SOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect
|
|
- Lucy Jacobs
- 8 years ago
- Views:
Transcription
1 SOSPG2 Implementing Network Access Controls Nate Isaacson Security Solution Architect
2 Offer Pa Agenda The BYOD Challenges NAC terms The Big Picture NAC Solutions and Deployment
3 What about outside the Enterprise? The New Normal
4 MOBILE GROWTH RATE
5 MOBILE GROWTH RATE
6 YOUR USERS HAVE NEW EXPECTATIONS The Evolving Workplace Landscape NEXT GENERATION WORKFORCE Work Is No Longer a Place You Go to Work People Are Willing to Take a Pay Cut as Long as They Are Able to Work from Home 70% percent of end users admit to breaking IT policy to make their lives easier Need Anywhere, Anytime, Any Device Access DEVICE PROLIFERATION NEXT GENERATION WORKFORCE VIRTUALIZATION
7 TOP OF MIND CONCERNS The Burden Falls on IT Am I hindering my workforce from being competitive? How do I retain top talent? How do I ensure compliance with SOX, HIPAA, etc? Can I handle partners, consultants, and guests appropriately? CHANGING WORKFORCE
8 THE BORDERLESS NETWORK Intelligent Access Wherever it is Needed Anyone R=RoO x SLE An Authorized Person Borderless Networks Any Device Anywhere An Approved Device Anytime In a Secure Way As Needed
9 Glossary NAC and Security Acronyms NAC - Network Access Control ISE (Cisco NAC) - Identity Services Engine DLP - Data Loss Prevention
10 Glossary NAC and Security Acronyms PKI - Public Key Infrastructure CA - Certificate Authority CRL - Certificate Revocation List
11 Glossary NAC and Security Acronyms ACL - Access Control List dacl - Dynamic Access Control List CoA - Change of Authorization
12 Glossary NAC and Security Acronyms MDM - Mobile Device Management 802.1x - NAC authentication protocol MAB - MAC Authentication Bypass
13 STOP AND THINK What are we trying to do with NAC? A: Secure the Network B: Prevent Malware C: Maintain Regulatory Compliance D: Secure Sensitive Data E: All the above
14 Top Data Threats Procedure Policy Technology 1. Malicious insiders 2. Well-meaning insiders 3. Malicious intarweb hax0rz 4. Lost or stolen media 5. Dissemination of data 6. Mobile devices 7. BAs, suppliers, vendors, partners 8. Cloud/SaaS providers 9. Virtual offices 10. Wireless data transfers 11. Advanced Persistent Threats
15 The Big Picture DLP Outgoing Poses the Biggest Threat to Sensitive Data Monitor Usage of Sensitive Data MDM Enforce Password Enforce Data Encryption Jailbreak Detection PKI Should Unknown Devices Access Sensitive Data? Fingerprint approved devices NAC Control Access to the Private Network Manage Guest Access
16 Traditional Approach to BYOD Guest Network Wireless Conference Room ports Problematic for Wired ports SSL VPN (Application portal) Still a viable solution Virtual Desktop Citrix, Remote Desktop, VDI, etc. Still a viable solution
17 Mobile Device Management Provision Retire Secure Support Apps & Content Monitor
18 Mobile Device Management User Groups & Roles Provision Remove/Hide Unwanted Apps WiFi & VPN Settings Push Apps & Content , Contacts, & Calendars Secure Enforce Password Enforce Data Encryption OS Updates Jailbreak Detection Apps & Content Private App Store Apple VPP Distribution Web Apps & Clips Homegrown Content Locker
19 Mobile Device Management Monitor Support Retire Device Check-Ins Asset Tracking & Reporting Geo-location Remote Lock Remote Password Reset Self Service Jailbreak Detection Lost/Stolen Device Selective Wipe Full Wipe
