Cisco s BYOD / Mobility



Similar documents
Bring Your Own Device

Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere

Cisco Wireless Portfolio

Cisco Unified Access Technology Overview: Converged Access

Cisco Wireless Control System (WCS)

Stefan Dürnberger. Consulting Systems Engineer Cisco Deutschland. sduernbe@cisco.com. Co-Author Bitkom Leitfaden BYOD

CISCO WIRELESS CONTROL SYSTEM (WCS)

Why Migrate to the Cisco Unified Wireless Network?

Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility

Cisco Secure BYOD Solution

Secure Your Mobile Device Access with Cisco BYOD Solutions

Wireless Best Practices For Schools

Bring Your Own Device (BYOD) and 1:1 Initiatives: What Questions Do You Need to Answer Before Jumping In?

Addressing BYOD Management Challenges with Cisco Prime

How To Use An Ipad Wireless Network (Wi Fi) With An Ipa (Wired) And An Ipat (Wired Wireless) Network (Wired Wired) At The Same Time

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

Cisco Prime Network Control System

Cisco TrustSec Solution Overview

NX 9500 INTEGRATED SERVICES PLATFORM FOR THE PRIVATE CLOUD

Deploying the ShoreTel IP Telephony Solution with a Meru Networks Wireless LAN

BYOD Networks for Kommuner

Passguide q

Meraki Wireless Solution Comparison

Cisco Wireless Control System (WCS)

Cisco Outdoor Wireless Mesh Enables Alternative Broadband Access

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3

Cisco EXAM Enterprise Network Unified Access Essentials. Buy Full Product.

Empowering Students with Mobility and BYOD Technology

The All-in-One, Intelligent WLAN Controller

Cisco Unified Wireless Network Software Release 7.0

Best Practices for Configuring Cisco Wireless LAN Controllers

Cisco Actualtests Exam Questions & Answers

Meru MobileFLEX Architecture

Taking Charge with Apps, Policy, Security and More. October 16, 2012 Sheraton Denver Downtown Hotel Denver, CO

Is Your Network Ready for the ipad?

SOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect

Managed WiFi. Choosing the Right Managed WiFi Solution for your Organization. Get Started Now: to learn more.

Meru MobileFLEX Architecture

Best practices for WiFi in K-12 schools

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Delivering Control with Context Across the Extended Network

The BYOD Wave: Policy, Security, and Wireless Infrastructure

Intelligent WLAN Controller with Advanced Functions

BYOD Strategy and Solutions

Supporting Municipal Business Models with Cisco Outdoor Wireless Solutions

Deploy and Manage a Highly Scalable, Worry-Free WLAN

Meraki 2015 Solution Brochure

Eliminating the cost and complexity of hardware controllers with cloud-based centralized management

MR Cloud Managed Wireless Access Points

Cisco Outdoor Wireless Network Serves Up Automatic Meter Reading

ALCATEL-LUCENT ENTERPRISE CONVERGED NETWORK SOLUTION Deliver a consistent and quality user experience, streamline operations and reduce costs

Best Practices for Outdoor Wireless Security

Cisco Passguide Exam Questions & Answers

MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

Cisco Mobility Express Bundle. S&L Webinar

CISCO SMB CLASS MOBILITY AND WIRELESS SOLUTIONS: THE RESPONSIVE WORKFORCE

Motorola SMART Branch. Easy, cost-effective n wireless networking for branch offices

The All-in-One, Intelligent WLAN Controller

Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks

Solutions for admission control and data loss prevention in a modern corporate network

Simple, scalable, secure Complete BYOD solution Michael Lloyd HP- Enterprise Group

WiNG5 CAPTIVE PORTAL DESIGN GUIDE

How To Unify Your Wireless Architecture Without Limiting Performance or Flexibility

Course Content for Managing Cisco Wireless LANs (WMNGI 1.2) Duration : 4 Days

Cisco TrustSec How-To Guide: Guest Services

Matthew Chu - SR. Technical Architect Channel Technical Sales Enablement

XenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

Virtuelle WLAN Controller Alcatel Lucent Wireless LAN Instant AP

Deploying a Secure Wireless VoIP Solution in Healthcare

MSP Dashboard. Solution Guide

When SDN meets Mobility

Network Virtualization Network Admission Control Deployment Guide

ENTERPRISE CONVERGED NETWORK SOLUTION. Deliver a quality user experience, streamline operations and reduce costs

Cisco Validated Design

Cisco Validated Design

BYOD in Healthcare. Improving Clinician Productivity and Patient Satisfaction May 2013 WHITEPAPER

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

MR Cloud Managed Wireless Access Points

BYOD: BRING YOUR OWN DEVICE.

