bring your own device - wwo.techdata.ptwwo.techdata.pt/aa/121130_fti_apresentacoes/pdf's... ·...
TRANSCRIPT
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Bring Your Own Device Desafios para a Rede, Oportunidades para o Negócio Rui Fernandes Borderless Networks PSS Portugal 13 November 2012
Blurring the Borders
Anyone, Anywhere,
Anytime
Consumer ↔ Workforce Employee ↔ Partner Physical ↔ Virtual
19 Billion Mobile devices by 2016
Mobile Devices
IT Resources
MOBILITY WORKPLACE EXPERIENCE
Changing the Way We Work
72% of the World’s Mobile Data Traffic will be Video in
2016
VIDEO
Source: Cisco VNI Global Forecast, 2011–2016
19 billion networked mobile devices by 2016
3/4 of employees uses MULTIPLE
DEVICES for work
56% of information workers
spend time working OUTSIDE THE OFFICE
100% of IT staff STRUGGLE
to keep up with mobile needs
Source: Gartner; Cisco VNI Global Forecast, 2011–2016
By 2016, wi-fi will account for nearly half of all IP traffic. By 2016, nearly one-third of total IP traffic will come from devices other than PCs.
72%
74%
75%
79%
80%
83%
0% 20% 40% 60% 80% 100%
Employees who bring consumer devices into theworkplace are more productive
Employees bringing consumer devices into theworkplace and IT support of them is inevitable
Allowing employees to bring consumer devicesas a company policy increases morale
Our senior executives expect us to support theiruse of consumer devices
Our IT department’s workload increases as employees bring consumer devices into the
workplace
Tablets such as iPads and similar devices will bean integral part of how we conduct business in
the future
% of Respondents Who Agree That…
Source: IDC, Sponsored by Unisys, 2011 Consumerization of IT Study; Business IT Survey
15 billion new networked mobile
devices by 2015
3/4 of employees uses MULTIPLE
DEVICES for work
56% of information workers
spend time working OUTSIDE THE OFFICE
100% of IT staff STRUGGLE
to keep up with mobile needs
Increase Productivity Attract Employees
Drive Innovation
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
O Que é BYOD „Bring your Own Device‟?
―Permite ao utilizadores usarem os dispositivos que escolherem, aumentando
desta forma a sua produtividade e mobilidade,
de uma forma segura‖
* Estes dispositivos podem ser adquiridos pelo empregado ou fornecidos pela empresa
“BYOD significa … qualquer dispositivo, usado em qualquer lugar e agnóstico a quem “pertence”
Fonte: Cisco IT
BYOD: A Company-Wide Project
Network Team
Human Resources
Compliance Operations
Security Operations
Application Team
Endpoint Team
109% more devices 48% more users 19% fewer cases
29% lower per user cost 33% higher satisfaction
*2 year comparison
Beyond BYOD
BYOD Beyond BYOD
Device Onboarding and Guest Access
Unified Policy
Uncompromised User Experience
Simplified IT experience
The Optimized Experience for Every Workspace
Environment Requires
Tight Controls
Corp Only Device
Focus on Basic Services,
Easy Access
Broader Device Types
but Internet Only Simple Guest
Secure Access to Business Applications
Onsite/Offsite
Multiple Device Types + Access Methods
Early BYOD Commercial Adopters
All Key Applications, New Services, Full Control
Any Device, Any Ownership
Innovative Organizations
LIMITED ACCESS
Hospital (Example)
Hospital extends wireless access to employees for corporate devices – laptop, iPad, smartphone
Hospital provides guest access to patients
Doctor uses personal device in hospital and offsite on the train with access to some hospital applications
Hospital administrator is granted full network access to applications with new collaboration services
IT Requirements • Visibility to who/what is on network
• Restrict access to only corporate issued devices
• Restrict personal devices to public internet
• Restricted access to internal sites
• Allow granular onsite and offsite access to network/applications for personal and company devices
• Enable a full mobile and collaboration experience
Business Policy
Device Types
BASIC ENHANCED ADVANCED
Cisco BYOD is an Holistic Approach Made of complementing building blocks
MDM
AnyConnect, ASA, ScanSafe, WSA
ISE
Wired and Wireless Management—Prime
WebEx, Jabber
Workspace Management
Secure Mobility
Policy Management Infrastructure
Unified Infraestructure
Applications
Basic
Advanced
Enhanced
VPN External Wi-Fi Internal Wi-Fi Wired
Devices Layer
Smartphones
Desktop/Notebooks
Tablets
Connectivity Layer
Firewall Router Wireless Switching ISE NCS Prime
ISE NCS Prime AnyConnect
` ISE NCS Prime Webex
MDM
Build on What Your Customer Already Has
Limited Access – Corporate Owned
Wireless Access for BYOD Cisco Mobility Technology for High Performance Wireless Network
CleanAir ClientLink 2.0 VideoStream
Improved Performance
Proactive and automatic interference
mitigation
AP 3600/2600
Improved Performance
Proactive and automatic beam
forming for 802.11n and legacy clients
Improved Performance
Wired multicast over a wireless
network
Access Point Innovation
The Tablet AP, enhanced throughput
and coverage for advanced applications for tablets and smart
devices
Unified Access
• Discover and profile end devices with
IOS Sensor • Identity-based access control with no
impact using Monitor Mode • Link layer encryption with policy