20 How Do I Control Who and What Access the Network?
21 EVOLVING POLICIES IN A MOBILE WORLD Printers should only ever communicate internally. Internet Employees should be able to access everything but have no access on personal devices. Switch Internal Resources Campus Network Guest and partners are only allowed bandwidth constrained Internet access via wireless. Access Point Wireless LAN Controller Policy Services
22 TYPICAL POLICY OPTIONS Permit Access I have an ipad. Can I get on the network? Low maintenance High risk Tailor Access by Scenario Centralized Policy Engine Simplified, Scalable Access Policy Employee Low maintenance Low risk Deny Access Unified Access Management Converged Monitoring and Troubleshooting Low maintenance Low risk
23 Devices in the New Enterprise A Spectrum of Possibilities & New Trust Equation Enterprise Owned Enterprise Managed User Owned Enterprise Managed User Owned Unmanaged Trust the File System Trust the Device Trust the User Trust the App
24 Deploying NAC - Step 1 Develop a Written Policy Approved Devices List OS, Disk Encryption, etc. Access Methods Allowed Guest Policy BYOD/MDM Policy
25 What is a Certificate? Credential that binds your name to an identity You must be vetted by a trusted authority to get it It provides you access or privileges to communities People who did not give it to you are willing to trust it s contents
26 How Do You Manage Certificates? One option is to self-manage with readily available tools Certificate Software & Hardware Microsoft MDM s Not always Multi-platform? &%$#! Not easy to use Difficult to Scale?
27 Symantec Managed PKI Service The Leading Cloud PKI Platform And It Just Got Better Cost- Effective Deploy PKI applications quickly & easily with no upfront capital investment Simple Deliver consistent, automated, and easy-to-use operation across platforms Flexible Deliver and manage multiple PKI applications from a unified platform Scalable Build on the proven reliability of the longestrunning commercial PKI platform
28 NAC Then and Now Then Pass/Fail (NOT flexible) Few devices supported 802.1x Inline devices created bottlenecks Expensive Overall painful and not practical Now Very Flexible Most devices support 802.1x No more inline devices Affordable Overall Works as advertised
29 Evaluating NAC solutions What Authentication Methods supported AAA (802.1x) MAC Authentication (MAB) Guest management How are Policies Enforced Inline Appliance Endpoint Agent Network Layer (dynamic VLAN or ACL)
30 Evaluating NAC solutions Vendor Alignment HUGE factor Cisco network Cisco ISE Aruba Wireless Aruba ClearPass Juniper Network Juniper UAC MDM integration Don t under estimate the value of MDM Wired and Wireless Capabilities There may be discrepancies Don t assume same features for both
31 Deploying NAC Step 2 Walk before you Run What happens IF You lock down the Network on Day 1 Test and Pilot use cases Deploy in Monitor Mode Evaluate Authentication Success and failures Evaluate what policies would be assigned, prior to enforcement
32 Identity Services Engine (ISE) ACS Centralized Policy NAC Profiler NAC Guest NAC Manager NAC Server Identity Services Engine AAA Services Device Profiling Posture Assessment Guest Access Services Distributed Enforcement Centralized Monitoring and Reporting
33 IEEE 802.1X Authentication Standard for link layer authentication and access control Components: supplicant (client), authenticator (switch), and AAA server Uses Extensible Authentication Protocol (EAP) to transport authentication info. MAC Auth Bypass (MAB) Authenticate using the client s MAC address For devices that don t support 802.1X (no supplicant), such as printers. Web Authentication Cisco TrustSec MAC Authentication IEEE 802.1X For clients that don t support 802.1X (no supplicant), but are capable for interactive HTTP authentication Web Authentication
34 THE IDENTITY BASED ACCESS ARCHITECTURE Identity Context Employee Contractor Guest Device Type Access Type Location Posture Server 802.1X, Web Authentication, MAC Authentication Bypass (MAB), Profiling Authorization and Enforcement Broad Access Limited Access Guest/Internet VLAN, DACL, Security Group Access, Identity Firewall VLAN ACL Data Integrity and Confidentiality MACSec (802.1AE) Policy and Reporting
35 DIFFERENTIATED DEVICE PROFILES Users, on the same wireless network, can be associated to different wired networks after authentication Employee using a corporate laptop with their AD user id assigned to Full network access Employee using personal ipad/iphone with their AD user id assigned to Internet only 1 EAP Authentication ISE Employee Employee Same-SSID 3 2 CAPWAP Accept with VLAN 30 EAP Authentication 4 Accept with VLAN 40 VLAN Q Trunk VLAN 40 Corporate Resources Internet
36 Deploying NAC Authentication Flexibility EASY We can Stack multiple authentication methods to deal with anything that comes along Wireless Auth Guest Auth More Complex Wired Auth Onboarding
37 Deploying NAC Authentication One policy fits all? Don t lump multiple use cases into a single policy Break out use cases to individual policies Taylor default behavior Conference Rooms default to guest Cubicle ports default to private network Device Authentication vs User Authentication Device Identity takes precedence for security policy Device Certificates make it easy (MDM, MS-CA, etc.)
