Cisco IDENTITY. SERVICES. ENGINE GORAN PETEH ENTERPRISE SYSTEMS ENGINEER
|
|
- Cecilia Caldwell
- 7 years ago
- Views:
Transcription
1 Cisco IDENTITY. SERVICES. ENGINE GORAN PETEH ENTERPRISE SYSTEMS ENGINEER
2 the challenge 67,000+ and Counting As of June 1 st 2013, that's how many BYOD devices employees are Cisco Apple iphones: 33,138 Apple ipads: 16,197+ Apple Mac computers: 32,936 Windows computers: 83,800 Linux users: 7,378 Android phones: 12,005 Blackberry phones: 4,806 Other phones: 859
3 identity services engine What is ISE? It s NOT this ISE is a POLICY control platform allowing administrators to enforce compliance, enhance security, and simplify operations.
4 identity services engine SIMPLIFIED ARCHITECTURE Provides Authentication & Authorization Services. ACS Cisco ISE NAC Guest integrates previously disparate platforms into NAC Profiler NAC Manager Provides Guest Workflow Services. Provides Device Identification Services. ISE a single unified platform allowing for a more simplified architecture. As a result organizations are able to more easily introduce Comprehensive network access control into their environments while minimizing user impact. Provides Management Services. NAC Server Provides Enforcement Services.
5 identity services engine ENTERPRISE POLICY CONTROL Who What Where When How Security Context / Criteria Cisco ISE Framework Business-Relevant Policies Integrate Existing Network Infrastructure Wired Wireless VPN Ed Office Persona l ipad Joins Wireless Policy = Internet Only Internet Access
6 identity services engine That looks cool I m ready to buy now BUT before I do I want to understand a little more about how it works and what I need.
7 identity services engine AAA SERVICES Cisco ISE provides Radius Authentication & Authorization services for your network. IEEE 802.1X Provides Authentication for all 802.1X enables clients. MAC Authentication Bypass (MAB) Provides Authentication for trusted clients that do not support 802.1X by using it s MAC Address. Centralized Web Authentication For all other devices which fail 802.1X and are not known to ISE they can be redirected to a web portal for authentication.
8 identity services engine LINK ENCRYPTION Cisco MACSec provides data confidentiality by encrypting each packet using symmetric key cryptography. Hop-by-Hop encryption allows specific traffic to be secured while still allowing network policies such as QoS, deep packet inspection and NetFlow be enforced. IT User IT Server Financial Auditor Data Confidentiality/Integrity Zone Financial Server Encrypted Traffic Un-Encrypted Traffic
9 identity services engine GUEST LIFECYCLE Multiple Workflows Available Sponsor/Lobby Ambassador Self Registration Flexible Policies Allow different time profiles Allow some devices to bypass AUP Streamlined Solution Allows same user experience for Wired or Wireless Centralized Reporting Up to 25,000 Guest Accounts stored separate from AD
10 identity services engine DEVICE ONBOARDING ecure & Customizable captive portal Self-Registration for any device Remediate Actions Limit the number of personal devices Trusted Wi-Fi Onboarding Ready Authenticate user Fingerprint device Apply corporate configuration Enterprise applications Automatic policies
11 identity services engine PROFILING & FEEDER SERVICE Active Scanning ISE is able to passively and actively collect device data to determine what it is. Integrated Scanning Cisco Wireless Controllers & Switches offer integrated device profiling * Device Feeder Service In addition to the integrated pre-bui profiles the feeder service allows fo new content to be dynamically adde Internet Feed Server Database Cisco Partner Feeder Service
12 identity services engine SECURE GROUP ACCESS Secure Group Tags are a powerful way to zone and segment a dynamic network without having to re-architect your entire network. Datacenter Office : Clients are DHCP enabled User User User HR Server Firewall /24 HR User Call Center User Call HR Center User User IP Address SGT Firewall SGT 36 No to Rule SGT for 112 SGT : Permit 45 https HR Server IP Address SGT
13 identity services engine POSTURE ASSESSMENT Compliant Windows Patches Current? Part of our Corporate Domain? AV Software Installed? AV Software Up To Date? Non-Compliant Windows Patches Current? Part of our Corporate Domain? AV Software Installed? AV Software Up To Date? ISE can isolate non-compliant host and attempt automatic remediation of issues. Dynamically Updated Posture Content
14 identity services engine MDM INTEGRATION MDM Vendors ISE Authorization Policy Device registration status Device compliance status Disk encryption status Pin lock status Jailbreak status Manufacturer Model Afaria IMEI Serial number Cisco Mobile Collaboration Management Service OS version Phone number
