/AAA services, robust policy management, dynamic device provisioning and advanced guest access capabilities make ClearPass suitable for any organization that wants to modernize their network access security infrastructure to accommodate enterprise-wide mobility and employee BYOD initiatives. This would include the following examples: K-12 and higher education institutions District-wide or campus-wide access differentiation, visibility, troubleshooting and manageability that is easy to use and deploy. Healthcare clinics and hospitals Mobile device and role-based user authentication with long-term archiving by user session to assist with HIPAA compliance requirements. Large enterprises, distributed enterprises Scalability to manage tens of thousands authentications; devices and mobile users with centralized, single-console operations. Retail organizations Field-proven multisite support with integrated role-based policy assignment, monitoring and PCI compliance reporting. Government Consolidation of policies across departments regardless of identity store type or administrative ownership, for wired and wireless access. 21. Can ClearPass be deployed on existing networks or does the customer have to upgrade to Aruba wired and wireless? The ClearPass Access Management system is the industry s first and only independent platform for policy management, network access control, and BYOD provisioning and onboarding. While there are advantages when deployed with Aruba wireless infrastructure, Aruba ClearPass can be deployed with any existing network infrastructure from any major vendor. 22. Is ClearPass easy to deploy? ClearPass Policy Manager is a very easy to use/deploy solution which includes many tools to assist in deployment including a configuration wizard, pre-configured templates, and policy simulation to name a few. 23. What are some of the opportunities to position ClearPass? The ClearPass Policy Manager can be used for RADIUS upgrades as a number of older standalone solutions from Cisco and Juniper have reached end-of-life (EOL). The Policy Manager can be used where other vendors network access control solutions require a proxy to an enterprise-class RADIUS server. ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 15

16 Any organization looking to deploy BYOD and identity-based policy management in an Aruba or mixed vendor environment can now choose a single platform that works across wireless, wired and VPN networks. The ClearPass solution can also solve customers device profiling requirements using a tiered and dynamic profiling model which drastically improves the confidence level for accurately identifying endpoint devices. ClearPass Guest is a proven solution for any opportunity that requires guest access, enterprise and public access. QuickConnect allows you to sell into any non-aruba environment. 24. How do customers order ClearPass? ClearPass software module licensing is based on the total number of authenticating devices. When ordering a ClearPass software license, it is important to identify the total number of devices an organization currently utilizes and is looking to migrate towards in the future to size the solution accordingly. The ClearPass software modules are categorized in the following way: ClearPass QuickConnect A cloud-based tool for IT administrators to build device configuration wizards for connecting devices to wireless or wired networks. ClearPass Policy Manager - The base platform (either a virtual server or full hardware/software turnkey solution) that includes AAA/RADIUS services, centralized policy management and enforcement functionality, and reporting capabilities. Additional functionality is derived by purchasing the following optional licenses: - ClearPass Onboard Wizard-driven provisioning and onboarding of devices for wireless, wired, or VPN connectivity to address employee BYOD initiatives. - ClearPass OnGuard Downloadable or dissolvable agents that perform health and posture assessments as well as remediation capabilities for any Windows or Mac OS X-based device before allowing these devices onto a secure network. - ClearPass Profile Accurate identification and classification of devices attached to a secure network for policy definition and enforcement. - ClearPass Guest Secure workflow for allowing guest access to a secure network. Additional guidance around ordering a ClearPass solution as well as obtaining evaluation licenses is available in the ClearPass Access Management System Licensing and Customer Evaluation Support sections of this FAQ. 25. Does ClearPass provide an interface for integration with other customer infrastructure? ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 16

17 Yes, an open XML-based API allows for integration with existing IT service management solutions and other custom applications. The use of an extensible API permits the accessibility of ClearPass data to virtually any application developer without specialized knowledge of the platform. ClearPass Access Management System Core Features 26. What are some of the unique capabilities delivered with the ClearPass Access Management System? ClearPass is the only solution today to seamlessly enable BYOD using a complete user and device lifecycle management model; device onboarding and enrollment, identity and context-based access control, device revocation, and complete visibility. The ClearPass policy engine allows for simultaneous policies using user identity/role-based assignments (i.e. Active Directory credentials), MAC authentication (MAC auth), web authentication (web auth) and 802.1X methods to differentiate user and device access. 27. What are the top advantages of the ClearPass Policy Manager AAA platform? The industry s most intuitive policy Admin interface. Includes pre-configured templates, built-in deployment and helpdesk tools, compliance reporting and more Full featured policy management engine and AAA services that abstract the complexity of RADIUS and TACACS+ to support all popular use cases (802.1X, Web & MAC auth, etc.). Note that Cisco s ISE product and many point solutions from other vendors do not support TACACS+ Role-based differentiated access for employees, guests, partner/contractors, IT managed and BYOD devices, printers and more. Authentication and enforcement using standards-based protocols for any Aruba and multi-vendor WLAN, Wired, and VPN infrastructure. Innovative clustering techniques support a variety of local and remote deployment options where the Policy Manager can be centrally deployed or distributed to best suit customer needs. 28. What identity stores are supported by the ClearPass platform? ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 17