38 Guest Access Sponsor Portal Customizable portal Create multiple accounts Sponsor sets group/id store Time profiles Users account notification Print SMS Sponsor Guest URL-REDIRECT ISE Guest Server Guest Portal Change password Change password at first login Download posture client Self service Device registration
39 Deploying NAC Web Authentication Can reference multiple User Databases AD Local(guest DB) Web Auth is great for sporadic guest access Web Auth is not great for Daily access Get s annoying fast Look at device registration for daily users MAB in the backgraound
40 Device Profiling Cisco ISE Profiler Discovers and Profiles (classifies) each endpoint using the network Monitors for changing endpoint identity attributes Maintains a database of all endpoints on the network Profiling is based on data from: Netflow SNMP CDP DNS DHCP RADIUS accounting Web Auth NMAP IOS Sensor ipad Custom Template
41 Deploying NAC Profiling Great for onboarding New/Unknown devices IP Phones Printers End User devices Reporting on the Install base Prevent MAC Spoofing
42 Posture Assessment ISE Endpoint Posture Assessment The Cisco NAC Agent is used for endpoint checks Thick client on managed machines Thin client via ActiveX or Java Access is controlled via ACL s or VLAN assignments delivered by RADIUS Quarantine Role-based access Periodic reassessment Available checks include: Antivirus condition Antispyware condition File condition Registry condition Application condition Service condition Automated and manual remediation
43 Deploying NAC Posture Assessment Posture Assessment should be backed up by a written policy that you intend to enforce Don t posture assess just for fun, it s not! Deploying NAC Agents adds difficulty Web Agent Great for onboarding, bring device under management Not great for daily access Consider your other solutions in place for managing endpoints
44 ISE Topology Typical SMB Deployment (Under 5000 endpoints) Typical Enterprise Deployment (10,000 endpoints or more)
45 Deploying NAC Architecture Insist on Redundancy Centralized Deployments Cheaper More Practical Need WAN redundancy or a Fail Open policy Scalability Distributable services/node types Load distribution is fairly easy
46 Deploying NAC Avoid the Pitfalls Engage an Architect for design before committing Run a POC if you or provider have uncertainty If your requirements are complex Leverage an experienced partner Or be prepared for a slow painful deployment To Avoid mistakes made by others Ensure a proven real-world deployment
47 Deploying NAC Avoid the Pitfalls Test the Use cases, make sure they make sense Looks good on paper Might not look good in practice
48 Questions
XenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series
XenMobile Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Aaron Woland Date: December 2012 Table of Contents Introduction... 3 What Is the Cisco TrustSec System?...
More informationMDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series
MDM Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Aaron Woland Date: December 2012 Table of Contents Introduction.... 3 What Is the Cisco TrustSec System?...
More informationCisco TrustSec Solution Overview
Solution Overview Cisco TrustSec Solution Overview 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 10 Contents Introduction... 3 Solution Overview...
More informationOn-boarding and Provisioning with Cisco Identity Services Engine
On-boarding and Provisioning with Cisco Identity Services Engine Secure Access How-To Guide Series Date: April 2012 Author: Imran Bashir Table of Contents Overview... 3 Scenario Overview... 4 Dual SSID
More informationCisco TrustSec How-To Guide: Planning and Predeployment Checklists
Cisco TrustSec How-To Guide: Planning and Predeployment Checklists For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents...
More informationCisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks
Cisco IT Article December 2013 End-to-End Security Policy Control Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks Identity Services Engine is an integral
More informationClearPass: Understanding BYOD and today s evolving network access security requirements
ClearPass: Understanding BYOD and today s evolving network access security requirements ClearPass: Understanding BYOD and today s evolving network access security requirements Chapter 1: Introduction............................
