Download presentation
Presentation is loading. Please wait.
Published byAngelique Holby Modified over 10 years ago
1
I MPACT VAN BYOD EN M OBIELE DEVICES OP UW HUIDIGE DESKTOP EN CLIENT ARCHITECTUUR
2
#Name: Filip Roelandt #Function: Technology Expert #Email: filip.roelandt@realdolmen.com #Twitter: filip_roelandt #Mobile: +32 477 28 84 65 Company: www.realdolmen.com
3
PEOPLE & PROCESSES TRACK
4
A device that moves between Different geographical locations Between different networks A person who moves between Different geographical locations Different networks Different communication devices Different applications
5
PEOPLE & PROCESSES TRACK But even within your company walls A user moving to a meetingroom A doctor visits his patients in a hospital
6
LOOK FROM U SER VIEW I own a device Just want my application Device Connection Application … S IMPLE
7
Does not stop with one user Not always plug and play Management / hosting Security Backend Infrastructure LOOK FROM A DMINISTRATION VIEW Device Connection Application - H OW TO TACKLE
8
Device D EVICE - C HALLENGES
9
Today smartphoneTomorrow computer D EVICE - C HALLENGES
10
show me empower me alert me snackdinecreate
11
diskless PCs smartphones home & office PCs netbooks thin clients laptops …on any device tablets iPhone iPhone Android Android Blackberry Blackberry iPad iPad Windows Embedded Windows Embedded Linux Linux Windows Windows Mac OS X Mac OS X Linux Linux
12
Multiple platforms no standard available High mobile support costs Data transfer Unsecured employee-owned phones and tablets Encryption / lockdown Application management Application delivery Reporting usage D EVICE - M ANAGEMENT
13
Laptops - Workstations Management softwares Microsoft SCCM – SCOM Symantec Endpoint protection … Smartphones – Tablets Require New management types Mobile device management D EVICE - M ANAGEMENT
14
W HAT IS M OBILE DEVICE M ANAGEMENT ? Windows Mobile Database Files Directory Applications Certificate Services Messaging Enterprise Environment Symbian Android webOS BlackBerry iPhone iPad MdM VPN Secure email, calendar and contacts Push VPN and WiFi Settings and Certificates Device restrictions and policies Remote full and selective wipe Self provisioning
15
Device Determine the varying levels of service and support options for the segmented workforce Reserve the right to manage all mobile devices with access to corporate resources like PCs. Require users to back up their own personal data D EVICE - A DVICE
16
Connection C ONNECTION
17
Device moves between Ethernet, Wifi, 3G Wired and wireless network access Potentially continuous connectivity, but may be breaks in service Network address changes Radically different network performance on different networks Network interface changes Can we achieve best of both worlds? Continuous connectivity of wireless access Performance of better networks when available C ONNECTION
18
Mobility starts within your company walls By default Everybody on guest network Allow access to internet (limited) Allow access to all external company services (webmail – citrix) Proactively monitor ongoing voice data usage Expenses – international Roaming bills Determine a tiered reimbursement policy for voice and data services costs C ONNECTION - A DVICE
19
Application A PPLICATION
20
A PPLICATION - DEVELOPMENT Smart Client Utilize Local and Remote Resources Offline Capable Centrally, Intelligently Install and Update Flexible and Adaptable to Device Composite Applications Design for Operations
21
How to bring your application to your mobile device ? Client Different apps on different environments Custom development Processing on the client Central Terminal server Virtual desktops Processing on backend Application types can determine device A PPLICATION - L OCATION
22
Not always possible Custom development can be required Heterogeneous environments Licensing model User interface is different on Android, IOS, Windows Available bandwidth Authentication requirements A PPLICATION – C LIENT S ERVER Execute Application on your mobile device Connect Access Data on central infrastructure
23
Published applications / shared desktops is an architecture where the application executes 100% on the server, and the applications user interface is accessed via a mobile device. A PPLICATION – C ENTRAL Connect Execute application on central infrastructure Access data View Application on your mobile device Keyboard / mouse video
25
Another way… VDI – Virtual Desktop Infrastructure A PPLICATION – C ENTRAL Hardware Win 7 Hypervisor Windows Server CPS/TS Apps Hardware user Dedicated Virtual Desktop user Apps Win 7 Apps user Apps user Total Isolation Session isolated at application level (shared OS) Server OS desktop (e.g. Win2k8) Dedicated OS to user User, OS and application are isolated Client OS desktop (e.g. Windows 7) Shared Desktop
26
Published applications / shared desktops A PPLICATION – C ENTRAL Strong on security Wide device support (printer, PDA, …) Very good TCO Global accessibility. Real Desktop Operating System Better application compatibility (no modifications necessary) No registry or DLL restrictions Existing desktops can be imported Full Isolation: each Virtual Desktop runs separately Virtual Desktop Infrastructure
27
Published applications / shared desktops / VDI A PPLICATION – C ENTRAL Limit user control or personalization Locked down - one user impacts hundreds No linux support Challenges Check application compatibility – shared / VDI Some apps might have problems (i.e. multimedia, web apps) Printing and printer driver management client device connectivity (i.e. USB, COM ports) User overhead like IE, AntiVirus, Windows User Profiles, …
28
Determine how users will be provisioned with enterprise-class applications Custom development or Standard applications Centralize applications and data Choose shared desktops first For Users that dont fit this environment Choose virtualized desktops (VDI) A PPLICATIONS - A DVICE
29
Backend Infrastructure B ACKEND
30
Private cloud Public cloud Bpos Office 365 … Considerations : data location Bridges between clouds Vmware Vcloud Citrix bridge software … B ACKEND
31
Hybrid Cloud Public Cloud On premise High fixed cost Full control Known security On/off premise Low utility cost Self-service Fully elastic Trusted security Corporate control Off premise Low utility cost Self-service Fully elastic Traditional Datacenter Hybrid Cloud Traditional Datacenter Public Cloud
32
Determine Cloud main Entry point and backup entry Check your Data location Authentication between datacenters Know what your SLAs are covering B ACKEND - A DVICE
33
Security S ECURITY
34
Endpoint device detection Data / application availability depends on device and connection Protect Corporate data Maximize encryption on end device Prevent data from leaving the perimeter Dataloss Remote wipe Encryption Printing allowed ? Only corporate data is protected S ECURITY
35
S ECURITY – REVIEW CURRENT STATUS Compare a managed device to an unmanaged one Identify whats in your corporate image that provides security Connecting remotelySSL VPN solution Is there any difference in a managed vs. unmanaged device connecting remotely AntivirusOffers BYOD participants your corporate standard Provide for Self-Service install of your Antivirus Can corporate data be downloaded to a laptop Managed by policies or technical solutions Encrypted data plug-in
36
Consider disabling features and user activities in heavily regulated environments Extend acceptable use policies to all current and future mobile devices. Protect the integrity and privacy of corporate data by isolating it from personal data. Enforce strong security policies that prevent data security breaches S ECURITY - A DVICE
37
The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn, and relearn. (Alvin Toffler) P REPARE YOUR ENVIRONMENT FOR THE FUTURE
38
For more information: visit our website WWW.REALDOLMEN.COM Follow us on:
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.