15 Cisco ISE ISE sounds great on paper but HOW do I even attempt to consume it.
16 implementation strategy Crawl Walk Run Crawl: Walk: Run: In After Start this successfully phase with One you or truly completing Two tighten use cases down the Crawl but phase plan security with focus controls the end solving providing mind. newer auditable These challenges use and cases or use often predictable cases start with that experiences had BYOD dependencies and no your matter wireless such the scenario. as a Enterprise network Companies but CA may don t deployment. elect have to to. implement Post- Admission or Posture Assessment controls at this point.
17 implementation strategy CRAWL EXAMPLE In this phase we want to provide differentiated access based solely on who the user is and if they are in particular AD group. When users associate to the wireless network they will automatically be provisioned access based on the table below. full network access access to vdi filtered internet Guest Contractor Employee
18 implementation strategy WALK EXAMPLE In this phase build upon the Crawl phase adding in the ability to Profile devices and/or use Certificates for determining if a device is Trusted or not. The result is being able to distinguish between personally owned employee devices and corporate provided ones. full network access better performance access to vdi filtered internet Guest Contractor Employee BYOD Employee Trusted
19 implementation strategy RUN EXAMPLE In the Run phase we look to implement stronger security controls in the network examining characteristics such as device health. Now administrators would be able to isolate systems that become compromised, fail to meet your corporate standards, and remediate them. full network access better performance access to vdi filtered internet Guest Contractor Employee BYOD Employee Trusted not Healthy Employee Trusted Healthy
20 implementation strategy RUN EXAMPLE Where you stop is up to you ISE is simply the framework. it resources ance resources hr resources shared network performance access to vdi filtered internet Guest IT Contractor Employee Employee Employee HR Employee Contractor BYOD Trusted Trusted Trusted not Healthy IT Employee Trusted
21 Cisco ISE Okay, so now it sounds kind of AWESOME. But, how do I control what people have access to?
22 enforcement options VLAN ASSIGNMENT internet intranet vdi private VLAN10 internet intranet vdi VLAN20 Sarah HR User wireless controller (CORP) internet VLAN30 Sarah joins her corporate ipad personal which iphone laptop is managed to CORP by wireless the corporate SSID. MDM Because product of to the the ISE CORP Authorization wireless Policy SSID. she s Based placed on the on ISE VLAN10. VLAN30. Authorization This particular Policy she s VLAN placed has access on VLAN20. to all the corporate internet This particular only. resources VLAN including has access HR only to most components. corporate resources.
23 enforcement options ACL S internet intranet Jacob Finance User wireless controller (CORP) Named ACL: Empl-Full Empl-Part Guest vdi private Jacob joins his corporate personal iphone ipad laptop to to the the CORP wireless network. His His connection is dynamically provisioned with guest Empl-Part Empl-Full ACL ACL allowing allowing access full access access to the to to the Corporate specific internet only network. corporate and no corporate resources. resources.
24 enforcement options SECURE GROUP TAG (SGT) internet intranet Austin Contractor wireless controller (CORP) IP Address SGT vdi private Austin joins his corporate laptop test ipad to the to the CORP CORP wireless network. His His connection is dynamically provisioned with an SGT of 60 which results in is it getting dynamically access provisioned only to the with internal an SGT application of 50 which he s can developing. be enforced at various points throughout the network.
25 THANK. YOU
BYOD @ Stefan Dürnberger. Consulting Systems Engineer Cisco Deutschland. sduernbe@cisco.com. Co-Author Bitkom Leitfaden BYOD
BYOD @ Stefan Dürnberger Consulting Systems Engineer Cisco Deutschland sduernbe@cisco.com CCIE Security #16458 Co-Author Bitkom Leitfaden BYOD http://www.bitkom.org/files/documents/20130404_lf_byod_2013_v2.pdf
More informationCisco TrustSec How-To Guide: Planning and Predeployment Checklists
Cisco TrustSec How-To Guide: Planning and Predeployment Checklists For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents...
More informationXenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series
XenMobile Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Aaron Woland Date: December 2012 Table of Contents Introduction... 3 What Is the Cisco TrustSec System?...
More informationSOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com
SOSPG2 Implementing Network Access Controls Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com Offer Pa Agenda The BYOD Challenges NAC terms The Big Picture NAC Solutions and Deployment What
More informationCisco TrustSec Solution Overview
Solution Overview Cisco TrustSec Solution Overview 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 10 Contents Introduction... 3 Solution Overview...
More informationMDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series
MDM Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Aaron Woland Date: December 2012 Table of Contents Introduction.... 3 What Is the Cisco TrustSec System?...
More informationImplementing and Configuring Cisco Identity Services Engine SISE v1.3; 5 Days; Instructor-led
Implementing and Configuring Cisco Identity Services Engine SISE v1.3; 5 Days; Instructor-led Course Description Implementing and Configuring Cisco Identity Services Engine (SISE) v1.3 is a 5-day ILT training
More informationBring Your Own Device (BYOD) and 1:1 Initiatives: What Questions Do You Need to Answer Before Jumping In?
Bring Your Own Device (BYOD) and 1:1 Initiatives: What Questions Do You Need to Answer Before Jumping In? Bruce Alexander Product Specialist- Wireless and Mobility Bret Straffon Product Specialist-Security
More informationAddressing BYOD Challenges with ForeScout and Motorola Solutions
Solution Brief Addressing BYOD Challenges with ForeScout and Motorola Solutions Highlights Automated onboarding Full automation for discovering, profiling, and onboarding devices onto both wired and wireless
More informationEmbracing Complete BYOD Security with MDM and NAC
Embracing Complete BYOD Security with MDM and NAC Clint Adams, CISSP, Director, Mobility Solutions Keith Glynn, CISSP, Sr. Technical Solutions Engineer August 22, 2013 Today s Speakers Clint Adams, CISSP
More informationSecuring BYOD With Network Access Control, a Case Study
Securing BYOD With Network Access Control, a Case Study 29 August 2012 ID:G00226207 Analyst(s): Lawrence Orans VIEW SUMMARY This Case Study highlights how an organization utilized NAC and mobile device
More informationSecure Your Mobile Device Access with Cisco BYOD Solutions
Solution Overview Secure Your Mobile Device Access with Cisco BYOD Solutions BENEFITS The Cisco Meraki solution (cloud managed) and Cisco BYOD Solution (on-premises management) help you secure multiple
More informationProviding a work-your-way solution for diverse users with multiple devices, anytime, anywhere
Solution Overview BYOD Smart Solution Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere 2012 Cisco and/or its affiliates. All rights reserved. This document
More informationCisco EXAM - 500-451. Enterprise Network Unified Access Essentials. Buy Full Product. http://www.examskey.com/500-451.html
Cisco EXAM - 500-451 Enterprise Network Unified Access Essentials Buy Full Product http://www.examskey.com/500-451.html Examskey Cisco 500-451 exam demo product is here for you to test the quality of the
More informationGood MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series
Good MDM Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Imran Bashir Date: December 2012 Table of Contents Mobile Device Management (MDM)... 3 Overview... 3
More informationCisco TrustSec How-To Guide: Guest Services
Cisco TrustSec How-To Guide: Guest Services For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents... 2 Introduction...