More informationBYOD @ Stefan Dürnberger. Consulting Systems Engineer Cisco Deutschland. sduernbe@cisco.com. Co-Author Bitkom Leitfaden BYOD
BYOD @ Stefan Dürnberger Consulting Systems Engineer Cisco Deutschland sduernbe@cisco.com CCIE Security #16458 Co-Author Bitkom Leitfaden BYOD http://www.bitkom.org/files/documents/20130404_lf_byod_2013_v2.pdf
More informationBring Your Own Device (BYOD) and 1:1 Initiatives: What Questions Do You Need to Answer Before Jumping In?
Bring Your Own Device (BYOD) and 1:1 Initiatives: What Questions Do You Need to Answer Before Jumping In? Bruce Alexander Product Specialist- Wireless and Mobility Bret Straffon Product Specialist-Security
More informationTrustSec How-To Guide: On-boarding and Provisioning
TrustSec How-To Guide: On-boarding and Provisioning For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents... 2 Introduction...
More informationGood MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series
Good MDM Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Imran Bashir Date: December 2012 Table of Contents Mobile Device Management (MDM)... 3 Overview... 3
More informationCisco TrustSec How-To Guide: Guest Services
Cisco TrustSec How-To Guide: Guest Services For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents... 2 Introduction...
More informationSecure Networks for Process Control
Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than
More informationOrchestrated Security Network. Automated, Event Driven Network Security. Ralph Wanders Consulting Systems Engineer
Orchestrated Security Network Automated, Event Driven Network Security Ralph Wanders Consulting Systems Engineer Orchestrated Security Network! " TCG/ TNC Architecture! " IF-MAP! " Use cases of IF-MAP!
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-boarding and Securing Devices in Your Corporate Network Preparing Your Network to Meet Device Demand The proliferation of smartphones and tablets brings increased
More informationhttp://www.velocis.in Extending Collaboration to BYOD Devices
Extending Collaboration to BYOD Devices Extending Collaboration to BYOD Devices Device Freedom without Compromising the IT Network Today s employees are increasingly on the move, using mobile devices throughout
More informationProviding a work-your-way solution for diverse users with multiple devices, anytime, anywhere
Solution Overview BYOD Smart Solution Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere 2012 Cisco and/or its affiliates. All rights reserved. This document
More informationCisco Identity Services Engine
Cisco Identity Services Engine Secure Access Stefan Dürnberger CCIE Security Sourcefire Certified Expert Most organizations, large and small, have already been compromised and don t even know it: 100 percent
More informationSecure Your Mobile Device Access with Cisco BYOD Solutions
Solution Overview Secure Your Mobile Device Access with Cisco BYOD Solutions BENEFITS The Cisco Meraki solution (cloud managed) and Cisco BYOD Solution (on-premises management) help you secure multiple
More informationCisco s BYOD / Mobility
Cisco s BYOD / Mobility CONTROL and VISIBILITY for IT DEVICE CHOICE and PREDICTABILITY for Users BALANCE between the number of wired ports and wireless radios 2011 Cisco and/or its affiliates. All rights
More informationForeScout CounterACT. Device Host and Detection Methods. Technology Brief
ForeScout CounterACT Device Host and Detection Methods Technology Brief Contents Introduction... 3 The ForeScout Approach... 3 Discovery Methodologies... 4 Passive Monitoring... 4 Passive Authentication...
More informationSystems Manager Cloud-Based Enterprise Mobility Management
Datasheet Systems Manager Systems Manager Cloud-Based Enterprise Mobility Management Overview Meraki Systems Manager provides cloud-based over-the-air centralized management, diagnostics, monitoring, and
More informationEmbracing Complete BYOD Security with MDM and NAC
Embracing Complete BYOD Security with MDM and NAC Clint Adams, CISSP, Director, Mobility Solutions Keith Glynn, CISSP, Sr. Technical Solutions Engineer August 22, 2013 Today s Speakers Clint Adams, CISSP
More informationHow To Use Cisco Identity Based Networking Services (Ibns)
. Data Sheet Identity-Based Networking Services Identity-Based Networking Services Overview Cisco Identity-Based Networking Services (IBNS) is an integrated solution that offers authentication, access
More informationImplementing and Configuring Cisco Identity Services Engine SISE v1.3; 5 Days; Instructor-led
Implementing and Configuring Cisco Identity Services Engine SISE v1.3; 5 Days; Instructor-led Course Description Implementing and Configuring Cisco Identity Services Engine (SISE) v1.3 is a 5-day ILT training
More informationReadiness Assessments: Vital to Secure Mobility
White Paper Readiness Assessments: Vital to Secure Mobility What You Will Learn Mobile devices have been proven to increase employee productivity and job satisfaction, but can also pose significant threats
More informationWHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment... 2. Adaptive Network Security...
WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Adaptive Network Security Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with Adaptive
More informationThe User is Evolving. July 12, 2011
McAfee Enterprise Mobility Management Securing Mobile Applications An overview for MEEC The User is Evolving 2 The User is Evolving 3 IT s Challenge with Mobile Devices Web 2.0, Apps 2.0, Mobility 2.0
More informationAddressing BYOD Challenges with ForeScout and Motorola Solutions
Solution Brief Addressing BYOD Challenges with ForeScout and Motorola Solutions Highlights Automated onboarding Full automation for discovering, profiling, and onboarding devices onto both wired and wireless
More informationWHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2
WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Secure Network Access Control Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with
More informationARCHITECT S GUIDE: Comply to Connect Using TNC Technology
ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org
More informationARCHITECT S GUIDE: Mobile Security Using TNC Technology
ARCHITECT S GUIDE: Mobile Security Using TNC Technology December 0 Trusted Computing Group 855 SW 5rd Drive Beaverton, OR 97006 Tel (50) 69-056 Fax (50) 644-6708 admin@trustedcomputinggroup.org www.trustedcomputinggroup.org
More informationLeveraging Bring Your Own Device Programs Network Services Engineered to Enable Employee Choice, Mobility and Security.
Leveraging Bring Your Own Device Programs Network Services Engineered to Enable Employee Choice, Mobility and Security Application Note Abstract As more enterprises consider how best to leverage Bring
More informationSolutions for admission control and data loss prevention in a modern corporate network
Solutions for admission control and data loss prevention in a modern corporate network 15 th Finance Tech Forum Yasen Spasov Sales & Pre-sales Manager Executive Summary Founded in 1995 Subsidiary of INTRACOM
More informationSecuring BYOD With Network Access Control, a Case Study
Securing BYOD With Network Access Control, a Case Study 29 August 2012 ID:G00226207 Analyst(s): Lawrence Orans VIEW SUMMARY This Case Study highlights how an organization utilized NAC and mobile device
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationCisco Secure BYOD Solution
Q&A Cisco Secure BYOD Solution What Is New? Q. What is new from security to take organizations beyond BYOD? A. Cisco is announcing a solution that goes beyond BYOD in enabling you to securely deliver bring-your-owndevice
More informationCisco Virtualization Experience Infrastructure: Secure the Virtual Desktop
White Paper Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop What You Will Learn Cisco Virtualization Experience Infrastructure (VXI) delivers a service-optimized desktop virtualization
More informationClearPass Policy Manager
Manager The most comprehensive network access policy enforcement platform for BYOD Key features Unsurpassed multivendor wireless and wired interoperability Built-in guest, profiling, network access control
More informationEnterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect
Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment Paul Luetje Enterprise Solutions Architect Table of Contents Welcome... 3 Purpose of this document...
More informationThe BYOD Wave: Policy, Security, and Wireless Infrastructure
The BYOD Wave: Policy, Security, and Wireless Infrastructure Ken Kaminski Security & BYOD Technical Solutions Architect Northeast CISSP, GCIA, GCFA, GAWN, GPEN Cisco Systems. 1 1. BYOD Trends & Policy
More informationSystems Manager Cloud Based Mobile Device Management
Datasheet Systems Manager Systems Manager Cloud Based Mobile Device Management Overview Meraki Systems Manager provides cloud-based over-the-air centralized management, diagnostics, and monitoring of the
More informationCisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com. 2006 Cisco Systems, Inc. All rights reserved.