18 The ClearPass Policy Manager gives customers the option to authenticate and authorize end users and devices against Microsoft Active Directory (AD), LDAP, SQL databases, twofactor token servers, and an internal database. The Policy Manager provides the advantage of being able to authenticate and authorize against separate identity stores, i.e. authenticates users against Active Directory and checks for MAC addresses against a SQL database. 29. How many unique accounts can ClearPass Policy Manager handle? ClearPass is expected to scale to multiple millions of unique accounts. Aruba has tested a configuration of 1.5 million entries in a single cluster of ClearPass appliances. This is not the maximum capacity per cluster; this is the tested capacity with the hardware. 30. What devices are supported by the ClearPass Onboard and ClearPass QuickConnect products? By the April 2012 timeframe, both ClearPass Onboard and ClearPass QuickConnect will support: OS X 10.5/10.6/10.7. Windows XP/Vista/7 ios 5.0/5.0.1/5.1 Android 2.2/2.3/3.x/4.0 Linux Ubuntu ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 18

19 31. What s the difference between ClearPass Onboard and ClearPass QuickConnect Device Support Onboard ios now, Android/Windows/Mac at the end of April, Ubuntu mid May) for dot1x QuickConnect Windows, ios, Mac OS, Android now, Ubuntu mid May) for dot1x Push Supplicants/Agents Yes Yes Configure VPN Yes No Configure Active Sync & Yes No Exchange Install Programs/Apps Yes (Window's Only) Yes (Window's Only) Push Unique Machine Can push certificates (ios/mac Lion) and No Credentials Unique Credentials (Android/Windows) to devices and revoke their access Requires ClearPass Policy Yes No Manager Administration ClearPass Policy Manager Cloud-based with yearly subscription Use Case Best for enterprise environments where there are multiple things to configure on new devices, especially environments where certs/credentials are required Best for environments that experience constant change (universities) or organizations that are moving to dot1x and do not require certs/credentials Works over Any Vendor's Yes Yes Network License tracking Through ClearPass Policy Manager Cannot track how many users configure devices (sold by total number of users / honor system for adherence to purchased usage license) 32. How is QuickConnect offered in the Cloud? Administrative functions are managed in cloud where an administrator can configure, download, and store 802.1X configuration install packages. The installation package is then hosted locally and delivered from an IT owned web server. 33. Why is profiling devices important to an enterprise? The most basic requirement for profiling is just to find out what s on the network. This is important not only for reporting but also to help with things like capacity planning. More importantly, profiling is important for implementing policies. With BYOD, enterprises need to create policies based on the context of the connection; who is connecting, with what device, where and to what applications. But now that network security and user experience are based on context, the accuracy of that context becomes far more important. It is especially important to ensure the accuracy of things like user role and device type. If I have different security roles for laptops and smartphones, I need ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 19

20 to be very confident that the network doesn t profile a device incorrectly and thus create a security breach. With ClearPass, Aruba now offers the industry s most accurate device detection capabilities that can be used for access control. 34. How does Aruba s Dynamic Profiling differ from competitive offerings? The Policy Manager platform is capable of using baseline fingerprinting data from DHCP and web browsers within a policy, as well as using more advanced techniques directly from Active Directory, device agents and provisioning data. Competitive solutions usually stop at baseline fingerprinting. ClearPass Profile benefits the most from the information gathered by provisioning the device. During provisioning, ClearPass interacts directly with the OS kernel and has full visibility into device characteristics. Solutions that don t provision the device cannot provide the same level of profiling accuracy? 35. Where does network access control fit within the ClearPass solution? ClearPass OnGuard licensing utilizes persistent and dissolvable agents to perform posture and traditional NAC health checks against policies that reside in the Policy Manager. The agents can authenticate any node in a Policy Manager cluster. Pre- and post-admission controls are natively supported through NAC and Microsoft network access protection (NAP) methods. ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 20

