Genuine 9332606886 Hot and Beautiful đ Pune Escorts call Girls
Â
2012 ah emea deploying byod
1. CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
All rights reserved 1 #airheadsconf#airheadsconf
DEPLOYING BYOD:
ONBOARDING, PROVISIONING,
POLICY, REPORTING
2. 2 2
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
The BYOD Challenges
Trusted
⢠Company-owned
⢠Fully managed
⢠Fully controlled
Corporate
Liable
Employee
Liable
Tolerated
⢠Company or Employee
owned
⢠Limited visibility
⢠Limited control
How do I:
⢠Maintain visibility &
control?
⢠Deliver secure,
differentiated
access?
⢠Simplify device
provisioning?
Requirement: Securely Onboard Mobile Devices
3. 3 3
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Is your Network ready for BYOD?
⢠The buzz is uncontrollable
â Any device, any user, any time
⢠What have we learnt from the originators of BYOD�
⢠Education has been doing BYOD for years
â Lots of diverse devices to manage = lots of helpdesk calls
â Securing the network and the application is key
â Expand cloud applications or VDI
⢠So from a security perspective
â BYOD is driving the need for a more intelligent access control network
4. 4 4
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Join the BYOD Domain
⢠Supplicant Config
⢠Push Trusted Cert
⢠Enable Posture
⢠Set Auth type
⢠Enrolment workflow
⢠Authorize User to provision device
⢠Device credential push
⢠Link User to Device
⢠Complete view device
& network
⢠Command & Control
⢠Inventory
⢠Diagnostics
⢠Revoke Device Access
⢠Device Profiling
⢠Role Derivation
⢠Corp vs Employee Liable
Device Access
Controls
Join BYOD
Domain
Visibility &
Reporting
Onboard Device
1
2
3
4
5. CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
All rights reserved 5 #airheadsconfcommunity.arubanetworks.com #airheadsconf
BYOD Building Blocks
6. 6 6
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Foundation Technologies for BYOD
⢠Device Profiling
â Accurately determine device, force enrollment or deny access
⢠Enrollment and Provisioning Workflow
â Clean user self managed onboarding process, no IT involvement
⢠Context Aware Policy Definition Point (PDP)
â Implement business policy for BYOD access, multi-contextual
⢠Granular Policy Enforcement at the Access Layer
â Stateful firewalling, Application Aware, Bandwidth Constraints
⢠BYOD lifecycle management
â Device inventory, revoke network access, more to come . . .
7. 7 7
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
ClearPass Profile
Session
Info
Device
Visibility
Per
Classification
Real-
time
tracking
8. 8 8
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
User and Device Policy Example
Profile
dB
Device
Classification
âAuto Profileâ
1
Type
Family
Category
1. All devices auto profiled
2. Device information mapped to classification for policy and proper access
3. Granular access based on device type and identity
Example: Executive level user connects to network with iPad 2, and
ClearPass Profile matches device to category, family and
type to apply full access policy
2
3 User &
Device
ClearPass
Policy
9. 9 9
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Enrollment & Provisioning Workflow
Limited Access
Zone
Active Directory
Device
Credential
Access Network
ClearPass Policy Manager
1.
Authorize BYOD
enrollment based on
AD credentials
2. Register device
type & ownership
Provision a unique device
credential for that user &
device
3. +
Revoke access for
devices that are lost or
stolen
4.
11. 11 11
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Integrated Captive Portal
1. Device type is auto detected
and user prompted to
commence workflow
2. Settings and
credentials are auto
configured on device
3. User is automatically placed on secure
SSID or network segment upon completion
of onboarding
13. 13 13
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Intuitive Policy Definition
Service
Authentication
Authorization
Roles
Posture
Audit
Enforcement
14. 14 14
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Granular Policy Enforcement at the Access Layer
Policy Enforcement Firewall (PEF)
Instant
AP
Mobility ControllerMobility Access
Switch
Identify
the Connection
Classify
the Traffic
Control Optimize
the Air
Follow
the UserAccess per Packet
1101010001001111100
15. 15 15
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Enforce on any Network!
POLICY DECISION
ClearPass Policy Manager
POLICY ENFORCEMENT:
Policy Enforcement Optimized for Mobility
Any Network
16. 16 16
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
BYOD lifecycle management
Revoke Device
Network Access
Device Inventory
Data
Realtime Dashboard
of BYOD Access
Enforcement of
BYOD Access
Policies
17. 17 17
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
Distributed Architecture
ClearPass Policy
Manager
DNS/DHCP
Identity Stores
LDAP/AD
Main Data Center Mid-size Branch
Regional Office
DMZ
⢠Centralized/Distributed
Administrative Domains
⢠Redundancy/Load
Balancing
⢠Cluster wide licenses
VM CCPM Node
ClearPass Guest/Onboard
CPPM Node
CPPM Profile
18. 18 18
CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
5 Tips for BYOD
⢠Define your BYOD Access Policy
â Limited Access Zone, Which devices, Bandwidth Contracts
⢠Device Aware Access Network
â Device Profiling, ability to force enrollment workflow
⢠Granular Policy Definition & Enforcement
â Centralized policy creation, role based enforcement
⢠User Managed Onboarding Process
â Avoid Help Desk load, install trusted certs, profile device details
⢠Method to Revoke Device Access Critical
â Unique device credential, lost device or employee leaves
19. CONFIDENTIAL
Š Copyright 2012. Aruba Networks, Inc.
All rights reserved 19 #airheadsconfcommunity.arubanetworks.com #airheadsconf
Thank You