Cisco Secure ACS Overview By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com 2006 Cisco Systems, Inc. All rights reserved. 1 Cisco Secure Access Control System Policy Control and
More informationAvaya Identity Engines Portfolio
Key benefits Improved security and granular control: More secured wireless and guest access, role-based access control and compartmentalization of the network to segment and protect data Reduced costs:
More informationSymantec Mobile Management for Configuration Manager 7.2
Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices
More informationSymantec Mobile Management 7.1
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology,
More informationThe Holistic Guide to BYOD in Your Business Jazib Frahim
The Holistic Guide to BYOD in Your Business Jazib Frahim Technical Leader Security Services Practice Cisco Advanced Services May 8, 2012 We are in love with our devices Proliferation of Devices By 2020
More informationEnabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD
Enabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD FORTINET Enabling Secure BYOD PAGE 2 Executive Summary Bring Your Own Device (BYOD) is another battle in the war between security
More information10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM)
10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM) CONTENT INTRODUCTION 2 SCOPE OF BEST PRACTICES 2 1. HAVE A POLICY THAT IS REALISTIC 3 2. TAKE STOCK USING A MULTIPLATFORM REPORTING AND INVENTORY TOOL...3
More informationIntegrating Cisco ISE with GO!Enterprise MDM Quick Start
Integrating Cisco ISE with GO!Enterprise MDM Quick Start GO!Enterprise MDM Version 3.x Overview 1 Table of Contents Overview 3 Getting GO!Enterprise MDM Ready for ISE 5 Grant ISE Access to the GO!Enterprise
More informationSymantec Mobile Management 7.1
Scalable, secure, and integrated device management for healthcare Data Sheet: Industry Perspectives Healthcare Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any
More informationDelivering Control with Context Across the Extended Network
Delivering Control with Context Across the Extended Network Agenda Current Challenges Cisco ISE Overview Introducing Cisco pxgrid Customer Success Stories Only Cisco ISE Delivers 2013-2014 Cisco and/or
More informationCisco Mobile Collaboration Management Service
Cisco Mobile Collaboration Management Service Cisco Collaboration Services Business is increasingly taking place on both personal and company-provided smartphones and tablets. As a result, IT leaders are
More informationSecure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco
Secure Access into Industrial Automation and Systems Industry Best Practice and Trends Serhii Konovalov Venkat Pothamsetty Cisco Vendor offers a remote firmware update and PLC programming. Contractor asks
More informationMobile Security: The good, the bad, the way forward
Mobile Security: The good, the bad, the way forward Get the most out of HP s Mobility Protection Services Jan De Clercq, Felix Martin, HP TC, December, 2013 Today s Presenter Name Jan De Clercq Title &
More informationSECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD
SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD www.wipro.com Table of Contents Executive Summary 03 Introduction 03 Challanges 04 Solution 05 Three Layered Approach to secure BYOD 06 Conclusion
More informationTech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks
Tech Brief Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Introduction In today s era of increasing mobile computing, one of the greatest challenges
More informationMANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013
MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY EMEA Webinar July 2013 Protecting the Enterprise Full Footprint Mobile user Application access management & Application security Enterprise headquarters
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationChris Boykin VP of Professional Services
5/30/12 Chris Boykin VP of Professional Services Future Com! 20 years! Trusted Advisors! Best of brand partners! Brand name customers! 1000 s of solutions delivered!! 1 5/30/12 insight to the future, bringing
More information» WHITE PAPER. 802.1X and NAC: Best Practices for Effective Network Access Control. www.bradfordnetworks.com
» WHITE PAPER 802.1X and NAC: Best Practices for Effective Network Access Control White Paper» 802.1X and NAC: Best Practices for Effective Network Access Control 1 IEEE 802.1X is an IEEE (Institute of
More informationPaul Cochran - Account Manager. Chris Czerwinski System Engineer