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-boarding and Securing Devices in Your Corporate Network Preparing Your Network to Meet Device Demand The proliferation of smartphones and tablets brings increased
More informationBring Your Own Device:
Bring Your Own Device: Finding the perfect balance between Security, Performance, Flexibility & Manageability SECURELINK WHITEPAPER 2012 By Frank Staut Management summary This white paper discusses some
More informationBest Practices for Outdoor Wireless Security
Best Practices for Outdoor Wireless Security This paper describes security best practices for deploying an outdoor wireless LAN. This is standard body copy, style used is Body. Customers are encouraged
More informationIntegrating Cisco ISE with GO!Enterprise MDM Quick Start
Integrating Cisco ISE with GO!Enterprise MDM Quick Start GO!Enterprise MDM Version 3.x Overview 1 Table of Contents Overview 3 Getting GO!Enterprise MDM Ready for ISE 5 Grant ISE Access to the GO!Enterprise
More informationOn-boarding and Provisioning with Cisco Identity Services Engine
On-boarding and Provisioning with Cisco Identity Services Engine Secure Access How-To Guide Series Date: April 2012 Author: Imran Bashir Table of Contents Overview... 3 Scenario Overview... 4 Dual SSID
More informationTrustSec How-To Guide: On-boarding and Provisioning
TrustSec How-To Guide: On-boarding and Provisioning For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents... 2 Introduction...
More informationBring Your Own Design: Implemen4ng BYOD Without Going Broke or Crazy. Eric Stresen- Reuter Technical Director Ruckus Wireless
Bring Your Own Design: Implemen4ng BYOD Without Going Broke or Crazy Eric Stresen- Reuter Technical Director Ruckus Wireless Bring Your Own Design SIMPLIFYING BYOD WITH RUCKUS RUCKUS WIRELESS PROPRIETARY
More informationTech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks
Tech Brief Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Introduction In today s era of increasing mobile computing, one of the greatest challenges
More informationBring Your Own Device. Putting Context into Wireless Security. Glen Stacey Networking Systems Engineer Glen_stacey@dell.com
Bring Your Own Device Putting Context into Wireless Security Glen Stacey Networking Systems Engineer Glen_stacey@dell.com ipad in the News More and more ipads will find their way into the workplace in
More informationClearPass: Understanding BYOD and today s evolving network access security requirements
ClearPass: Understanding BYOD and today s evolving network access security requirements ClearPass: Understanding BYOD and today s evolving network access security requirements Chapter 1: Introduction............................
More informationEmbracing BYOD with MDM and NAC. Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout
Embracing BYOD with MDM and NAC Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout 1 Today s Agenda The BYOD Landscape Network Access Control (NAC) 101 Embracing BYOD with MDM and NAC Use Cases 2 The BYOD
More informationPaul Cochran - Account Manager. Chris Czerwinski System Engineer
Paul Cochran - Account Manager Chris Czerwinski System Engineer Next-Generation NAC Fast and easy deployment No infrastructure changes or network upgrades No need for endpoint agents 802.1X is optional
More informationWHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2
WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Secure Network Access Control Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with
More informationNetwork and Device Level Mobile Security Controls IT Considera-ons in the BYOD Era
Network and Device Level Mobile Security Controls IT Considera-ons in the BYOD Era Sco$ Gordon CISSP- ISSMP Vice President, ForeScout June 14, 2012 2012 ForeScout, Page 1 Bring Your Own Device BYOD Many
More informationDelivering Control with Context Across the Extended Network
Delivering Control with Context Across the Extended Network Agenda Current Challenges Cisco ISE Overview Introducing Cisco pxgrid Customer Success Stories Only Cisco ISE Delivers 2013-2014 Cisco and/or
More informationPassguide 500-451 35q
Passguide 500-451 35q Number: 500-451 Passing Score: 800 Time Limit: 120 min File Version: 18.5 Cisco 500-451 Cisco Unified Access Systems Engineer Exam 100% Valid in US, UK, Australia, India and Emirates.
More informationCisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks
Cisco IT Article December 2013 End-to-End Security Policy Control Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks Identity Services Engine is an integral
More informationMobile Device Strategy
Mobile Device Strategy Technology Experience Bulletin, TEB: 2012-01 Mobile Device Strategy Two years ago, the Administrative Office of Pennsylvania Courts (AOPC) standard mobile phone was the Blackberry.
More informationForeScout CounterACT. Device Host and Detection Methods. Technology Brief
ForeScout CounterACT Device Host and Detection Methods Technology Brief Contents Introduction... 3 The ForeScout Approach... 3 Discovery Methodologies... 4 Passive Monitoring... 4 Passive Authentication...
