© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1

Bring Your Own Device Desafios para a Rede, Oportunidades para o Negócio Rui Fernandes Borderless Networks PSS Portugal 13 November 2012

Market Trends

BYOD and its Challenges

The Cisco BYOD Solution

Summary

Market Trends

Blurring the Borders

Anyone, Anywhere,

Anytime

Consumer ↔ Workforce Employee ↔ Partner Physical ↔ Virtual

19 Billion Mobile devices by 2016

Mobile Devices

IT Resources

MOBILITY WORKPLACE EXPERIENCE

Changing the Way We Work

72% of the World’s Mobile Data Traffic will be Video in

2016

VIDEO

Source: Cisco VNI Global Forecast, 2011–2016

19 billion networked mobile devices by 2016

3/4 of employees uses MULTIPLE

DEVICES for work

56% of information workers

spend time working OUTSIDE THE OFFICE

100% of IT staff STRUGGLE

to keep up with mobile needs

Source: Gartner; Cisco VNI Global Forecast, 2011–2016

By 2016, wi-fi will account for nearly half of all IP traffic. By 2016, nearly one-third of total IP traffic will come from devices other than PCs.

72%

74%

75%

79%

80%

83%

0% 20% 40% 60% 80% 100%

Employees who bring consumer devices into theworkplace are more productive

Employees bringing consumer devices into theworkplace and IT support of them is inevitable

Allowing employees to bring consumer devicesas a company policy increases morale

Our senior executives expect us to support theiruse of consumer devices

Our IT department’s workload increases as employees bring consumer devices into the

workplace

Tablets such as iPads and similar devices will bean integral part of how we conduct business in

the future

% of Respondents Who Agree That…

Source: IDC, Sponsored by Unisys, 2011 Consumerization of IT Study; Business IT Survey

15 billion new networked mobile

devices by 2015

3/4 of employees uses MULTIPLE

DEVICES for work

56% of information workers

spend time working OUTSIDE THE OFFICE

100% of IT staff STRUGGLE

to keep up with mobile needs

Increase Productivity Attract Employees

Drive Innovation

BYOD and its Challenges

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11

O Que é BYOD „Bring your Own Device‟?

―Permite ao utilizadores usarem os dispositivos que escolherem, aumentando

desta forma a sua produtividade e mobilidade,

de uma forma segura‖

* Estes dispositivos podem ser adquiridos pelo empregado ou fornecidos pela empresa

“BYOD significa … qualquer dispositivo, usado em qualquer lugar e agnóstico a quem “pertence”

Fonte: Cisco IT

BYOD: A Company-Wide Project

Network Team

Human Resources

Compliance Operations

Security Operations

Application Team

Endpoint Team

Cisco Internal Webex Social page Hit

109% more devices 48% more users 19% fewer cases

29% lower per user cost 33% higher satisfaction

*2 year comparison

Challenges to BYOD

Securing Access

Managing Complexity

High-Quality Experience

Beyond BYOD

BYOD Beyond BYOD

Device Onboarding and Guest Access

Unified Policy

Uncompromised User Experience

Simplified IT experience

The Optimized Experience for Every Workspace

The Cisco BYOD Solution

Environment Requires

Tight Controls

Corp Only Device

Focus on Basic Services,

Easy Access

Broader Device Types

but Internet Only Simple Guest

Secure Access to Business Applications

Onsite/Offsite

Multiple Device Types + Access Methods

Early BYOD Commercial Adopters

All Key Applications, New Services, Full Control

Any Device, Any Ownership

Innovative Organizations

LIMITED ACCESS

Hospital (Example)

Hospital extends wireless access to employees for corporate devices – laptop, iPad, smartphone

Hospital provides guest access to patients

Doctor uses personal device in hospital and offsite on the train with access to some hospital applications

Hospital administrator is granted full network access to applications with new collaboration services

IT Requirements • Visibility to who/what is on network

• Restrict access to only corporate issued devices

• Restrict personal devices to public internet

• Restricted access to internal sites

• Allow granular onsite and offsite access to network/applications for personal and company devices

• Enable a full mobile and collaboration experience

Business Policy

Device Types

BASIC ENHANCED ADVANCED

Cisco BYOD is an Holistic Approach Made of complementing building blocks

MDM

AnyConnect, ASA, ScanSafe, WSA

ISE

Wired and Wireless Management—Prime

WebEx, Jabber

Workspace Management

Secure Mobility

Policy Management Infrastructure

Unified Infraestructure

Applications

Basic

Advanced

Enhanced

VPN External Wi-Fi Internal Wi-Fi Wired

Devices Layer

Smartphones

Desktop/Notebooks

Tablets

Connectivity Layer

Firewall Router Wireless Switching ISE NCS Prime

ISE NCS Prime AnyConnect

` ISE NCS Prime Webex

MDM

Build on What Your Customer Already Has

Limited Access – Corporate Owned

VPN WIRELESS WIRED

Wireless Access for BYOD Cisco Mobility Technology for High Performance Wireless Network

CleanAir ClientLink 2.0 VideoStream

Improved Performance

Proactive and automatic interference

mitigation

AP 3600/2600

Improved Performance

Proactive and automatic beam

forming for 802.11n and legacy clients

Improved Performance

Wired multicast over a wireless

network

Access Point Innovation

The Tablet AP, enhanced throughput

and coverage for advanced applications for tablets and smart

devices

Unified Access

• Discover and profile end devices with

IOS Sensor • Identity-based access control with no

impact using Monitor Mode • Link layer encryption with policy

enforcement via MACsec • Network visibility to security

vulnerabilities with Flexible NetFlow • Attack forensics with Smart Logging

and Telemetry • Improve network visibility and

mitigate attacks with Flexible NetFlow

Cisco Switching Differentiators

Cisco Switching Differentiators for BYOD Cisco Switches Scale to Meet Diverse Deployment Scenarios

