Secure Access using IAG 2007 Presented by: Brian Dunleavy - Healthcare Business Manager - Eurodata Susanna Watson – Pre Sales Technical Consultant - Eurodata.

Slides:

Advertisements

Similar presentations

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.

Advertisements

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Citrix ® Secure Gateway Phil Montgomery Senior Product Manager Citrix Products and Services October 2001.

Unified Logs and Reporting for Hybrid Centralized Management

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

© 2009 VMware Inc. All rights reserved VMware Updates Orlando VMware User Group – April 2011 Ryan Johnson VMware, Inc. Technical Account Manager Professional.

Security and Policy Enforcement Mark Gibson Dave Northey

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Information Security in Real Business

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Website Hardening HUIT IT Security | Sep

Norman SecureSurf Protect your users when surfing the Internet.

Customer Sales Presentation Stoneware webNetwork Powered by ThinkServer.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

XPand your capabilities with Citrix ® MetaFrame XP ™ for Windows ®, Feature Release 2.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Network Access Technology: Secure Remote Access S Prasanna Bhaskaran.

Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.

Name Company A Day in the Life… A Demonstration of Application Delivery.

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

® Gradient Technologies, Inc. Inter-Cell Interworking Access Control Across the Boundary Open Group Members Meeting Sand Diego, CA USA April 1998 Brian.

"The majority of users in a typical enterprise simply want frequent, location-independent access to a few key applications, such as , calendar and.

Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.

Terminal Services Technical Overview Olav Tvedt TVEDT.info Microsoft Speaker Community

Forefront – Security in Education Stephen Cakebread Security Solutions Sales Professional Microsoft Corporation.

Enabling Secure Always-On Connectivity [Name] Microsoft Corporation.

Citrix Secure Gateway v1.1 Customer Presentation Aug 2002 Customer Presentation Aug 2002.

"The majority of users in a typical enterprise simply want frequent, location-independent access to a few key applications, such as , calendar and.

SonicWALL SSL-VPN Series Easy Secure Remote Access Cafferata Cristiano SE Italia.

Building a Fully Trusted Authentication Environment

Module 1: Overview of Microsoft Office SharePoint Server 2007.

© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,

Edge Security with Forefront Sandeep Modhvadia Security Specialist.

Asif Jinnah Field Desktop Services Enabling a Flexible Workforce, an insider’s view.

SME in the Cloud Awingu Edition Partner presentation Rolan Linsen Combined Solutions Design | Solutions IT

© 2012 IBM Corporation IBM Worklight Overview Martin Triska – IBM Worklight specialist (420) July 2012.

David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

Total Enterprise Mobility Comprehensive Management and Security

Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.

Deployment Planning Services

AT&T Premises-Based Firewall Enhanced SBS Solution

Securing the Network Perimeter with ISA 2004

Forefront Security ISA

Threat Management Gateway

Access and Information Protection Product Overview October 2013

Check Point Connectra NGX R60

K!M SAA LOGICAL SECURITY Strong Adaptive Authentication

4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Microsoft Data Insights Summit

Brian Dunleavy NHS Business Manager, Eurodata Systems plc

Microsoft Virtual Academy

Presentation transcript:

Secure Access using IAG 2007 Presented by: Brian Dunleavy - Healthcare Business Manager - Eurodata Susanna Watson – Pre Sales Technical Consultant - Eurodata Oliver Chandler – Infrastructure Manager – Bedford Hospital NHS Trust

Agenda Eurodata Introduction Why use the Microsoft IAG 2007 Gateway? Benefits of the IAG 2007 solution What Makes Microsoft’s Application Access and Security Technology Unique? Architecture of an IAG 2007 based solution Demonstration of IAG in use at Bedford Hospital NHS Trust Q&A

Core Infrastructure focus – “Better Health” offering Excellent understanding of NHS operational requirements 40 NHS reference sites across UK N3 Code of Connection in place for support Eurodata introduced Whale Communications (Now IAG) into UK market Over 100 IAG implementations across all sectors Microsoft’s Partner of the year 2008; Security Solutions – Based upon Essex Rivers Healthcare solution success Eurodata – NHS Focus

Customers in NHS

Ensure the integrity and safety of network and application infrastructure by blocking malicious traffic and attacks Comprehensive policy enforcement drives compliance with legal and business guidelines concerning access to sensitive data The IAG provides SSL-based application access and protection with endpoint security management, enabling granular access control and content inspection from a broad range of devices and locations to line-of-business, intranet, and client-server resources. Control Access Safeguard Information Protect Assets Secure, browser- based access to corporate applications and data from more locations and more devices What is Intelligent Application Gateway?