More informationClosed loop endpoint compliance an innovative, standards based approach A case study - NMCI
1 Closed loop endpoint compliance an innovative, standards based approach A case study - NMCI Tom Lerach Head of IA, HP DoD Rajat Bhargava StillSecure October 2009 Agenda endpoint compliance with NMCI
More informationSecure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco
Secure Access into Industrial Automation and Systems Industry Best Practice and Trends Serhii Konovalov Venkat Pothamsetty Cisco Vendor offers a remote firmware update and PLC programming. Contractor asks
More informationThe BYOD Wave: Policy, Security, and Wireless Infrastructure
The BYOD Wave: Policy, Security, and Wireless Infrastructure Ken Kaminski Security & BYOD Technical Solutions Architect Northeast CISSP, GCIA, GCFA, GAWN, GPEN Cisco Systems. 1 1. BYOD Trends & Policy
More informationSECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD
SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD www.wipro.com Table of Contents Executive Summary 03 Introduction 03 Challanges 04 Solution 05 Three Layered Approach to secure BYOD 06 Conclusion
More informationCounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module MaaS360 Version 1.0.1. ForeScout Mobile
CounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module Version 1.0.1 ForeScout Mobile Table of Contents About the Integration... 3 ForeScout MDM... 3 Additional Documentation...
More informationCisco s BYOD / Mobility
Cisco s BYOD / Mobility CONTROL and VISIBILITY for IT DEVICE CHOICE and PREDICTABILITY for Users BALANCE between the number of wired ports and wireless radios 2011 Cisco and/or its affiliates. All rights
More informationClearPass Policy Manager
ClearPass Policy Manager V2 October 2013 Introduction With the release of ClearPass Policy Manager 6.2.0 in July 2013 we have continued to build on our previous industry leading functionality, now with
More informationCisco Secure BYOD Solution
Q&A Cisco Secure BYOD Solution What Is New? Q. What is new from security to take organizations beyond BYOD? A. Cisco is announcing a solution that goes beyond BYOD in enabling you to securely deliver bring-your-owndevice
More informationNetwork Access Control for Mobile Networks
Network Access Control for Mobile Networks Table of Contents Introduction 3 Network access initiatives the candidates 4 Posture-based access control 4 Cisco network access control 5 Microsoft NAP 7 Juniper
More informationARCHITECT S GUIDE: Mobile Security Using TNC Technology
ARCHITECT S GUIDE: Mobile Security Using TNC Technology December 0 Trusted Computing Group 855 SW 5rd Drive Beaverton, OR 97006 Tel (50) 69-056 Fax (50) 644-6708 admin@trustedcomputinggroup.org www.trustedcomputinggroup.org
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationBYOD Networks for Kommuner
BYOD Networks for Kommuner Simon Tompson Solutions Architect @MerakiSimon About Meraki The recognized leader in Cloud Networking - Thousands of customer networks in over 100 countries worldwide - World
More informationClearPass Policy Manager
Manager The most comprehensive network access policy enforcement platform for BYOD Key features Unsurpassed multivendor wireless and wired interoperability Built-in guest, profiling, network access control
More informationDYNAMIC SECURE MOBILE ACCESS
DYNAMIC SECURE MOBILE ACCESS DYNAMIC SECURE MOBILE ACCESS Introduction The traditional approach The strong growth in the tablet and smartphone markets in both the consumer and corporate spheres makes it
More informationMOBILITY BEYOND BYOD. Jonas Gyllenhammar. Consulting Engineer Junos Pulse solutions
MOBILITY BEYOND BYOD Jonas Gyllenhammar Consulting Engineer Junos Pulse solutions BYOD DEFINED Corporate Owned Devices Employee Owned Devices (BYOD) Guest Devices Today's business environment requires
More informationThis chapter covers the following topics: Network admission control overview NAC Framework benefits NAC Framework components Operational overview
This chapter covers the following topics: Network admission control overview NAC Framework benefits NAC Framework components Operational overview Deployment models C H A P T E R 6 Implementing Network
More informationTechnical Note. CounterACT: 802.1X and Network Access Control
CounterACT: 802.1X and Contents Introduction...3 What is 802.1X?...3 Key Concepts.... 3 Protocol Operation...4 What is NAC?...4 Key Objectives.... 5 NAC Capabilities.... 5 The Role of 802.1X in NAC...6
More informationSymantec Client Management Suite 8.0
