CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved Adaptive Trust Security Policies for Today’s Enterprise Mobility Pete Ryan – ClearPass.

Slides:



Advertisements
Similar presentations
| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.
Advertisements

McAfee One Time Password
Securing The Network EDGE December 2010
 What Is Desktop Virtualization?  How Does Application Virtualization Help?  How does V3 Systems help?  Getting Started AGENDA.
The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved AOS & CPPM INTEGRATION CONFIGURATION & TESTING EAP TLS & EAP PEAP by Abilash Soundararajan.
Is Your Network Ready for the iPad? George Bentinck MBCS MIET Sales Engineer, EMEA +44 (0) Twitter: meraki_se.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Network Security for the Distributed Enterprise January 2011.
Meraki Mobile Device Management
All Rights Reserved © Alcatel-Lucent | Enterprise mobility | 2010 Laurent Bouchoucha October, 2010 Seamless mobility in a secure and controlled.
A Siemens Enterprise Communications Company “There is nothing more important than our customers” BYOD and Maintaining Control of Your Network.
16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.
Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Lisa Farmer, Cedo Vicente, Eric Ahlm
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco NAC Guest Server Guest Access - Simplified Tim Wellborn SE Sangeeta.
1 SharePoint Momentum 17K+ Customers, 100M Licenses Leader in Gartner ® Magic Quadrants, Forrester Wave TM Continued Platform and Application Innovation.
Information Security in Real Business
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Borderless Networks Enabling the Borderless Organisation Mark Jackson,
CONFIDENTIAL & PROPRIETARY 1 WAF and Identity and Access Management Integration The Next Step in the Evolution of Application Security Best Practices Jan.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
by Evolve IP Managed Services
PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
© 2012 Bradford Networks. All rights reserved. Secure BYOD.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Normalized Endpoint Computing Research Team Results PSU Technology Solution Mat B. & Alice S.
Robbie Upcroft Sales Manager - SMB & Distribution, Asia-Pacific
Get your network ready for Apple Observations from Aruba Networks
© 2013 Avaya Inc. All rights reserved Avaya UC Collaboration Solution A complete solution for midsize companies Mobility Video SecurityNetworking.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Copyright © 2007 Juniper Networks, Inc. 1 Presented to Cosmoline April 10, 2008 Juniper Solutions for WiMAX.
Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.
Bluesocket vWLAN Overview. Its ALL about n……
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Imagine a health system that focuses on health, not just health care. Imagine a sustainable health system with one goal: to improve the lives of the people.
Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.
© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. Comprehensive Network Security Our Products Unified Threat ManagementCyberoam.
Building a Fully Trusted Authentication Environment
7.4 Update - ISE Session.
User and Device Management
What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.
INNOVATE THROUGH MOTIVATION Mobile Computing & Your Business KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.
IS3220 Information Technology Infrastructure Security
PROPRIETARY © Copyright Aruba Networks, Inc. All rights reserved PROPRIETARY © Copyright Aruba Networks, Inc. All rights reserved Aruba Networks.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security VPN R75 (SecureClient Next Generation)
ORNL Site Report ESCC July 15, 2013 Susan Hicks David Wantland.
Ton den Braber Channel Manager Benelux Dell SonicWALL The Promises and Pitfalls of BYOD.
So how to identify exactly who and what is on your network at any point in time? Andrew Noonan, SE ForeScout February 2015.
Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
Discover How You Can Increase Collaboration with External Partners While Reducing Your Cost in Managing an Extranet from the Azure Cloud MICROSOFT AZURE.
Munix Bus WiFi Authentication, Log Management, Internet Security, Content Filter & VPN Service Internet Gateway & Business Intelligence
Reduce Risk Across Hybrid IT
Reduce Risk Across Hybrid IT
Cloud-First, Modern Windows Management and Security
Network Access Control 101 Securing the Critical Edge of Your Network
Forefront Security ISA
Reduce Risk Across Hybrid IT
Network Access Control 101 Securing the Critical Edge of Your Network
Cloud Connect Seamlessly
Access and Information Protection Product Overview October 2013
Check Point Connectra NGX R60
Matthew Levy Azure AD B2B vs B2C Matthew Levy
IT Management, Simplified
Presentation transcript:

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Adaptive Trust Security Policies for Today’s Enterprise Mobility Pete Ryan – ClearPass solutions, East

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved The New Normal - GenMobile BRANCH HOME ENTERPRISE PUBLIC VENUES

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Emerging Mobility Concerns 1.Who and what can connect to enterprise resources 2.Loss of data, excessive phone charges, lost productivity 3.Employees on open Wi-Fi networks 2. Device Loss / Theft3. Unsecured Networks1. BYOD