Forefront – Where does IAG 2007 fit? Client and Server OS Server Applications Edge

Trust could benefit from offering employees remote access to their applications and information Your current systems are inflexible (IP SEC etc) You want to reduce remote access costs (CfH centrally funded IAG 2007 User CAL’s) Security is important to your organisation You are creating or updating your organization’s DR or BC plan’s You have a Microsoft based infrastructure strategy and are looking further invest in this..... Why Trusts consider the Microsoft SSL VPN Gateway?

IAG Customers in NHS

Security Full endpoint security and rich client-side policy compliance engine Physical disconnection between the Internet and internal networks Protection against network and operating system vulnerabilities Reduction of reliance on patching to protect both the SSL VPN platform and internal servers from outside threats IAG 2007 offers a comprehensive set of features, including:

How is security applied?

Flexibility Granularity of access controls based on user & access device - even within applications. Native integration to RADIUS, LDAP, Microsoft Active Directory, Windows Networks, Novell Directory and File Shares, Client Certificate, RSA SecurID and Strong Authentication tools. Ability to support multiple virtual SSL VPN’s on a single appliance. A remote access platform that can extend remote access beyond employees to vendors, partners, contractors, customers Management and Control The Microsoft IAG solution allows secure web-based monitoring from anywhere. IAG 2007 offers a comprehensive set of features, including:

Application Intelligence Out-of-the-box functionality in pre-configured modules that incorporate application-specific positive logic to protect back-end servers while allowing granular security policies based on client-machine state. Support for complex enterprise applications without requiring a component download to the client, or without opening a risky network- level connection. Highly granular endpoint compliance checks updated to mitigate the latest security threats. Technology to enforce client-side compliance policies within applications (e.g. "Can't wipe, can't download" or "No antivirus, no upload" or “Run a specific application from company-owned machines only” while allowing the rest of the respective applications to function normally). Microsoft’s technology offers a comprehensive set of features, including:

End-User Experience Intuitive User Interface with familiar Windows-like feel. Internet Explorer taskbar for easy navigation; no random pop-up windows. Non-intrusive timeouts and periodic re-authentication (users will NOT lose work due to time outs). Single Sign On (SSO) enables collection of all credentials up-front and users are not re-prompted during the current session. SSO for NTLM, form-based, PKI, and Basic Authentication schemes is supported. Remote password management including both the ability to change passwords via the SSL VPN. Microsoft’s technology offers a comprehensive set of features, including:

IAG 2007 Topology

IAG works with more applications at the application level and offers stronger security than any other SSL VPN can serve as an access platform even for partners who many not be accessing internal resources from trusted endpoints Attachment wiper to prevent residue on access device IAG offers a greater level of granularity and flexibility as a result delivers access in many situations where, in order to enforce security, other SSL VPNs block access Ability to access information not block it! Users prefer the Microsoft product over competing solutions since the user experience can be fully customized to look and function the way they want it to Other SSL VPNs limit customization to colour preferences, bookmarks and the like, while IAG allows the entire user experience to be customized Support for NHS Smartcards Used to access Spine enables PACS Integration with MOSS 2007 IAG 2007 is customised to work seamlessly with MOSS 2007 platform CSIA claims tested mark Government approved platform What Makes Microsoft’s Application Access and Security Technology Unique?

B - Background Information 2,500 users 130 servers AD 2008 Servers (Single Sign On with Terminal Server 2008) Exchange 2003 SMS 2003 ISA 2005 IAG 2007

Over 250 users ActiveSync users All with different requirements accessing the below services:- PACS (AGFA 6.2.1) General file access (web and full client) Support (for 3 rd parties) Web based applications (National and Local) Roaming users Terminal Services - why and who uses it?

Next Steps Better Health literature Case Study Demonstration Brian Dunleavy NHS Business Manager t : e :