IT Flexibility. User Freedom. Data Sheet: Endpoint Management Overview of Symantec Client Management Suite Symantec Client Management Suite automates time-consuming and redundant tasks for deploying, managing,
More informationHow to Configure a BYOD Environment with the DWS-4026
Configuration Guide How to Configure a BYOD Environment with the DWS-4026 (MAC Authentication + Captive Portal) Overview This guide describes how to configure and implement BYOD environment with the D-Link
More informationENTERPRISE MOBILITY ENABLE YOUR NETWORKS TO SUPPORT ENTERPRISE MOBILITY
ENTERPRISE MOBILITY ENABLE YOUR NETWORKS TO SUPPORT ENTERPRISE MOBILITY Presenter October, 2014 MOBILITY AND THE APPLICATION INVASION 1.2 Billion SMART PHONES TO BE SHIPPED IN 2014 IDC Mobility is #1 PRIORITY
More informationNXC5500/2500. Application Note. Captive Portal with QR Code. Version 4.20 Edition 2, 02/2015. Copyright 2015 ZyXEL Communications Corporation
NXC5500/2500 Version 4.20 Edition 2, 02/2015 Application Note Captive Portal with QR Code Copyright 2015 ZyXEL Communications Corporation Captive Portal with QR Code What is Captive Portal with QR code?
More informationTechnical Note. ForeScout CounterACT Endpoint Detection & Inspection Methods
ForeScout CounterACT Endpoint Contents Introduction.... 3 Overview of ForeScout CounterACT... 3 Overview of Discovery and Inspection... 4 Host & Network Device Discovery... 4 Endpoint Detection & Inspection
More informationSymantec Mobile Management Suite
Symantec Mobile Management Suite One Solution For All Enterprise Mobility Needs Data Sheet: Mobile Security and Management Introduction Most enterprises have multiple mobile initiatives spread across the
More informationLeveraging mobility in your organisation. Building an effective enterprise mobility environment that delivers competitive advantage
Leveraging mobility in your organisation Building an effective enterprise mobility environment that delivers competitive advantage Creating an environment that provides employees with freedom in where
More informationVirtuelle WLAN Controller Alcatel Lucent Wireless LAN Instant AP
Virtuelle WLAN Alcatel Lucent Wireless LAN Instant AP S. 1 Alcatel Lucent Instant Technology Over-the-air provisioning: Industry only wireless over the air WLAN setup Wizard driven setup: 5 minute WLAN
More informationDeveloping Network Security Strategies
NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network
More informationAnswers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.
Mobility options and landscapes are evolving quickly for the corporate enterprise. Mobile platform providers such as Apple, Google and Microsoft, and leading device hardware vendors are constantly updating
More informationWorkplace-as-a-Service BYOD Management
For companies with people in them Workplace-as-a-Service BYOD Management Solution Overview The BYOD Management solution provides customers with IT tools and services to deploy a Workplace-as-a-Service
More informationEnforcing PCI Data Security Standard Compliance
Enforcing PCI Data Security Standard Compliance Marco Misitano, CISSP, CISA, CISM Business Development Manager Security & VideoSurveillance Cisco Italy 2008 Cisco Systems, Inc. All rights reserved. 1 The
More informationLucent VPN Firewall Security in 802.11x Wireless Networks
Lucent VPN Firewall Security in 802.11x Wireless Networks Corporate Wireless Deployment is Increasing, But Security is a Major Concern The Lucent Security Products can Secure Your Networks This white paper
More informationAPPENDIX 3 LOT 3: WIRELESS NETWORK
APPENDIX 3 LOT 3: WIRELESS NETWORK A. TECHNICAL SPECIFICATIONS MAIN PURPOSE The Wi-Fi system should be capable of providing Internet access directly to a user using a smart phone, tablet PC, ipad or Laptop
More informationForeScout CounterACT. Continuous Monitoring and Mitigation
Brochure ForeScout CounterACT Real-time Visibility Network Access Control Endpoint Compliance Mobile Security Rapid Threat Response Continuous Monitoring and Mitigation Benefits Security Gain real-time
More informationCisco Identity Services Engine
Cisco Identity Services Engine Secure Access Stefan Dürnberger CCIE Security Sourcefire Certified Expert Most organizations, large and small, have already been compromised and don t even know it: 100 percent
More informationCISCO IOS NETWORK SECURITY (IINS)
CISCO IOS NETWORK SECURITY (IINS) SEVENMENTOR TRAINING PVT.LTD [Type text] Exam Description The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.