Paul Cochran - Account Manager Chris Czerwinski System Engineer Next-Generation NAC Fast and easy deployment No infrastructure changes or network upgrades No need for endpoint agents 802.1X is optional
More informationBring Your Own Device. Putting Context into Wireless Security. Glen Stacey Networking Systems Engineer Glen_stacey@dell.com
Bring Your Own Device Putting Context into Wireless Security Glen Stacey Networking Systems Engineer Glen_stacey@dell.com ipad in the News More and more ipads will find their way into the workplace in
More informationPreparing your network for the mobile onslaught
IBM Global Technology Services Thought Leadership White Paper Preparing your network for the mobile onslaught How networks can overcome the security, delivery challenges posed by mobile devices 2 Preparing
More informationBring Your Own Device
Bring Your Own Device Cisco Values in BYOD Eric NG (bokng@cisco.com) Technical Solution Architect Enterprise Networking Group, Greater China 2011 Cisco and/or its affiliates. All rights reserved. Cisco
More informationModels HP IMC Smart Connect Edition Virtual Appliance Software E-LTU
Models HP IMC Smart Connect Edition Virtual Appliance Software E-LTU JG659AAE Key features Identity-based access, advanced device profiling, and real-time traffic quarantining Converged network support
More informationKaspersky Security for Mobile Administrator's Guide
Kaspersky Security for Mobile Administrator's Guide APPLICATION VERSION: 10.0 SERVICE PACK 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful and that
More informationEmbracing BYOD with MDM and NAC. Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout
Embracing BYOD with MDM and NAC Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout 1 Today s Agenda The BYOD Landscape Network Access Control (NAC) 101 Embracing BYOD with MDM and NAC Use Cases 2 The BYOD
More informationPOLICY SECURE FOR UNIFIED ACCESS CONTROL
White Paper POLICY SECURE FOR UNIFIED ACCESS CONTROL Enabling Identity, Role, and Device-Based Access Control in a Simply Connected Network Copyright 2014, Pulse Secure LLC 1 Table of Contents Executive
More informationWhat Is Cisco Mobile Workspace Solution?
Solution Overview Cisco Mobile Workspace Solution A Whole New Level of Worker Mobility Basic mobile connectivity for employees using personal devices has been around for a while, bringing both benefits
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationNetwork Access Security It's Broke, Now What? June 15, 2010
Network Access Security It's Broke, Now What? June 15, 2010 Jeffrey L Carrell Network Security Consultant Network Conversions SHARKFEST 10 Stanford University June 14-17, 2010 Network Access Security It's
More informationApps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.
Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the standards-based approach to corporate IT. Deploying
More informationConfigure ISE Version 1.4 Posture with Microsoft WSUS
Configure ISE Version 1.4 Posture with Microsoft WSUS Document ID: 119214 Contributed by Michal Garcarz, Cisco TAC Engineer. Aug 03, 2015 Contents Introduction Prerequisites Requirements Components Used
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationWhere are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players
The Current and Future State of IT When, Where, and How To Leverage the The and the Players Software as a Service Citrix VMWare Google SalesForce.com Created and Presented by: Rand Morimoto, Ph.D., MCITP,
More informationEnabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches
print email Article ID: 4941 Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches Objective In an ever-changing business environment, your
More informationBYOD Policy & Management Part I
Introduction Many of today s endpoints are neither known nor protected. According to Gartner, enterprises are only aware of 80 percent of the devices on their network. Those 20 percent of unknown devices
More informationACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0
ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Introduction to Network Security
More informationOneFabric Connect. Overview. Extend the OneFabric architecture to 3rd party applications DATA SHEET BENEFITS BUSINESS ALIGNMENT
DATA SHEET OneFabric Connect Extend the OneFabric architecture to 3rd party applications BUSINESS ALIGNMENT Embrace BYOD by mixing and matching managed and unmanaged devices on the same infrastructure
More informationWhitepaper. Securing Visitor Access through Network Access Control Technology
Securing Visitor Access through Contents Introduction 3 The ForeScout Solution for Securing Visitor Access 4 Implementing Security Policies for Visitor Access 4 Providing Secure Visitor Access How it works.