21 36. Is ClearPass Mobile Device Management (MDM)? The ClearPass Access Management System currently employs a great deal of MDM functionality specifically around configuring, provisioning and the secure onboarding of computers, smartphones and tablets, as well as more advanced features such as configuring security, VPN and settings, installing applications (note that application installation is currently only for Windows devices), managing bandwidth and revoking access for lost or stolen devices. There are two reasons that Aruba is moving in this direction with ClearPass: 1. Better policy control To do policy control in a BYOD environment, there is a great advantage to also doing device provisioning. Provisioning the device and associating a unique machine ID with that device provides a level of knowledge and control that wouldn t be possible otherwise. 2. Less expensive for supporting mobile devices - The other reason is one of simple economics. Customers don t want to have to buy yet another system for managing devices. They would prefer that the access network do the majority of what MDM does today. And they ultimately want the OS manufacturers to control what s on the device with offerings like Windows Server or Mac OSX Server. Much of what MDM does today will be marginalized as infrastructure vendors start to handle the onboarding process. And Aruba is the first one to take this step. ARUBA NETWORKS CHANNEL PARTNER CONFIDENTIAL DO NOT DISTRIBUTE PAGE 21

ClearPass: Understanding BYOD and today s evolving network access security requirements

ClearPass: Understanding BYOD and today s evolving network access security requirements ClearPass: Understanding BYOD and today s evolving network access security requirements ClearPass: Understanding BYOD and today s evolving network access security requirements Chapter 1: Introduction............................

More information

Conquering today s bring-your-own-device challenges

Conquering today s bring-your-own-device challenges Conquering today s bring-your-own-device challenges Table of Contents A framework for deploying successful BYOD initiatives 3 Shortcomings of current solutions 4 The vision for BYOD access management 5

More information

ClearPass Policy Manager

ClearPass Policy Manager Manager The most comprehensive network access policy enforcement platform for BYOD Key features Unsurpassed multivendor wireless and wired interoperability Built-in guest, profiling, network access control

More information

Conquering Today s Bring Your Own Device Challenges. A framework for successful BYOD initiatives

Conquering Today s Bring Your Own Device Challenges. A framework for successful BYOD initiatives Conquering Today s Bring Your Own Device Challenges A framework for successful BYOD initiatives Table of Contents Introduction 3 BYOD drivers 3 Consumer choice 3 IT considerations 3 Device and information

More information

Conquering today s bring-your-own-device challenges. A framework for successful BYOD initiatives

Conquering today s bring-your-own-device challenges. A framework for successful BYOD initiatives Conquering today s bring-your-own-device challenges A framework for successful BYOD initiatives Table of Contents Introduction 3 BYOD drivers 3 Consumer choice 3 IT considerations 3 Device and information

More information

The most advanced policy management platform available

The most advanced policy management platform available Aruba Policy Manager The most advanced policy management platform available The platform provides role- and device-based network access control for employees, contractors and guests across any wired, wireless

More information

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Tech Brief Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Introduction In today s era of increasing mobile computing, one of the greatest challenges

More information

BYOD: BRING YOUR OWN DEVICE.

BYOD: BRING YOUR OWN DEVICE. white paper BYOD: BRING YOUR OWN DEVICE. On-boarding and Securing Devices in Your Corporate Network Preparing Your Network to Meet Device Demand The proliferation of smartphones and tablets brings increased

More information

Addressing BYOD Challenges with ForeScout and Motorola Solutions

Addressing BYOD Challenges with ForeScout and Motorola Solutions Solution Brief Addressing BYOD Challenges with ForeScout and Motorola Solutions Highlights Automated onboarding Full automation for discovering, profiling, and onboarding devices onto both wired and wireless

More information

ARUBA CLEARPASS POLICY MANAGER

ARUBA CLEARPASS POLICY MANAGER ARUBA CLEARPASS POLICY MANAGER The most advanced policy management platform available The Aruba Policy Manager platform provides role- and device-based network access control for employees, contractors

More information

THE CLEARPASS ACCESS MANAGEMENT SYSTEM

THE CLEARPASS ACCESS MANAGEMENT SYSTEM SOLUTION OVERVIEW Remember when IT was the gatekeeper of everything enterprise and it ruled the network with a combination of strict policies, purpose-built devices, and a fully-contained technology ecosystem.

More information

Systems Manager Cloud Based Mobile Device Management

Systems Manager Cloud Based Mobile Device Management Datasheet Systems Manager Systems Manager Cloud Based Mobile Device Management Overview Meraki Systems Manager provides cloud-based over-the-air centralized management, diagnostics, and monitoring of the

More information

On-boarding and Provisioning with Cisco Identity Services Engine

On-boarding and Provisioning with Cisco Identity Services Engine On-boarding and Provisioning with Cisco Identity Services Engine Secure Access How-To Guide Series Date: April 2012 Author: Imran Bashir Table of Contents Overview... 3 Scenario Overview... 4 Dual SSID

More information

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0 White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative

More information

Bring Your Own ipad to Work January 2011

Bring Your Own ipad to Work January 2011 White Paper Bring Your Own ipad to Work January 2011 Table of Contents Bring Your Own ipad to Work 1 Introduction... 2 2 Challenges for IT... 3 3 Device Identification... 3 4 Device Enrollment... 5 5 Device