Readiness Assessments: Vital to Secure Mobility

POLICY SECURE FOR UNIFIED ACCESS CONTROL

MR Cloud Managed Wireless Access Points

Avaya WLAN 9100 Series

SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

Meru MobileFLEX. An Architecture Overview Design Wireless Networks for Control and Flexibility WHITEPAPER

Transcription:

Cisco s BYOD / Mobility CONTROL and VISIBILITY for IT DEVICE CHOICE and PREDICTABILITY for Users BALANCE between the number of wired ports and wireless radios 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Drivers Assumptions Key Functionality Portfolio Innovations Why Cisco 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 2 1

ANY USER ANYWHERE ANYTIME ANY DEVICE 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Drivers and Assumptions Drivers Majority of new network devices have no wired port Users will change devices more frequently than in the past Mobile devices have become an extension of our personality Guest access with accountability has become a mandatory business need Assumptions Guests must be isolated and their activity accounted for Users will have 1 wired and 2 or more wireless devices moving forward The wireless network must be secure and as predictable as the wired network There can be no unmanaged devices any more only managed and semi-managed 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 2

Use Cases Basic Mobility Guest Wi-Fi Corporate Wi-Fi Mobile Mail only Basic BYOD Guest Wi-Fi Corporate Wi-Fi Personnel Mobile Device with Profiling Advanced BYOD Guest Wi-Fi Corporate Wi-Fi Personnel Mobile Device with Profiling and Provisioning VPN Access Wired BYOD MDM / VDI Voice / Video Everywhere 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 Key Functionality and Success Key Functionality Unified wired and wireless network with centralized policy management Sponsored guest and contractor access management that is isolated and accountable AAA (Authentication, Authorization, and Accounting) to determine who accesses your network PP (Profiling and Provisioning) to simplify onboarding of personal devices and enforce the what, where, when, and how users access your network What is success? A well designed Mobility / Unified Access Network provides: CONTROL (ISE) and VISIBILITY (Prime) for IT DEVICE CHOICE and PREDICTABILITY (CleanAir, ClientLink, VideoStream) for Users BALANCE between the number of wired ports (1:1 ratio) and wireless radios (25:1 ratio) 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 3

Choice and Flexibility for IT Cisco Prime -Network Control System Centralized Control Plane Centralized Data Plan Centralized Policy Central RF Management Central Config Management Central Image Management WLAN Controller Centralized IDS Management Guest Tunneling Survivability Cloud Controller (FlexMode) Flexible Control Plane Distributed Data Plane Distributed Policy Higher AP Scalability Survivability / Client Resiliency Autonomous Access Points Distributed Control Plane Distributed Data Plane Independent Operation CAPWAP Plug & Play Access Points 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Control and Visibility for IT / Device Choice and Predictability for Users Mobility Services Engine 3310 & 3350 Physical or Virtual Access Points Indoor Teleworker Wireless LAN Controllers 1040 Series 600 Series Branch Controller Outdoor Identity and Policy Data Integration NCS 2500 Series WLC on SRE Campus Controllers 5500 Series WiSM2 Cloud Controller 1140 Series 3500i Serie 1260 Series s 1550 Series Density Physical or Virtual ISE Flex 7500 35/3600e Series 3500p Series Distribution Switches Access Switches 6500 Series Compact 2960-S 3750-X/ 3560-X 4500E 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 4

Cisco s BYOD / Mobility Innovations 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 Industry s first context-based Wired+Wireless+VPN policy/guest management Separate policy and guest management Unified context-based policy management for employees and guests across the network Improved Control Who? What? When? Where? How? Wired VPN Wireless AAA + PP = Secure BYOD Simple Unified Automated Cisco ISE Provides Unparalleled Control 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 5