More informationForeScout Technologies Is A Leader Among Network Access Control Vendors
For ForeScout Technologies Is A Leader Among Network Access Control Vendors Excerpted From The Forrester Wave : Network Access Control, Q2 2011 by John Kindervag with Stephanie Balaouras, Robert Whiteley,
More informationFrank Andrus WHITEPAPER. CTO, Bradford Networks. Evolve your network security strategy to meet new threats and simplify IT security operations
WHITEPAPER An Adaptive Approach to Network Security Evolve your network security strategy to meet new threats and simplify IT security operations Frank Andrus CTO, Bradford Networks Executive Summary...
More informationStrategic Road Map for Network Access Control
G00219087 Strategic Road Map for Network Access Control Published: 11 October 2011 Analyst(s): Lawrence Orans, John Pescatore Long derided as an overhyped concept, network access control (NAC) has emerged
More informationARCHITECT S GUIDE: Comply to Connect Using TNC Technology
ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org
More informationIntro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
More informationReal-World Scale for Mobile IT: Nine Core Performance Requirements
White Paper Real-World Scale for Mobile IT: Nine Core Performance Requirements Mobile IT Scale As the leader in Mobile IT, MobileIron has worked with hundreds of Global 2000 companies to scale their mobile
More informationOneFabric Connect. Overview. Extend the OneFabric architecture to 3rd party applications DATA SHEET BENEFITS BUSINESS ALIGNMENT
DATA SHEET OneFabric Connect Extend the OneFabric architecture to 3rd party applications BUSINESS ALIGNMENT Embrace BYOD by mixing and matching managed and unmanaged devices on the same infrastructure
More information» WHITE PAPER. 802.1X and NAC: Best Practices for Effective Network Access Control. www.bradfordnetworks.com
» WHITE PAPER 802.1X and NAC: Best Practices for Effective Network Access Control White Paper» 802.1X and NAC: Best Practices for Effective Network Access Control 1 IEEE 802.1X is an IEEE (Institute of
More informationParticularities of security design for wireless networks in small and medium business (SMB)
Revista Informatica Economică, nr. 4 (44)/2007 93 Particularities of security design for wireless networks in small and medium business (SMB) Nicolae TOMAI, Cluj-Napoca, Romania, tomai@econ.ubbcluj.ro
More informationHow To Write A Mobile Device Policy
BYOD Policy Implementation Guide BYOD Three simple steps to legally secure and manage employee-owned devices within a corporate environment We won t bore you with the typical overview that speaks to the
More informationMANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013
MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY EMEA Webinar July 2013 Protecting the Enterprise Full Footprint Mobile user Application access management & Application security Enterprise headquarters
More informationF5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France
F5 Identity and Access Management (IAM) Overview Laurent PETROQUE Manager Field Systems Engineering, France F5 s Security Strategy Protect Apps/Data Wherever They Reside Control Access to Apps/Data from
More informationConfigure ISE Version 1.4 Posture with Microsoft WSUS
Configure ISE Version 1.4 Posture with Microsoft WSUS Document ID: 119214 Contributed by Michal Garcarz, Cisco TAC Engineer. Aug 03, 2015 Contents Introduction Prerequisites Requirements Components Used
More informationImplementing Cisco IOS Network Security
Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles
More informationThe most advanced policy management platform available
Aruba Policy Manager The most advanced policy management platform available The platform provides role- and device-based network access control for employees, contractors and guests across any wired, wireless
More informationSimple security is better security Or: How complexity became the biggest security threat
