Download presentation
Presentation is loading. Please wait.
Published byJonah Montgomery Modified over 9 years ago
1
©2011 Bradford Networks. All rights reserved. Secure Mobility Safely Onboarding Personal Devices to Corporate Networks
2
©2011 Bradford Networks. All rights reserved. What We Are Dealing With … 2
3
©2011 Bradford Networks. All rights reserved. BYOD Momentum The BYOD phenomenon is driving orgs to apply policies specific to personally owned mobile devices.
4
©2011 Bradford Networks. All rights reserved. Why are Personal Devices Risky? Download/Store/Forward Sensitive Information Have Access to Corporate Networks, Systems, and Data 4
5
©2011 Bradford Networks. All rights reserved. Profile of a Cyber Threat Sensitive Data is Collected and on an Innocuous Server Data Consolidation Remote Command & Control Exfiltrates Sensitive Data Data Exfiltration Data Exfiltration Malware Scans Network Segments Looking for Sensitive Data Network Scan Network Scan Unknowing User Opens a Phishing Email or Visits a Malicious Website Malicious Application Installed Malicious Application Installed Compromised Device Acts as a Back Door to The Network Compromised Device Compromised Device Can You Prevent Users From Opening Emails and Visiting Malicious Websites? Can You Contain Network Access to Minimize Your Risk?
6
©2011 Bradford Networks. All rights reserved. Managing Risk of Personal Devices Minimize Risk to the Network –Limit Network Access –Device Compliance –Forced Registration Minimize Risk to the Device –Antimalware –Encryption/Wipe –Timeouts/Passwords 6
7
©2011 Bradford Networks. All rights reserved. 3 Phases of Network Access Control Endpoint Compliance NAC has matured and will now be one of the key mechanisms for mitigating the risks of consumerization. Gartner Strategic Road Map for Network Access Control Published: 11 October 2011 ID:G00219087 Guest Networking Consumerization/ BYOD
8
©2011 Bradford Networks. All rights reserved. NAC Maturity Model BlockBlock DisregardDisregard EmbraceEmbrace Visibility Automation
9
©2011 Bradford Networks. All rights reserved. Who’s Responsible for Onboarding Devices? CIO Wired/Wireless Network Administration Wired/Wireless Network Administration Endpoint Administration Endpoint Administration IT Strategy & Architecture Network Operations Center VP of Infrastructure App/Service Administration App/Service Administration Help Desk / IT Support Help Desk / IT Support Server/DB Administration Server/DB Administration Project Management Project Management Application Development Bus Unit General Mgr Bus Analyst / IT Liaison Bus Analyst / IT Liaison End Users Business Line Management Bus Process Monitoring & Operations Application QA/Test Security Operations Center Incident Response / Forensics Identify/Access Management CISO Vulnerability Assessment CSO Security Engineering Security Engineering Director of Security Policy Awareness and Administration Policy Awareness and Administration Compliance / Risk Officer Governance, Risk, Compliance Audit and Reporting ComplianceSecurityOperationsBusiness Exec VP Mgr Staff
10
©2011 Bradford Networks. All rights reserved. Who is Bradford Networks Mission: –Safely onboard any device to any network Solution: –Experts in Network Access Control –Network Visibility –Device Discovery & Profiling –Provision Safe Network Access Visionary in Gartner MQ Leader in Forrester Wave 10
11
©2011 Bradford Networks. All rights reserved. BYOD Must Haves Who What Where When
12
©2011 Bradford Networks. All rights reserved. Granular Network Access Policies Who What Where When
13
©2011 Bradford Networks. All rights reserved. Wireless Access Points Network Access Control MAC Address Device Type Logged in User Time of Day Jailbroken AV/AS Smart Network Access Limited VLANSGuest VLANFull Access Registered/Known IP Address Operating System Access Point Switch Port Blocked Network Access
14
©2011 Bradford Networks. All rights reserved. High Risk VLAN Med Risk VLAN Guest VLAN Jailbroken AV/AS Time of Day Access Point MAC Address Device Type OS User Switch Port Secure Network Access for Mobile Devices Block
15
©2011 Bradford Networks. All rights reserved. The “BYOD Blueprint” w/MDM Safe Network AccessSafe DevicesSafe Applications Mobile Device Management Mobile Application Management Network Access Control
16
©2011 Bradford Networks. All rights reserved. 16 Traditional NAC Deployment Headquarters Data Center Remote office
17
©2011 Bradford Networks. All rights reserved. Bradford Networks Out-of-Band Architecture Mgmt Console Mgmt Appliance Location 1 Location 2 Location N ….
18
©2011 Bradford Networks. All rights reserved. Key Requirements 1 1 3 3 360° 4 4 2 2 5 5
19
©2011 Bradford Networks. All rights reserved. E DUCATION H EALTHCARE / B IOTECH F INANCIAL S ERVICES R ETAIL / H OSPITALITY G OVERNMENT / D EFENSE T ECHNOLOGY U TILITIES Key Customers by Vertical
20
©2011 Bradford Networks. All rights reserved. Key Takeaways Endpoint Compliance Guest Network Bring Your Own Device NAC Evolution 100% Visibility of Who, What, Where, When No Tradeoffs - Granular, Flexible Access Policies BYOD Requirements Experience & Best Practices Automation Makes It Feasible and Effective Methodology
21
©2011 Bradford Networks. All rights reserved. Next Steps: tmurphy@bradfordnetworks.com Request Slides / Additional Information bradfordnetworks.com/resources
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.