Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Access using IAG 2007 Presented by: Brian Dunleavy - Healthcare Business Manager - Eurodata Susanna Watson – Pre Sales Technical Consultant - Eurodata.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Access using IAG 2007 Presented by: Brian Dunleavy - Healthcare Business Manager - Eurodata Susanna Watson – Pre Sales Technical Consultant - Eurodata."— Presentation transcript:

1 Secure Access using IAG 2007 Presented by: Brian Dunleavy - Healthcare Business Manager - Eurodata Susanna Watson – Pre Sales Technical Consultant - Eurodata Oliver Chandler – Infrastructure Manager – Bedford Hospital NHS Trust

2 Agenda Eurodata Introduction Why use the Microsoft IAG 2007 Gateway? Benefits of the IAG 2007 solution What Makes Microsoft’s Application Access and Security Technology Unique? Architecture of an IAG 2007 based solution Demonstration of IAG in use at Bedford Hospital NHS Trust Q&A

3 Core Infrastructure focus – “Better Health” offering Excellent understanding of NHS operational requirements 40 NHS reference sites across UK N3 Code of Connection in place for support Eurodata introduced Whale Communications (Now IAG) into UK market Over 100 IAG implementations across all sectors Microsoft’s Partner of the year 2008; Security Solutions – Based upon Essex Rivers Healthcare solution success Eurodata – NHS Focus

4 Customers in NHS

5 Ensure the integrity and safety of network and application infrastructure by blocking malicious traffic and attacks Comprehensive policy enforcement drives compliance with legal and business guidelines concerning access to sensitive data The IAG provides SSL-based application access and protection with endpoint security management, enabling granular access control and content inspection from a broad range of devices and locations to line-of-business, intranet, and client-server resources. Control Access Safeguard Information Protect Assets Secure, browser- based access to corporate applications and data from more locations and more devices What is Intelligent Application Gateway?

6 Forefront – Where does IAG 2007 fit? Client and Server OS Server Applications Edge

7 Trust could benefit from offering employees remote access to their applications and information Your current systems are inflexible (IP SEC etc) You want to reduce remote access costs (CfH centrally funded IAG 2007 User CAL’s) Security is important to your organisation You are creating or updating your organization’s DR or BC plan’s You have a Microsoft based infrastructure strategy and are looking further invest in this..... Why Trusts consider the Microsoft SSL VPN Gateway?

8 IAG Customers in NHS

9 Security Full endpoint security and rich client-side policy compliance engine Physical disconnection between the Internet and internal networks Protection against network and operating system vulnerabilities Reduction of reliance on patching to protect both the SSL VPN platform and internal servers from outside threats IAG 2007 offers a comprehensive set of features, including:

10 How is security applied?

11 Flexibility Granularity of access controls based on user & access device - even within applications. Native integration to RADIUS, LDAP, Microsoft Active Directory, Windows Networks, Novell Directory and File Shares, Client Certificate, RSA SecurID and Strong Authentication tools. Ability to support multiple virtual SSL VPN’s on a single appliance. A remote access platform that can extend remote access beyond employees to vendors, partners, contractors, customers Management and Control The Microsoft IAG solution allows secure web-based monitoring from anywhere. IAG 2007 offers a comprehensive set of features, including:

12 Application Intelligence Out-of-the-box functionality in pre-configured modules that incorporate application-specific positive logic to protect back-end servers while allowing granular security policies based on client-machine state. Support for complex enterprise applications without requiring a component download to the client, or without opening a risky network- level connection. Highly granular endpoint compliance checks updated to mitigate the latest security threats. Technology to enforce client-side compliance policies within applications (e.g. "Can't wipe, can't download" or "No antivirus, no upload" or “Run a specific application from company-owned machines only” while allowing the rest of the respective applications to function normally). Microsoft’s technology offers a comprehensive set of features, including:

13 End-User Experience Intuitive User Interface with familiar Windows-like feel. Internet Explorer taskbar for easy navigation; no random pop-up windows. Non-intrusive timeouts and periodic re-authentication (users will NOT lose work due to time outs). Single Sign On (SSO) enables collection of all credentials up-front and users are not re-prompted during the current session. SSO for NTLM, form-based, PKI, and Basic Authentication schemes is supported. Remote password management including both the ability to change passwords via the SSL VPN. Microsoft’s technology offers a comprehensive set of features, including:

14 IAG 2007 Topology

15 IAG works with more applications at the application level and offers stronger security than any other SSL VPN can serve as an access platform even for partners who many not be accessing internal resources from trusted endpoints Attachment wiper to prevent residue on access device IAG offers a greater level of granularity and flexibility as a result delivers access in many situations where, in order to enforce security, other SSL VPNs block access Ability to access information not block it! Users prefer the Microsoft product over competing solutions since the user experience can be fully customized to look and function the way they want it to Other SSL VPNs limit customization to colour preferences, bookmarks and the like, while IAG allows the entire user experience to be customized Support for NHS Smartcards Used to access Spine enables PACS Integration with MOSS 2007 IAG 2007 is customised to work seamlessly with MOSS 2007 platform CSIA claims tested mark Government approved platform What Makes Microsoft’s Application Access and Security Technology Unique?

16 B - Background Information 2,500 users 130 servers AD 2008 Servers (Single Sign On with Terminal Server 2008) Exchange 2003 SMS 2003 ISA 2005 IAG 2007

17 Over 250 users ActiveSync users All with different requirements accessing the below services:- PACS (AGFA 6.2.1) General file access Email (web and full client) Support (for 3 rd parties) Web based applications (National and Local) Roaming users Terminal Services - why and who uses it?

18 Next Steps Better Health literature Case Study Demonstration Brian Dunleavy NHS Business Manager t : 0207 549 3045 e : brianD@eurodatasystems.com brianD@eurodatasystems.com www.eurodatasystems.com/healthcare

Download ppt "Secure Access using IAG 2007 Presented by: Brian Dunleavy - Healthcare Business Manager - Eurodata Susanna Watson – Pre Sales Technical Consultant - Eurodata."

Similar presentations

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.

EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Citrix ® Secure Gateway Phil Montgomery Senior Product Manager Citrix Products and Services October 2001.

Citrix ® Secure Gateway Phil Montgomery Senior Product Manager Citrix Products and Services October 2001.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
© 2009 VMware Inc. All rights reserved VMware Updates Orlando VMware User Group – April 2011 Ryan Johnson VMware, Inc. Technical Account Manager Professional.

© 2009 VMware Inc. All rights reserved VMware Updates Orlando VMware User Group – April 2011 Ryan Johnson VMware, Inc. Technical Account Manager Professional.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Information Security in Real Business

Information Security in Real Business
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Similar presentations

Ads by Google