Example of BYOD / Mobility Policy Table Access User Device Location Time Method Policy Guest Personal Laptop Personal Device Wireless Conference Rooms M S 8 am -6 pm Captive Portal DMZ Guest Tunnel Guest VLAN Contractor Contractor Computer Personal Device Wireless Wired Anywhere Anywhere Anytime M S 8 am -6 pm Contractor VLAN Contractor ACL Employee Corporate Computer Personal Device Wired Wireless VPN Anywhere Anywhere Anywhere Anytime Anytime Anytime Employee VLAN Employee ACL IF $Identity AND $Device AND $Access AND $Location AND $Time THEN $Permission 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 Example BYOD / Mobility Implementation Policy Centralized Policy Engine Profiling USER LOCATION TIME DEVICE Access Method HTTP DNS DHCP RADIUS NETFLOW SNMP VLAN 10 VLAN 20 Corporate Resources Corporate Employee Personal Single SSID Wireless LAN Controller Unified Access Management Restricted Internet Only Corporate Issued Device 1. User Authentication and Authorization 2. Profiling to identify device 3. Policy decision 4. Policy enforce to VLAN 10 on same SSID 5. Full access granted 6. Full device visibility PERSONAL Device 1. User Authentication and Authorization 2. Profiling to identify device 3. Policy decision 4. Policy enforce to VLAN 10 or 20 on same SSID 5. Full or Restricted access granted 6. Full device visibility 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 6

Example of Sponsored Guest Management Account Sponsorship Approved sponsor creates account. Access Granted Successful Authentication Isolated Guest Network on DMZ Role Based Policy Applied User and Company Protected by ScanSafe Account Notification Credentials automatically provided to guest via email, SMS, or Printed Receipt Guest User on DMZ Internal WLC Captive Portal Identity Services Engine ISE Web browser redirects to login screen User can manage access for their own device ISE 1.1mr1 Anchor WLC DMZ Internet 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 Single pane of glass view and management of Wired+Wireless+Identity Wireless Separated management Wired Identity Improved Visibility Comprehensive user and access visibility with advanced troubleshooting Wireless Wired Identity Siloed Inefficient Operational Model Repetitive Manual correlation of data Error Prone Consumes time and resources Simple Improves IT efficiency Unified Single view of all user access data Advanced Troubleshooting Less time and resources consumed Cisco Prime NCS Provides Unparalleled Visibility 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 7

Number of Customers Top BYOD Wireless Issues 400 350 300 Contributors to Wireless Network Problems A recent survey shows that respondents view client devices as the top contributor to BYOD Wireless network performance problems 250 200 150 100 50 0 Client devices (Drivers, connections, authentication, or other issues) RF Interference from Wi-Fi and/or non-wi- Fi sources Unexpected demand for increased converage of capacity Faulty wireless network design implementation Old or outdated wireless technology Insufficient IT adminstrator expertise Other 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 15 Troubleshoot BYOD Wireless and Wired devices USE CASE: User calls in to help center because they cannot get access to financial data on the network. IT determines if they are authorized to access this area. Cisco Prime Network Control System (NCS) 1. Search on user name 2. Identify wired and wireless devices associated with the user 3. Display associated and disassociated devices 4. Use automated client troubleshooting workflow to resolve the issue 5. Issue resolved Step by Step Recommendations Cisco Prime NCS = Provides Unparalleled Visibility 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 16 8