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved The Changing Security Perimeter Traditional security focused on a fixed perimeter GenMobile dilutes the notion of a fixed perimeter

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Perimeter Defense IDS/IPS Firewalls Adaptive Trust Security Firewalls IDS/IPS/AV EMM/MDM Physical Web gateways A/V Time for a New Mobile Defense Model Policy needed for central point of control Access Policy Management Enforcement Points

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Use of Context Awareness ClearPass FIREWALLS IDS/IPS ENFORCEMENT POINTS EMM/MDM The Building Blocks of Adaptive Trust Granular control with user and device data Identity, IP address Network controls using device attributes Highly credible user and device data Visibility into location and time

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Example - Context for Accurate Firewall Policies Frederik Mac OS Marketing User and Device FW policy adapts to need  User and device context accuracy  Works with AD, LDAP, ClearPass dB, SQL dB  No agents/clients required ClearPass Context Shared Employee Access

Adaptive Trust – The Starting Point

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Growing User Demands on IT Policies for connecting personal devices Onboarding Works regardless of role, device, location Always-On Access Access does not require going through IT Guest Credentials

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved The ClearPass Solution for Secure Mobility Guest ClearPass OnboardOnGuard Baseline Hardware or VM Appliances (500, 5,000 or 25,000) Remote Location Expandable Applications

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Why Policy vs. AAA  Policy with built-in AAA: RADIUS and TACACS  Per user access to network and resources  Use of context: Users, device profiles, location Note: Optimized for multivendor Wi-Fi, wired and VPN ClearPass Policy Manager

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Adaptive Policy Driven by Device Ownership Enterprise Tablet Enterprise Tablet BYOD Tablet Authentication EAP-TLS SSID CORP-SECURE Authentication EAP-TLS SSID CORP-SECURE Internet Only

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Adaptive Policy Driven by Device Ownership Enterprise Tablet Enterprise Tablet BYOD Tablet Authentication EAP-TLS SSID CORP-SECURE Authentication EAP-TLS SSID CORP-SECURE Internet Only 1.Uses same identity store and EAP type 2.Leverages profiling, onboarding data 3.No need for separate SSIDs 4.Works at the office and over VPN

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Differentiation of Access and Device Limits Authentication using Unique Device Certificates User’s device detected & redirected to portal 1 Settings and cert configured after credentials entered 2 Automatically places user on proper network segment 3 Doctor EasyNo Passwords Secure

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Differentiation of Access and Device Limits Authentication using Unique Device Certificates User’s device detected & redirected to portal 1 Settings and cert configured after credentials entered 2 Automatically places user on proper network segment 3 Doctor EasyNo Passwords Secure 1.Uses same identity store for nurse & doctors 2.IT creates policy for who can onboard 3.Role determine # of devices per user 4.All context collected can be used in policy

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Secure Guest Access  Portals deter users from just hopping on  Complete customization: Sponsors, portals, usable data & enforcement  Ensures guests receive their own credentials Note : PEAP-Public for secure guest access ClearPass Guest

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Secure Guest Access  Deter users from just hopping on  Complete customization: Usable policy data & enforcement  Ensures guests receive their own credentials Note : Sponsor access for convenience and control ClearPass Guest 1.Uses internal identity store – no AD needed 2.Policy determines guest type, access, time, BW 3.Self-serve and sponsor capabilities 4.Onboard context keeps employees off guest network

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Guest Access Services Fully customizable –Sponsor privileges with access verification –Self-service –Per session controls –Automated SMS/ credential delivery –Little IT involvement –Mac caching No more wide-open SSIDs and shared keys!

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Leader in Network Access Control Strong growth and ability to win large opportunities Streamlined onboarding of personal devices Highly customizable guest access Unique support of Bonjour capable devices Detailed diagnostic and visibility features Gartner NAC Magic Quadrant 2013 & 2014

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved Industry-wide Deployments

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved New Guidance, Overviews and More Definitive Guide to Secure Mobility 2pg Executive Briefs (x3) Partner Solution Briefs (PAN, MobileIron, etc.) AAA Migration to Policy ( PPT ) Secure Mobility Landing Page Adaptive Trust Whitepaper (coming) ClearPass Exchange Recipes Web Site

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved POLICY Profiler EMM / MDMNACTACACSRADIUSGuest Device Registration ClearPass Automated security workflows Context-based policy enforcement Integration with Third Party Solutions WIRELESS and WIRED SECURITY MDM/EMMExchangeAuto Sign On Single Sign On Onboarding AirGroup SIEM Support Key Points ANY MULTIVENDOR NETWORK

THANK YOU

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.