More information

ForeScout MDM Enterprise

ForeScout MDM Enterprise Highlights Features Automated real-time detection of mobile Seamless enrollment & installation of MDM agents on unmanaged Policy-based blocking of unauthorized Identify corporate vs. personal Identify

More information

The ForeScout Difference

The ForeScout Difference The ForeScout Difference Mobile Device Management (MDM) can help IT security managers secure mobile and the sensitive corporate data that is frequently stored on such. However, ForeScout delivers a complete

More information

ForeScout Technologies Is A Leader Among Network Access Control Vendors

ForeScout Technologies Is A Leader Among Network Access Control Vendors For ForeScout Technologies Is A Leader Among Network Access Control Vendors Excerpted From The Forrester Wave : Network Access Control, Q2 2011 by John Kindervag with Stephanie Balaouras, Robert Whiteley,

More information

Policy Management: The Avenda Approach To An Essential Network Service

Policy Management: The Avenda Approach To An Essential Network Service End-to-End Trust and Identity Platform White Paper Policy Management: The Avenda Approach To An Essential Network Service http://www.avendasys.com email: info@avendasys.com email: sales@avendasys.com Avenda

More information

Systems Manager Cloud-Based Enterprise Mobility Management

Systems Manager Cloud-Based Enterprise Mobility Management Datasheet Systems Manager Systems Manager Cloud-Based Enterprise Mobility Management Overview Meraki Systems Manager provides cloud-based over-the-air centralized management, diagnostics, monitoring, and

More information

ClearPass Policy Manager

ClearPass Policy Manager ClearPass Policy Manager V2 October 2013 Introduction With the release of ClearPass Policy Manager 6.2.0 in July 2013 we have continued to build on our previous industry leading functionality, now with

More information

Solving the Sticky Client Problem in Wireless LANs SOLVING THE STICKY CLIENT PROBLEM IN WIRELESS LANS. Aruba Networks AP-135 and Cisco AP3602i

Solving the Sticky Client Problem in Wireless LANs SOLVING THE STICKY CLIENT PROBLEM IN WIRELESS LANS. Aruba Networks AP-135 and Cisco AP3602i SOLVING THE STICKY CLIENT PROBLEM IN WIRELESS LANS Aruba Networks AP-135 and Cisco AP3602i Conducted at the Aruba Proof-of-Concept Lab May 2013 Statement of test result confidence Aruba makes every attempt

More information

Cisco Mobile Collaboration Management Service

Cisco Mobile Collaboration Management Service Cisco Mobile Collaboration Management Service Cisco Collaboration Services Business is increasingly taking place on both personal and company-provided smartphones and tablets. As a result, IT leaders are

More information

Leveraging Bring Your Own Device Programs Network Services Engineered to Enable Employee Choice, Mobility and Security.

Leveraging Bring Your Own Device Programs Network Services Engineered to Enable Employee Choice, Mobility and Security. Leveraging Bring Your Own Device Programs Network Services Engineered to Enable Employee Choice, Mobility and Security Application Note Abstract As more enterprises consider how best to leverage Bring

More information

Bring Your Own ipad to Work

Bring Your Own ipad to Work Bring Your Own ipad to Work Table of Contents Introduction 3 Challenges for IT 3 Device Identification 4 Device Enrollment 5 Device Authentication and Authorization 6 Device Visibility 7 Summary 7 Conclusion

More information

10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM)

10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM) 10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM) CONTENT INTRODUCTION 2 SCOPE OF BEST PRACTICES 2 1. HAVE A POLICY THAT IS REALISTIC 3 2. TAKE STOCK USING A MULTIPLATFORM REPORTING AND INVENTORY TOOL...3

More information

Models HP IMC Smart Connect Edition Virtual Appliance Software E-LTU

Models HP IMC Smart Connect Edition Virtual Appliance Software E-LTU Models HP IMC Smart Connect Edition Virtual Appliance Software E-LTU JG659AAE Key features Identity-based access, advanced device profiling, and real-time traffic quarantining Converged network support

More information

Kaseya IT Automation Framework

Kaseya IT Automation Framework Kaseya Kaseya IT Automation Framework An Integrated solution designed for reducing complexity while increasing productivity for IT Professionals and Managed Service Providers. The powerful, web-based automation

More information

SOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com

SOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com SOSPG2 Implementing Network Access Controls Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com Offer Pa Agenda The BYOD Challenges NAC terms The Big Picture NAC Solutions and Deployment What

More information

Symantec Mobile Management 7.2

Symantec Mobile Management 7.2 Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology

More information

QUALITY OF SERVICE FOR CLOUD-BASED MOBILE APPS: Aruba Networks AP-135 and Cisco AP3602i

QUALITY OF SERVICE FOR CLOUD-BASED MOBILE APPS: Aruba Networks AP-135 and Cisco AP3602i QUALITY OF SERVICE FOR CLOUD-BASED MOBILE APPS: Aruba Networks AP-135 and Cisco AP3602i Conducted at the Aruba Proof-of-Concept Lab November 2012 Statement of test result confidence Aruba makes every attempt

More information

CLEARPASS ONGUARD CONFIGURATION GUIDE

CLEARPASS ONGUARD CONFIGURATION GUIDE CONFIGURATION GUIDE REVISION HISTORY Revised By Date Changes Dennis Boas July 2015 Version 1 initial release TABLE OF CONTENTS... 1 INTRODUCTION... 3 CONFIGURATION WORKFLOW... 4 CONFIGURE POSTURE POLICIES...

More information

Symantec Mobile Management 7.2

Symantec Mobile Management 7.2 Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology

More information

Symantec Mobile Management Suite

Symantec Mobile Management Suite Symantec Mobile Management Suite One Solution For All Enterprise Mobility Needs Data Sheet: Mobile Security and Management Introduction Most enterprises have multiple mobile initiatives spread across the

More information

Bring Your Own Device. Putting Context into Wireless Security. Glen Stacey Networking Systems Engineer Glen_stacey@dell.com

Bring Your Own Device. Putting Context into Wireless Security. Glen Stacey Networking Systems Engineer Glen_stacey@dell.com Bring Your Own Device Putting Context into Wireless Security Glen Stacey Networking Systems Engineer Glen_stacey@dell.com ipad in the News More and more ipads will find their way into the workplace in

More information

HiveManager Client Management

HiveManager Client Management Solution Brief HiveManager Client Management Context-Based Access & Device Controls for a Mobile First Enterprise Introduction BYOD and the Consumerization of IT are changing enterprise networking. Just

More information

XenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

XenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series XenMobile Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Aaron Woland Date: December 2012 Table of Contents Introduction... 3 What Is the Cisco TrustSec System?...

More information

Cisco TrustSec How-To Guide: Planning and Predeployment Checklists

Cisco TrustSec How-To Guide: Planning and Predeployment Checklists Cisco TrustSec How-To Guide: Planning and Predeployment Checklists For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents...

More information

Aerohive Client Management

Aerohive Client Management Solution Brief Aerohive Client Management Context-Based Access & Device Controls for a Mobile First Enterprise Introduction BYOD and the Consumerization of IT have redefined how administrators manage their

More information

IBM Endpoint Manager for Mobile Devices

IBM Endpoint Manager for Mobile Devices IBM Endpoint Manager for Mobile Devices A unified platform for managing mobile devices together with your traditional endpoints Highlights Address business and technology issues of security, complexity

More information

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution? MaaS360 FAQs This guide is meant to help answer some of the initial frequently asked questions businesses ask as they try to figure out the who, what, when, why and how of managing their smartphone devices,

More information

MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series MDM Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Aaron Woland Date: December 2012 Table of Contents Introduction.... 3 What Is the Cisco TrustSec System?...

More information

THE ARUBA ADAPTIVE TRUST DEFENSE FOR SECURE ENTERPRISE MOBILITY

THE ARUBA ADAPTIVE TRUST DEFENSE FOR SECURE ENTERPRISE MOBILITY THE ARUBA ADAPTIVE TRUST DEFENSE FOR SECURE ENTERPRISE MOBILITY LEVERAGING REAL-TIME CONTEXT TO MITIGATE TODAY S NEW RISKS TABLE OF CONTENTS THE NEW ENTERPRISE PERIMETER THE MOBILE RISK SPECTRUM INTRODUCING

More information

AirWatch Solution Overview

AirWatch Solution Overview AirWatch Solution Overview Marenza Altieri-Douglas - AirWatch Massimiliano Moschini Brand Specialist Itway 2014 VMware Inc. All rights reserved. Cloud Computing 2 BYOD 3 Device aziendali? 4 From Client/Server

More information

BES12 Frequently Asked Questions. BEs12. questions. FAQs

BES12 Frequently Asked Questions. BEs12. questions. FAQs 1 BEs12 Frequently asked questions FAQs 2 Contents Overview... 3 Pricing... 4 Technical: Upgrade, Migration & Installation... 5 Additional Migration Questions... 10 Installation... 11 System... 12 BES5

More information

Cisco TrustSec Solution Overview

Cisco TrustSec Solution Overview Solution Overview Cisco TrustSec Solution Overview 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 10 Contents Introduction... 3 Solution Overview...