Unified Access

Enabling the BYOD Experience

High Availability

Catalyst 3K-X

Catalyst 4K

Next Generation Workspace

Any Device HD Video

Lower TCO

PoE Leadership Video Security

VDI

Smart Operations

Seamless Remote Access ASA, AnyConnect, WSA, ScanSafe for Remote Access and Web Security

Experience

Connectivity that is intelligent, simple, and

always on

Security

Highly secure mobility across the rapidly increasing number of managed and unmanaged

mobile devices

Enforcement

Security policy enforcement that is context-aware, comprehensive, and

preemptive

Unified Access

Social Networking Enterprise SaaS

Email News

Cisco Web Security

Appliance

Information Sharing Between ASA and WSA

Corporate AD

Users Outside the Network ASA

Cisco Cloud and Web Security

ScanSafe

Universal Management for BYOD Deployments Cisco Prime Infrastructure for Unified Network Management

Improved Network Visibility Faster Troubleshooting Eliminate Configuration Errors

Unified Management

Converged Security and Policy Monitoring Contextual status and monitoring dashboards across wired and wireless networks

Centrally Organizes Day 1-to-n Management tasks Instructional configuration workflows

Reduces the Time to Troubleshoot Integration with Cisco Prime Infrastructure

Converged Access Management for Wired and Wireless Networks Wireless | Wired | Security Policy | Network Services

Network Access Control for BYOD Deployments Identity Services Engine for Advanced Policy Management

IDENTITY PROFILING

VLAN 10 VLAN 20

Wireless LAN Controller

DHCP

RADIUS

SNMP

NETFLOW

HTTP

DNS

ISE

Unified Access Management

Single SSID

802.1x EAP User

Authentication

HQ

2:38pm

Profiling to identify device

Full or partial access granted

Company asset

Posture of the device

Policy Decision

4

5

6 Enforce policy in the network

Corporate Resources

Internet Only

One Policy

1

2

3 Personal asset

One Network

Simplified On-Boarding for BYOD

• On-boarding differentiators (1.1 MR) • Supplicant provisioning on all major platforms • In-band and out-of-band asset registration portal • Self-service, user-based registration portal • Flexible dot1x profiles—common profile for all

platforms or platform specific • Provisioning of certs with additional attributes like

UDID, MAC add, etc. • Certificate-based differentiation of service and

anti-cert copying • Black-listing and re-instating of devices

New Features for Zero Touch On-Boarding

Self Service Model

My Device Registration Portal, Guest

Sponsorship Portal

Reduced Burden on Help Desk Staff

Seamless Intuitive End-User Experience

Reduced Burden on IT Staff

Device On-Boarding, Self Registration, Supplicant

Provisioning

One Policy

Evolving Roles of ISE and MDMs

Enterprise App Distribution

& Mgmt

Inventory/Cost Management

Data Backup

Classification/Profiling Enrollment &

Registration Secure Network Access (Wireless, Wired, VPN)

Context-Aware Access Control (Role, Location,

etc.)

Cert + Supplicant Provisioning

Network Policy Enforcement

Policy Compliance (Jailbreak,

PIN Lock, etc.)

Data Loss Prevention (Container,

encryption, wipe)

ISE MDM

Enterprise App Policy

One Policy

One Management

Native ISE functionality • Profiling • Authentication • Policy Enforcement • etc.

ISE 1.0 & 1.1 Native ISE functionality • Enrollment/Registration • Self-Enroll Portal • Certificate Enrollment • Blacklisting

ISE 1.1.1 (now)

ISE – MDM API • Additional device data • Policy compliance • Data wipe

ISE 1.2 (Q2 CY12)

MDM Landscape Partner with Top MDM Providers for a Complete Solution

Management

Initial Vendors Initial Vendors

Others Vendors

Cisco Jabber Best User Experience Across Broadest Range of Platforms

Win, Mac iPad, Cius Smartphone Web

Collaboration

BYOD Smart Solution Enterprise and Commercial Solution

Small Business Mid-Market Business Enterprise Business

0–250 Employees 250–3000 Employees 3000+ Employees

Commercial • Designed to scale • SBA driven • Partner driven • Up to 2,500 users • Prescriptive solution

recommendation • Targeted products

Enterprise • Fastest time to market • CVD driven • Direct and partner driven • No user limit • Choose as you need • Larger product selection • Includes Collaboration

CVD Design

SBA Design

Summary

Summary

• BYOD impacts all areas of IT

• Workspace delivery to any device can be native, virtual, or hybrid

• BYOD implementation must address the entire ―spectrum‖ of use cases in an organization

• With Cisco, organizations can embrace BYOD with superior experience and control—Today

Let's Put These Ideas Into Action What’s Next For You?

Work, Your Way lets you differentiate yourself from your competition

Build out your workspace strategy

Consult with Cisco and Cisco partners for what works best for you

Identify the use cases you need to support Cisco BYOD Smart Solution supports where you are now, and where you need to be

Deploy the Cisco BYOD Smart Solutions

Accelerate deployments - investment protection and reduced risk

http://www.cisco.com/go/byod