enforcement via MACsec • Network visibility to security
vulnerabilities with Flexible NetFlow • Attack forensics with Smart Logging
and Telemetry • Improve network visibility and
mitigate attacks with Flexible NetFlow
Cisco Switching Differentiators
Cisco Switching Differentiators for BYOD Cisco Switches Scale to Meet Diverse Deployment Scenarios
Unified Access
Enabling the BYOD Experience
High Availability
Catalyst 3K-X
Catalyst 4K
Next Generation Workspace
Any Device HD Video
Lower TCO
PoE Leadership Video Security
VDI
Smart Operations
Seamless Remote Access ASA, AnyConnect, WSA, ScanSafe for Remote Access and Web Security
Experience
Connectivity that is intelligent, simple, and
always on
Security
Highly secure mobility across the rapidly increasing number of managed and unmanaged
mobile devices
Enforcement
Security policy enforcement that is context-aware, comprehensive, and
preemptive
Unified Access
Social Networking Enterprise SaaS
Email News
Cisco Web Security
Appliance
Information Sharing Between ASA and WSA
Corporate AD
Users Outside the Network ASA
Cisco Cloud and Web Security
ScanSafe
Universal Management for BYOD Deployments Cisco Prime Infrastructure for Unified Network Management
Improved Network Visibility Faster Troubleshooting Eliminate Configuration Errors
Unified Management
Converged Security and Policy Monitoring Contextual status and monitoring dashboards across wired and wireless networks
Centrally Organizes Day 1-to-n Management tasks Instructional configuration workflows
Reduces the Time to Troubleshoot Integration with Cisco Prime Infrastructure
Converged Access Management for Wired and Wireless Networks Wireless | Wired | Security Policy | Network Services
Network Access Control for BYOD Deployments Identity Services Engine for Advanced Policy Management
IDENTITY PROFILING
VLAN 10 VLAN 20
Wireless LAN Controller
DHCP
RADIUS
SNMP
NETFLOW
HTTP
DNS
ISE
Unified Access Management
Single SSID
802.1x EAP User
Authentication
HQ
2:38pm
Profiling to identify device
Full or partial access granted
Company asset
Posture of the device
Policy Decision
4
5
6 Enforce policy in the network
Corporate Resources
Internet Only
One Policy
1
2
3 Personal asset
One Network
Simplified On-Boarding for BYOD
• On-boarding differentiators (1.1 MR) • Supplicant provisioning on all major platforms • In-band and out-of-band asset registration portal • Self-service, user-based registration portal • Flexible dot1x profiles—common profile for all
platforms or platform specific • Provisioning of certs with additional attributes like
UDID, MAC add, etc. • Certificate-based differentiation of service and
anti-cert copying • Black-listing and re-instating of devices
New Features for Zero Touch On-Boarding
Self Service Model
My Device Registration Portal, Guest
Sponsorship Portal
Reduced Burden on Help Desk Staff
Seamless Intuitive End-User Experience
Reduced Burden on IT Staff
Device On-Boarding, Self Registration, Supplicant
Provisioning
One Policy
Evolving Roles of ISE and MDMs
Enterprise App Distribution
& Mgmt
Inventory/Cost Management
Data Backup
Classification/Profiling Enrollment &
Registration Secure Network Access (Wireless, Wired, VPN)
Context-Aware Access Control (Role, Location,
etc.)
Cert + Supplicant Provisioning
Network Policy Enforcement
Policy Compliance (Jailbreak,
PIN Lock, etc.)
Data Loss Prevention (Container,
encryption, wipe)
ISE MDM
Enterprise App Policy
One Policy
One Management
Native ISE functionality • Profiling • Authentication • Policy Enforcement • etc.
ISE 1.0 & 1.1 Native ISE functionality • Enrollment/Registration • Self-Enroll Portal • Certificate Enrollment • Blacklisting
ISE 1.1.1 (now)
ISE – MDM API • Additional device data • Policy compliance • Data wipe
ISE 1.2 (Q2 CY12)
MDM Landscape Partner with Top MDM Providers for a Complete Solution
Management
Initial Vendors Initial Vendors
Others Vendors
Cisco Jabber Best User Experience Across Broadest Range of Platforms
Win, Mac iPad, Cius Smartphone Web
Collaboration
BYOD Smart Solution Enterprise and Commercial Solution
Small Business Mid-Market Business Enterprise Business
0–250 Employees 250–3000 Employees 3000+ Employees
Commercial • Designed to scale • SBA driven • Partner driven • Up to 2,500 users • Prescriptive solution
recommendation • Targeted products
Enterprise • Fastest time to market • CVD driven • Direct and partner driven • No user limit • Choose as you need • Larger product selection • Includes Collaboration
CVD Design
SBA Design
Summary
• BYOD impacts all areas of IT
• Workspace delivery to any device can be native, virtual, or hybrid
• BYOD implementation must address the entire ―spectrum‖ of use cases in an organization
• With Cisco, organizations can embrace BYOD with superior experience and control—Today
Let's Put These Ideas Into Action What’s Next For You?
Work, Your Way lets you differentiate yourself from your competition
Build out your workspace strategy
Consult with Cisco and Cisco partners for what works best for you
Identify the use cases you need to support Cisco BYOD Smart Solution supports where you are now, and where you need to be
Deploy the Cisco BYOD Smart Solutions
Accelerate deployments - investment protection and reduced risk
http://www.cisco.com/go/byod