More information

Avaya Identity Engines Portfolio

Avaya Identity Engines Portfolio Key benefits Improved security and granular control: More secured wireless and guest access, role-based access control and compartmentalization of the network to segment and protect data Reduced costs:

More information

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2 WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Secure Network Access Control Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with

More information

TrustSec How-To Guide: On-boarding and Provisioning

TrustSec How-To Guide: On-boarding and Provisioning TrustSec How-To Guide: On-boarding and Provisioning For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents... 2 Introduction...

More information

Symantec Mobile Management for Configuration Manager 7.2

Symantec Mobile Management for Configuration Manager 7.2 Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices

More information

SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD

SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD www.wipro.com Table of Contents Executive Summary 03 Introduction 03 Challanges 04 Solution 05 Three Layered Approach to secure BYOD 06 Conclusion

More information

APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION

APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION Response Code: Offeror should place the appropriate letter designation in the Availability column according

More information

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user

More information

CUTTING THE CORD BY MOVING TO.11AC SAVES WEST CHESTER OVER $1M

CUTTING THE CORD BY MOVING TO.11AC SAVES WEST CHESTER OVER $1M CUTTING THE CORD BY MOVING TO.11AC SAVES WEST CHESTER OVER $1M West Chester University creates an all-wireless environment using Aruba Networks Wireless LAN, including ClearPass and AirWave, to deliver

More information

Bring Your Own Design: Implemen4ng BYOD Without Going Broke or Crazy. Eric Stresen- Reuter Technical Director Ruckus Wireless

Bring Your Own Design: Implemen4ng BYOD Without Going Broke or Crazy. Eric Stresen- Reuter Technical Director Ruckus Wireless Bring Your Own Design: Implemen4ng BYOD Without Going Broke or Crazy Eric Stresen- Reuter Technical Director Ruckus Wireless Bring Your Own Design SIMPLIFYING BYOD WITH RUCKUS RUCKUS WIRELESS PROPRIETARY

More information

Good MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

Good MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series Good MDM Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Imran Bashir Date: December 2012 Table of Contents Mobile Device Management (MDM)... 3 Overview... 3

More information

ForeScout CounterACT. Continuous Monitoring and Mitigation

ForeScout CounterACT. Continuous Monitoring and Mitigation Brochure ForeScout CounterACT Real-time Visibility Network Access Control Endpoint Compliance Mobile Security Rapid Threat Response Continuous Monitoring and Mitigation Benefits Security Gain real-time

More information

Secure WiFi Access in Schools and Educational Institutions. WPA2 / 802.1X and Captive Portal based Access Security

Secure WiFi Access in Schools and Educational Institutions. WPA2 / 802.1X and Captive Portal based Access Security Secure WiFi Access in Schools and Educational Institutions WPA2 / 802.1X and Captive Portal based Access Security Cloudessa, Inc. Palo Alto, CA July 2013 Overview The accelerated use of technology in the

More information

Real-World Scale for Mobile IT: Nine Core Performance Requirements

Real-World Scale for Mobile IT: Nine Core Performance Requirements White Paper Real-World Scale for Mobile IT: Nine Core Performance Requirements Mobile IT Scale As the leader in Mobile IT, MobileIron has worked with hundreds of Global 2000 companies to scale their mobile

More information

Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere

Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere Solution Overview BYOD Smart Solution Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere 2012 Cisco and/or its affiliates. All rights reserved. This document

More information

Beyond the Firewall No. 71 February, 2012 Network Access Control Edition

Beyond the Firewall No. 71 February, 2012 Network Access Control Edition The Business Advantages of NAC-as-a-Service Benefits, Requirements and Considerations for the Customer and MSP Best practices for securing enterprise networks and data have traditionally focused on perimeter

More information

Meraki: Introduction to Cloud Networking

Meraki: Introduction to Cloud Networking Meraki: Introduction to Cloud Networking April 30, 2014 Sharif Kotb Meraki Business Manager KSA, UAE, Turkey, & Qatar Agenda About Cisco s Cloud Managed Networking Cloud Architecture Solution Overview

More information

The Top 5 Federated Single Sign-On Scenarios

The Top 5 Federated Single Sign-On Scenarios The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3

More information

Athena Mobile Device Management from Symantec

Athena Mobile Device Management from Symantec Athena Mobile Device Management from Symantec Scalable, Secure, and Integrated Device Management for ios and Android Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile

More information

ENTERPRISE MOBILITY ENABLE YOUR NETWORKS TO SUPPORT ENTERPRISE MOBILITY

ENTERPRISE MOBILITY ENABLE YOUR NETWORKS TO SUPPORT ENTERPRISE MOBILITY ENTERPRISE MOBILITY ENABLE YOUR NETWORKS TO SUPPORT ENTERPRISE MOBILITY Presenter October, 2014 MOBILITY AND THE APPLICATION INVASION 1.2 Billion SMART PHONES TO BE SHIPPED IN 2014 IDC Mobility is #1 PRIORITY