Simple security is better security Or: How complexity became the biggest security threat Christoph Litzbach, Pre-Sales Engineer NSG 1 What do they have in common? DATA BREACH 2 Security is HARD! Components
More informationChris Boykin VP of Professional Services
5/30/12 Chris Boykin VP of Professional Services Future Com! 20 years! Trusted Advisors! Best of brand partners! Brand name customers! 1000 s of solutions delivered!! 1 5/30/12 insight to the future, bringing
More informationThe User is Evolving. July 12, 2011
McAfee Enterprise Mobility Management Securing Mobile Applications An overview for MEEC The User is Evolving 2 The User is Evolving 3 IT s Challenge with Mobile Devices Web 2.0, Apps 2.0, Mobility 2.0
More informationHiveManager Client Management
Solution Brief HiveManager Client Management Context-Based Access & Device Controls for a Mobile First Enterprise Introduction BYOD and the Consumerization of IT are changing enterprise networking. Just
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationBYOD(evice) without BYOI(nsecurity)
BYOD(evice) without BYOI(nsecurity) Dan Houser CISSP-ISSAP CISM Goran Avramov MCSE+M VCP4 Cardinal Health Session ID: HOT-107 Session Classification: Intermediate Agenda Drivers for Bring Your Own Device
More informationSystems Manager Cloud-Based Enterprise Mobility Management
Datasheet Systems Manager Systems Manager Cloud-Based Enterprise Mobility Management Overview Meraki Systems Manager provides cloud-based over-the-air centralized management, diagnostics, monitoring, and
More informationALCATEL-LUCENT ENTERPRISE CONVERGED NETWORK SOLUTION Deliver a consistent and quality user experience, streamline operations and reduce costs
CONVERGED NETWORK SOLUTION Deliver a consistent and quality user experience, streamline operations and reduce costs THE CHALLENGES TO BECOME THE NEXT-GEN CORPORATIONS Technology is essential for the efficiency
More informationMeraki: Introduction to Cloud Networking
Meraki: Introduction to Cloud Networking April 30, 2014 Sharif Kotb Meraki Business Manager KSA, UAE, Turkey, & Qatar Agenda About Cisco s Cloud Managed Networking Cloud Architecture Solution Overview
More informationTECHNICAL WHITEPAPER. Author: Tom Kistner, Chief Software Architect. Table of Contents
TECHNICAL WHITEPAPER Author: Tom Kistner, Chief Software Architect Last update: 18. Dez 2014 Table of Contents Introduction... 2 Terminology... 2 Basic Concepts... 2 Appliances... 3 Hardware...3 Software...3
More informationTotal Enterprise Mobility
Total Enterprise Mobility Presented by Wlodek Dymaczewski, IBM Wlodek Dymaczewski dymaczewski@pl.ibm.com www.maas360.com Top Enterprise Mobility Initiatives Embrace Bring Your Own Device (BYOD) Migrate
More informationBring Your Own Device
Bring Your Own Device Cisco Values in BYOD Eric NG (bokng@cisco.com) Technical Solution Architect Enterprise Networking Group, Greater China 2011 Cisco and/or its affiliates. All rights reserved. Cisco
More informationSystems Manager Cloud Based Mobile Device Management
Datasheet Systems Manager Systems Manager Cloud Based Mobile Device Management Overview Meraki Systems Manager provides cloud-based over-the-air centralized management, diagnostics, and monitoring of the
More informationAn Intelligent Solution for the Mobile Enterprise
An Intelligent Solution for the Mobile Enterprise IntelliGO - An Intelligent Solution for the Mobile Enterprise BYOD and the mobile movement continue to gain momentum fueled by the explosive growth of
More informationPCI Solution for Retail: Addressing Compliance and Security Best Practices
PCI Solution for Retail: Addressing Compliance and Security Best Practices Executive Summary The Payment Card Industry (PCI) Data Security Standard has been revised to address an evolving risk environment
More informationENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS. Version 2.0
ENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS Version 2.0 July 20, 2012 Table of Contents 1 Foreword... 1 2 Introduction... 1 2.1 Classification... 1 3 Scope... 1
More information