Unified Network and Policy Management Comprehensive Wireless Lifecycle Management Integration with Cisco Identity Services Engine Highly Scalable Extends visibility beyond the edge to both wired and wireless users Unifies wired, wireless and security visibility into a single view Aligns to how networks and organizations are evolving for efficient operations and faster troubleshooting Comprehensive lifecycle management of 802.11n and 802.11a/b/g enterprise-class indoor and outdoor wireless networks Delivers a wide array of tools and resources for effective planning, deployment, monitoring and troubleshooting, remediation, and optimization Cisco Prime NCS retrieves information directly from clients: Wired, wireless and authenticated, unauthenticated Enables client posture status and client profiled views Directly links from Cisco Prime NCS to ISE Monitor thousands of switches and Manage hundreds of Cisco wireless LAN controllers and thousand of Aironet access points Seamlessly integrates with Cisco context-aware software, Adaptive Wireless Intrusion Protections System (AWIPS), CleanAir, and the Cisco Integrated Services Router 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 17 Industry s first chip level proactive and automatic interference protection Wireless interference decreases reliability and performance CleanAir mitigates RF interference improving reliability and performance Wireless Client Performance AIR QUALITY PERFORMANCE AIR QUALITY PERFORMANCE Cisco CleanAir Improves Performance and Predictability 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 9

High resolution interference detection, classification, and mitigation at chip level 100 20 63 97 35 90 Detect Classify Locate Mitigate CleanAir Radio ASIC Detect Wi-Fi and non-wi-fi interference sources Assess impact to Wi-Fi performance Proactively change channels when interference occurs Monitor air quality 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 Advanced beam forming technology improves wireless client performance Beam not directed towards clients resulting inconsistent performance Beam directed towards client resulting in consistent experience and better performance 802.11a/g (ClientLink) or 802.11a/g/n (ClientLink 2.0) X Beam Strength Wireless Client Performance 802.11a/g (ClientLink) or 802.11a/g/n (ClientLink 2.0) Beam Forming 802.11n 802.11n Cisco ClientLink - Improves Predictability and Performance 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 10

Reduces coverage holes / improves client predictability and performance Client-link disabled Client-link enabled Wireless Client Performance Lower Data Rates Higher Data Rates Cisco ClientLink - Improves Predictability and Performance 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 21 Automatic band steering and selection for 5GHz capable devices All clients crowd the 2.4GHz spectrum lowering performance 5GHz capable clients are automatically moved to cleaner 5GHz spectrum Wireless Client Performance 2.4GHz 2.4GHz 2.4GHz 5GHz 5GHz 2.4GHz Speed 5GHz Capable Speed 5GHz Capable Speed 2.4GHz Capable Speed 5GHz Capable Speed 5GHz Capable Speed 2.4GHz Capable Cisco BandSelect - Improves Predictability and Performance 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 11

Simplify IT operations with automatic / dynamic RF management Manual RF management Dynamic RF management Simplify RF Management Channels Power Coverage Manual Channel Assignment Manual Transmit Power Adjustment Manual Coverage Hole Detection/Mitigation Dynamic Channel Assignment Dynamic Transmit Power Adjustment Dynamic Coverage Hole Detection/Mitigation Cisco RRM - Improves Predictability and Performance 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 High resolution interference detection, classification, and mitigation at chip level DCA - Dynamic Channel Assignment Changes in channel / air quality are monitored, and Access Point channel assignment is changed when deemed appropriate to preserve predictability TPC - Transmit Power Control Transmit Power is adjusted down or up based on radio to radio pathloss calculation when deemed appropriate to preserve predictability CHDM - Coverage Hole Detection and Mitigation Transmit Power is adjusted up on Access Points when coverage holes are detected and deemed appropriate to preserve predictability 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 12

Wired-like video delivery over wireless No resource reservation, degraded voice and video, cannot deliver multicast Stream prioritization, resource reservation, reliable multicast over wireless Global Enterprise CEO Meeting M&A Negotiation Sports Event CEO Meeting M&A Negotiation Sports Event Cisco VideoStream Improves Predictability and Performance 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 We optimize end-to-end starting at the Access Point Multicast to Unicast Conversion at the AP Multicast Stream AP Selectable Stream Prioritization HIGH PRIORITY EVENT MEETING ROOM EVENT LIVE SPORTING EVENT Resource Reservation Prevents Oversubscription AP VIDEO NOT AVAILABLE WLC AP Tested for 30X Less Bandwidth Consumed and Double the Performance of Competitors 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 13

Industry s first context-based and persistent VPN Connectivity Unmanaged devices risk of data loss and lack of access Always-on VPN connectivity Mobile Worker Acceptable Use Access Control Data Loss Prevention Cisco AnyConnect = Always On VPN Connectivity 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 Thank you. 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information