More information

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model Table of Contents Introduction 3 Deployment approaches 3 Overlay monitoring 3 Integrated monitoring 4 Hybrid

More information

Palo Alto Networks User-ID Services. Unified Visitor Management

Palo Alto Networks User-ID Services. Unified Visitor Management Palo Alto Networks User-ID Services Unified Visitor Management Copyright 2011 Aruba Networks, Inc. Aruba Networks trademarks include Airwave, Aruba Networks, Aruba Wireless Networks, the registered Aruba

More information

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1 Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology,

More information

Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks

Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks Cisco IT Article December 2013 End-to-End Security Policy Control Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks Identity Services Engine is an integral

More information

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync McAfee Enterprise Mobility Management Versus Microsoft Secure, easy, and scalable mobile device management Table of Contents What Can Do? 3 The smartphone revolution is sweeping the enterprise 3 Can enterprises

More information

Meru Connect. Easy to use, flexible guest access. Simplified BYOD on-boarding and policy management.

Meru Connect. Easy to use, flexible guest access. Simplified BYOD on-boarding and policy management. Meru Connect DATA SHEET Easy to use, flexible guest access. Simplified BYOD on-boarding and policy management. For any user on any network with any device Easy to use, flexible guest access. Simplified

More information

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1 Scalable, secure, and integrated device management for healthcare Data Sheet: Industry Perspectives Healthcare Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any

More information

Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility

Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility Solution Overview Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility What You Will Learn Whether you want to simply allow tablets on your network or transform business processes

More information

SOLUTION BROCHURE. Lifecycle Wireless Infrastructure, Security and Services Management

SOLUTION BROCHURE. Lifecycle Wireless Infrastructure, Security and Services Management SOLUTION BROCHURE Wireless LAN Management Solution Overview Lifecycle Wireless Infrastructure, Security and Services Management Wireless LAN Management Solution Overview A successful wireless LAN (WLAN)

More information

Symantec Managed PKI Service Deployment Options

Symantec Managed PKI Service Deployment Options WHITE PAPER: SYMANTEC MANAGED PKI SERVICE DEPLOYMENT............. OPTIONS........................... Symantec Managed PKI Service Deployment Options Who should read this paper This whitepaper explains

More information

Secure Your Mobile Device Access with Cisco BYOD Solutions

Secure Your Mobile Device Access with Cisco BYOD Solutions Solution Overview Secure Your Mobile Device Access with Cisco BYOD Solutions BENEFITS The Cisco Meraki solution (cloud managed) and Cisco BYOD Solution (on-premises management) help you secure multiple

More information

SA Series SSL VPN Virtual Appliances

SA Series SSL VPN Virtual Appliances SA Series SSL VPN Virtual Appliances Data Sheet Published Date July 2015 Product Overview The world s mobile worker population passed the 1 billion mark in 2010 and will grow to more than 1.3 billion by

More information

Cisco Secure BYOD Solution

Cisco Secure BYOD Solution Q&A Cisco Secure BYOD Solution What Is New? Q. What is new from security to take organizations beyond BYOD? A. Cisco is announcing a solution that goes beyond BYOD in enabling you to securely deliver bring-your-owndevice

More information

solution brief ID Manager Leverage the Cloud to Simplify and Automate Enterprise Guest Management

solution brief ID Manager Leverage the Cloud to Simplify and Automate Enterprise Guest Management solution brief ID Manager Leverage the Cloud to Simplify and Automate Enterprise Guest Management Several trends have recently emerged to ignite the requirement for enterprise guest management. One is

More information

All your apps & data in the cloud, all in one place.

All your apps & data in the cloud, all in one place. The Cloud Desktop For Business Unify Your Business IT Experience All your apps & data in the cloud, all in one place. The Cloud Desktop houses all of your organization's applications and data in one easy-to-access

More information

Wi-Fi Security. More Control, Less Complexity. Private Pre-Shared Key

Wi-Fi Security. More Control, Less Complexity. Private Pre-Shared Key Wi-Fi Security More Control, Less Complexity Private Pre-Shared Key Mobility Meets Security Are the consumer devices in your environment exploding? Are your employees bringing their own devices? And has

More information

Identity-Based Networking Services

Identity-Based Networking Services . Data Sheet Identity-Based Networking Services Identity-Based Networking Services Overview Cisco Identity-Based Networking Services (IBNS) is an integrated solution that offers authentication, access

