1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.

Slides:



Advertisements
Similar presentations
Web Services Security Requirements Stephen T. Whitlock Security Architect Boeing.
Advertisements

Authenticated QoS Signaling William A. (Andy) Adamson Olga Kornievskaia CITI, University of Michigan.
ASGC Site Update Yi-Ping Wu Jeng-Hsueh Wu. Two Significant Researches 1.Oracle Security issues and Studies for 3D 2.Streams Replications Study Report.
SUNNYSLOPE SCHOOL PROJECT BY SWG ENGINEERING Group Members CINDY CINDY STEVE STEVE GALLO GALLO York Technical College Cisco Networking ACADEMY.
Austin Wilson Microsoft Corporation Directory Enabled Networking with Active Directory.
Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.
Active Directory: Final Solution to Enterprise System Integration
The Internet & The New IT Infrastructure Chapter 9.
Larry Edie & Annie Ballew.  Who are you users?  What do you know about your users?  How can you cost-effectively manage this information?  How can.
PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.
1 Presentation_ID © 1999, Cisco Systems, Inc. Programmable Networks OPENSIG-99 Industry Panel John Hopprich.
Security and Policy Enforcement Mark Gibson Dave Northey
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  
Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India
Using RADIUS Within the Framework of the School Environment Charles Bolen Systems Engineer December 6, 2011.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
UAGSharePoint InternetIntranet.
Chapter 11: Dial-Up Connectivity in Remote Access Designs
Chapter 14 Network Management Business Aspects Architectures Technology.
Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.
Clinic Security and Policy Enforcement in Windows Server 2008.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Routing and Switching in the Enterprise – Chapter 1 Networking.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Unified Student-Centric Authentication and Authorization Nathan Wilder Special Assistant - Technology Office of the CIO.
January 2001 Richard Paine, BoeingSlide 1 doc.: IEEE /050 Submission Boeing Enterprise User Scenario Wireless VOIP Mobile Nets DEN Richard Paine.
Distributed System Administration From “The Continuing Evolution of Distributed Systems Management” by Westerinen and Bumpus (DMTF) Week-7.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
Middleware challenges to service providers, the Nordic view TERENA, Ingrid Melve, UNINETT.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
Copyright ©Universalinet.Com, LLC 2009 Implementing Secure Converged Wide Area Networks ( ISCW) Take-Aways Course 1: Cable (HFC) Technologies.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.
1 © Copyright IBM Corporation 2000 TPF in a Distributed World Stuart Waldron October 16, 2000 Any references to future plans are for planning purposes.
Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall.
Module 4: Planning, Optimizing, and Troubleshooting DHCP
Module 11: Remote Access Fundamentals
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
Appendix A UM in Microsoft® Exchange Server 2010.
AIMS’99 Workshop Heidelberg, May 1999 P805: Internet Roaming Giuseppe Sisto - Telecom Italia / CSELT Project participants:
Sudha Iyer Principal Product Manager Oracle Corporation.
How to create DNS rule that allow internal network clients DNS access Right click on Firewall Policy ->New- >Access Rule Right click on Firewall.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Internet Authentication Service.
Module 11: Securing a Microsoft ASP.NET Web Application.
Lecture 5: User Accounts & Directory Service Instructor: Dr. Najla Al-Nabhan
Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.
Identity and Access Management Siddharth Karnik. Identity Management -> Oracle Identity Management is a product set that allows enterprises to manage.
Using RADIUS as a AAA backbone for Windows networks Kostas Kalevras NTUA Network Operations Centre.
Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.
Chapter 3 Selecting the Technology. Agenda Internet Technology –Architecture –Protocol –ATM IT for E-business –Selection Criteria –Platform –Middleware.
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Network Services. Domain Controllers: – Used for Account management (e.g. user accounts, group accounts Register Hardware like Printers and PC Authentication.
Building Corporate Data Networks – A Case Study
Mar 27, 2000IETF 47 - Pyda Srisuresh1 Secure Remote Access with L2TP Pyda Srisuresh.
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
ORNL Site Report ESCC July 15, 2013 Susan Hicks David Wantland.
1 Seminar: Pervasive Computing 2004 Automatic mobile device configuration: Status & open challenges Stefan Hoferer Supervisor: Andreas Fasbender.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Secure Connected Infrastructure
Chapter 14 Network Management
Cisco ISE 1.2 Mobile Device Management Integration
Configuring and Troubleshooting Routing and Remote Access
EA C451 Vishal Gupta.
Common Security Mistakes
Distributed Systems Bina Ramamurthy 12/2/2018 B.Ramamurthy.
Presentation transcript:

1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems

2 Directories and Policy-Based Networking - Strassner Users Applications Computers... Configuration Complexity Need for Policy Application/ Network Integration Network Devices Network Services Network Resources Intelligent Network Inconsistent Policies

3 Directories and Policy-Based Networking - Strassner Policy-Based Networking Directory Enabled User Requirements Network Services

4 Directories and Policy-Based Networking - Strassner What is a Network Policy? Linkage Between User, Applications, and Network Services Enterprise Policy Mobility Firewalls Campus What are my policies? Where are my users? What are their privileges? UNIVERSAL PASSPORT Kjkjkjdgdk kjdkjfdkI kdfjkdj IkejkejKkdkd fdKKjkdjd KjkdjfkdKjkd Kjdkfjkdj Kjdk USA ************************ Kdkfldkaloee kjfkjajjakjkjkjkajkjfiejijgkd kdjfkdkdkdkddfkdjfkdjkdkd kfjdkkdjkfd kfjdkfjdkjkdjkdjkaj kjfdkjfkdjkfjkjajjajdjfla kjdfkjeiieie fkeieooei

5 Directories and Policy-Based Networking - Strassner Prioritize Applications QoS Policy Server QoS Policy Server Net Manager Campus Backbone Training Servers Public Frame Relay Order Entry, Finance, Manufacturing Remote Campus Create QoS policy »Mission-critical—high Distribute policy bindings »QoS Policy Servers »Network enforcement nodes

6 Directories and Policy-Based Networking - Strassner Restrict Multimedia Applications QoS Policy Server QoS Policy Server Net Manager Campus Backbone Training Servers Public Frame Relay Order Entry, Finance, Manufacturing Remote Campus Create QoS policy »Multimedia bandwidth less than 100 kbps RSVP Proxy Policy enforcement

7 Directories and Policy-Based Networking - Strassner PSTN ISDN Campus Backbone AS 5300 Remote Access Policy Mobile Users EncryptedID/Password ID/PasswordID/PasswordID/PasswordID/PasswordID/PasswordID/Password CiscoSecure Telecommuters Authentication, Authorization, Accounting (AAA) Centralized administration

8 Directories and Policy-Based Networking - Strassner New Management Paradigm New Model for Integration the Management Intranet » WEB Link integration » WEB Data Integration » WEB Task Integration Knowledge-Based Operations for Assured Network Services » Local network knowledge » Vendor-augmented knowledge » Change notification

9 Directories and Policy-Based Networking - Strassner HTTP, LDAP, etc. Data Description Transport Encoding Access WBEM Environment

10 Directories and Policy-Based Networking - Strassner The Management Intranet Heterogeneous Management Servers CiscoMicrosoft IntelCompaq BMC CIM/XML CIM DEN XML MOF Directory Device ID Digital Certificate

11 Directories and Policy-Based Networking - Strassner Other Vendor Intelligent Network Management Device Service Device Service Helpdesk, Trouble-ticket, Event-Based Middleware Database App System Management Server Desktop Network Other Vendor Service

12 Directories and Policy-Based Networking - Strassner Role of Directories Common information model User profiles, applications, and network services Single-user identity Integrated policies Desktop Application User Network Integration Directory Services

13 Directories and Policy-Based Networking - Strassner Multi-Service Profiles cisco.com Password = cisco vpdn:tunnel-id=cisco-gw vpdn:ip-addresses= vpdn:nas-password=12000 vpdn:gw-password=GSR VoIP Password = cisco vpdn:tunnel-id=voip-gw vpdn:ip-addresses= vpdn:nas-password=pin vpdn:gw-password=drop Games Password = cisco vpdn:tunnel-id=games-gw vpdn:ip-addresses= vpdn:nas-password=Space vpdn:gw-password=Invader Service Profiles User Profiles jdoe Password = letmein Service = Internet Service = cisco.com Service = Games GroupA Service = Internet Service = coke.com Service = Games Dashboard Guest Password=No Password Service = Internet Service = VoIP Service = Games

14 Directories and Policy-Based Networking - Strassner Scalable Policy Infrastructure Server Cache LDAP Policy Engine Security Addresses RADIUS DNS/DHCP LDAP LDAP Distributed Policy Enforcement Intelligent Infrastructure Central Policy Repository Services and SLAs User and Devices Profiles and Policies Policy Engine QoS LDAP

15 Directories and Policy-Based Networking - Strassner

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.