More informationAPPENDIX 3 LOT 3: WIRELESS NETWORK
APPENDIX 3 LOT 3: WIRELESS NETWORK A. TECHNICAL SPECIFICATIONS MAIN PURPOSE The Wi-Fi system should be capable of providing Internet access directly to a user using a smart phone, tablet PC, ipad or Laptop
More informationENTERPRISE MOBILITY ENABLE YOUR NETWORKS TO SUPPORT ENTERPRISE MOBILITY
ENTERPRISE MOBILITY ENABLE YOUR NETWORKS TO SUPPORT ENTERPRISE MOBILITY Presenter October, 2014 MOBILITY AND THE APPLICATION INVASION 1.2 Billion SMART PHONES TO BE SHIPPED IN 2014 IDC Mobility is #1 PRIORITY
More informationA Guide to New Features in Propalms OneGate 4.0
A Guide to New Features in Propalms OneGate 4.0 Propalms Ltd. Published April 2013 Overview This document covers the new features, enhancements and changes introduced in Propalms OneGate 4.0 Server (previously
More informationEfficient and easy-to-use network access control and dynamic vlan management. Date: 4.12.2007 http:// F r e e N A C. n e t Copyright @2007, Swisscom
Efficient and easy-to-use network access control and dynamic vlan management Date: 4.12.2007 http:// F r e e N A C. n e t Copyright @2007, Swisscom 1 Connection to the enterprise LAN is often (too) easy
More informationMobile Device Management in the Systems Management Ecosystem. Katie Wiederholt, Dell Software
Mobile Device Management in the Systems Management Ecosystem Katie Wiederholt, The forces driving change in mobility Agenda The journey to MDM Where do we want to be and mobile security technologies 2
More informationImplementing Cisco IOS Network Security
Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles
More informationHow To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device
Empowering BYOD and Mobile Security in the Enterprise Jeff Baum, APAC Managing Director Growth of Mobile Mobile worker population will reach 1.3 Billion in 2015 Source: IDC Worldwide Mobile Worker Population
More informationThis chapter covers the following topics: Network admission control overview NAC Framework benefits NAC Framework components Operational overview
This chapter covers the following topics: Network admission control overview NAC Framework benefits NAC Framework components Operational overview Deployment models C H A P T E R 6 Implementing Network
More informationFrank Andrus WHITEPAPER. CTO, Bradford Networks. Evolve your network security strategy to meet new threats and simplify IT security operations
WHITEPAPER An Adaptive Approach to Network Security Evolve your network security strategy to meet new threats and simplify IT security operations Frank Andrus CTO, Bradford Networks Executive Summary...
More informationIINS Implementing Cisco Network Security 3.0 (IINS)
IINS Implementing Cisco Network Security 3.0 (IINS) COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using
More informationCLEARPASS ONGUARD CONFIGURATION GUIDE
CONFIGURATION GUIDE REVISION HISTORY Revised By Date Changes Dennis Boas July 2015 Version 1 initial release TABLE OF CONTENTS... 1 INTRODUCTION... 3 CONFIGURATION WORKFLOW... 4 CONFIGURE POSTURE POLICIES...
More informationMobile Security and Management Opportunities for Telcos and Service Providers
Mobile Security and Management Opportunities for Telcos and Service Providers Lionel Gonzalez Symantec EMEA Solution architect Mike Gibson Protirus Brice Renaud Orange Business Services ST B03 - Mobile
More informationDeploying iphone and ipad Virtual Private Networks
Deploying iphone and ipad Virtual Private Networks Secure access to private corporate networks is available on iphone and ipad using established industry-standard virtual private network (VPN) protocols.
More informationAuditing the Security and Management of Smart Devices. ISACA Dallas Meeting February 13, 2014
Securely Manage your devices, applications and data. Deploy your corporate policies on smart devices. Comply with Regulatory Laws. Auditing the Security and Management of Smart Devices ISACA Dallas Meeting
More informationCisco EXAM - 500-451. Enterprise Network Unified Access Essentials. Buy Full Product. http://www.examskey.com/500-451.html
Cisco EXAM - 500-451 Enterprise Network Unified Access Essentials Buy Full Product http://www.examskey.com/500-451.html Examskey Cisco 500-451 exam demo product is here for you to test the quality of the
More informationEasyConnect. Any application - Any device - Anywhere. Faster, Simpler & Safer Networks
EasyConnect Any application - Any device - Anywhere As cloud computing and mobile devices continue to reshape the way people work, workforces are becoming increasingly mobile. In order to remain competitive,
More informationFrank Andrus WHITEPAPER. CTO, Bradford Networks. Evolve your network strategy to meet new threats and achieve expanded business imperatives
WHITEPAPER The Emergence of Adaptive Network Security Evolve your network strategy to meet new threats and achieve expanded business imperatives Frank Andrus CTO, Bradford Networks Executive Summary...
More informationRFI Template for Enterprise MDM Solutions
RFI Template for Enterprise MDM Solutions 2012 Zenprise, Inc. 1 About This RFI Template A secure mobile device management solution is an integral part of any effective enterprise mobility program. Mobile
More information