More information

http://www.velocis.in Extending Collaboration to BYOD Devices

http://www.velocis.in Extending Collaboration to BYOD Devices Extending Collaboration to BYOD Devices Extending Collaboration to BYOD Devices Device Freedom without Compromising the IT Network Today s employees are increasingly on the move, using mobile devices throughout

More information

PULSE SECURE FOR GOOGLE ANDROID

PULSE SECURE FOR GOOGLE ANDROID DATASHEET PULSE SECURE FOR GOOGLE ANDROID Product Overview In addition to enabling network and resource access for corporate managed mobile devices, many enterprises are implementing a Bring Your Own Device

More information

Meru Connect. Easy to use, flexible guest access. Simplified BYOD on-boarding and policy management. For any user on any network with any device

Meru Connect. Easy to use, flexible guest access. Simplified BYOD on-boarding and policy management. For any user on any network with any device Meru Connect Easy to use, flexible guest access. Simplified BYOD on-boarding and policy management. For any user on any network with any device With the increased pervasiveness and user reliance on mobile

More information

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult. Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the standards-based approach to corporate IT. Deploying

More information

The Aruba MOVE Architecture: Integrating Access Management, Network Infrastructure and Mobility Applications

The Aruba MOVE Architecture: Integrating Access Management, Network Infrastructure and Mobility Applications The Aruba MOVE Architecture: Integrating Access Management, Network Infrastructure and Mobility Applications Table of Contents User freedom has become IT s burden 3 The MOVE architecture 4 Access management

More information

ios Enterprise Deployment Overview

ios Enterprise Deployment Overview ios Enterprise Deployment Overview ios devices such as ipad and iphone can transform your business. They can significantly boost productivity and give your employees the freedom and flexibility to work

More information

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief ForeScout CounterACT Device Host and Detection Methods Technology Brief Contents Introduction... 3 The ForeScout Approach... 3 Discovery Methodologies... 4 Passive Monitoring... 4 Passive Authentication...

More information

Mobilize to Rightsize Your Network

Mobilize to Rightsize Your Network Mobilize to Rightsize Your Network Table of Contents How enterprise mobility can reduce the total cost of network ownership by 70 percent 3 Mobility means cost savings 3 Getting started on savings 4 Make

More information

solution guide DLNA, AIRPLAY AND AIRPRINT ON CAMPUS NETWORKS

solution guide DLNA, AIRPLAY AND AIRPRINT ON CAMPUS NETWORKS DLNA, AIRPLAY AND AIRPRINT ON CAMPUS NETWORKS Table of Contents Warning and Disclaimer Introduction What is Zero Configuration Networking (zeroconf)? What is DLNA? Making DLNA and Bonjour work over WLANs

More information

Enterprise Mobility as a Service

Enterprise Mobility as a Service Service Description: Insert Title Enterprise Mobility as a Service Multi-Service User Management for Mobility 1. Executive Summary... 2 2. Enterprise Mobility as a Service Overview... 3 3. Pricing Structure...

More information

Mobile Device Management

Mobile Device Management Mobile Device Management Complete remote management for company devices Corporate and personal mobile devices (commonly referred to as Bring Your Own Device, or BYOD) must be provisioned, configured, monitored,

More information

BYOD in Healthcare. Improving Clinician Productivity and Patient Satisfaction May 2013 WHITEPAPER

BYOD in Healthcare. Improving Clinician Productivity and Patient Satisfaction May 2013 WHITEPAPER WHITEPAPER BYOD in Healthcare Improving Clinician Productivity and Patient Satisfaction May 2013 WHITEPAPER Meru BYOD in Healthcare Table of Contents Introduction... 1 BYOD Requirements... 3 BYOD Deployment

More information

Integrating Wired IDS with Wi-Fi Using Open-Source IDS to Complement a Wireless IDS/IPS Deployment

Integrating Wired IDS with Wi-Fi Using Open-Source IDS to Complement a Wireless IDS/IPS Deployment Integrating Wired IDS with Wi-Fi Using Open-Source IDS to Complement a Wireless IDS/IPS Deployment Table of Contents Introduction 3 Limitations in WIDS monitoring 3 Monitoring weaknesses 3 Traffic analysis

More information

New Features: What s new in Windows Intune?

New Features: What s new in Windows Intune? New Features: What s new in Windows Intune? Contents Release Overview... 2 Unified Enterprise Management Solution... 2 User-based Licensing... 5 Extending Client Support... 5 Understanding Mobile Device

More information

Windows Phone 8.1 in the Enterprise

Windows Phone 8.1 in the Enterprise Windows Phone 8.1 in the Enterprise Version 1.4 MobileIron 415 East Middlefield Road Mountain View, CA 94043 USA Tel. +1.650.919.8100 Fax +1.650.919.8006 info@mobileiron.com Introduction 3 Why Windows

More information