BYOD - protecting your schoolPrepare your school’s network with Sophos UTM Wireless Protection
AgendaAgenda
Agenda
2
What is BYOD?
BYOD Benefts
BYOD PreparationConcerns &
Considerations
How Sophos UTM can help
Q & A
What is BYOD?
• General term which may mean different things to different people
• Big topic that covers more than just technology• Most people agree it means allowing personal devices to
access business networks• Also used to describe programs where equipment is
provided (1:1 initiatives)• BYOD concerns relate to both policy and infrastructure• Today, we’ll focus mostly on infrastructure concerns
3
Why the trend?
BYOD Benefits to Schools
• U.S. Department of Education suggested BYOD in 2010 National Technology plan• http://www.ed.gov/technology/netp-2010/executive-summary
• Technology may enhance:• Creativity and Innovation
• Communication and Collaboration
• Critical thinking, Problem solving, Decision-making
• Present concept of Digital Citizenship
• Tech skills are essential for modern life and business• BYOD may save money
• On equipment, apps, and management
4
What should you be thinking of if you’re planning a BYOD initiative?
BYOD Preparations
• BYOD Policy• What are we trying to accomplish?
• What’s acceptable use for equipment and network?
• Infrastructure• What do we need to support the policy?
• Do we have the proper equipment or do we need to purchase?
• Impact on community• Are teachers prepared to use and maybe support devices?
• Privacy concerns, can all students afford devices, do parents support, etc…
5
The Network
BYOD Infrastructure Considerations
• How many new users/devices are you adding onto your network? Twice as many? 3 times?
• Will your current network handle that traffic?• What are the security risks? (How can we ensure that
Guest and/or BYOD traffic is segregated?• Will current network and web security solutions be able
to support BYOD policy? • How much extra work is this going to be for IT staff?
6
The Network
BYOD Infrastructure Considerations
• Network & Web Security equipment should provide (at least):• QOS functionality to shape bandwidth
• Content filtering to enforce CIPA
• Application Control (Next Generation Layer 7 Firewall)
• Ability to scale as demands increase
• Reporting
7
Your Wireless solution and its capabilities
BYOD Infrastructure Considerations
• Does it support multiple SSID’s (wireless zones)?• What security policies does it offer?• What levels of encryption does it offer?• How easy it is to add capacity?• What are the Guest capabilities?• How much work for staff to deploy and manage?
8
Your Wireless solution and its capabilities
BYOD Infrastructure Considerations
• Wireless Solution should provide (at a minimum):• Multiple Wireless Zones
• At least WPA2 encryption
• Ability to integrate with security solutions
• Usage reporting
• Guest Options
9
How can Sophos help with BYOD?
• Sophos Mobile Device Management solution
• Sophos Endpoint protection for Laptops
• Sophos UTM Wireless Protection
10
Sophos Wireless Protection
• Easy deployment of Access Points• Simple setup and management of zones• Enterprise level encryption• Configurable Guest options• Integrated protection via UTM security suite• Easily scales to meet increased demand
11
Sophos UTM Wireless Protection
12
Components
Now also available
Sophos AP 50
Sophos AP 10 / AP 30
AP 10
• Up to 10 users
• 150 Mbit/s throughput
• 1 x 10/100 Base TX
• IEEE 802.11 b/g/n
• 1 x detachable dipole antenna
• Power consumption: < 8 Watt
• Desktop/wall mounting
AP 30
• Up to 30 users
• 300 Mbit/s throughput
• 1 x 10/100 Base TX
• IEEE 802.11 b/g/n
• 3 x internal antennas
• Power consumption: < 8 Watt
• Desktop/ceiling mounting
• Power over Ethernet (IEEE 802.3af)
13
Plug and Play Access Points for classrooms
PoE-Injector included!
Sophos AP 50Plug and Play Access Points for common areas
14
• Dual-band/dual-radio access point
• IEEE 802.11 a/b/g/n support
• Support for up to 50 users
• 300 Mbit/s throughput
• 1 x 10/100/1000 Base TX
• PoE+ compatibility (IEEE 802.3at)
• Power consumption: < 10 W
• 2 x 2.4G/5G detachable antenna
• Desktop/wall mounting
PoE-Injector included!
Centralized Management
15
Built-in wireless controller
Sophos UTM
Easy installation
16
Guest
Student Staff
Sophos UTM
Guest Portal Hotspot support
Most flexible UTM based Hotspot solution
• Manage temporary Internet Access for guests
• Options for: Configurable Usage agreement and
logos Automatic ‘Password of the day’ Quota’s on time and usage
Part of UTM Wireless Subscription
17
Flexible access for the entire organization
18
Sophos Access Points can be placed anywhere in your organization. Easily create multiple separate wireless zones.
Sophos UTM Wireless Protection
19
AdvantagesEasy installation and management
• Centralized configuration (all work done via UTM GUI)
• Plug and Play Access Point simplify deployment
Secure and reliable• Integrated UTM security for wireless devices
• Best protection for wireless connections (separate zones, isolate client connections, configure quota’s)
Flexible access• Easy Internet access options for guests
• Multiple SSID support for varying levels of access
Integrated security
20
Once connected to the UTM easily integrates with other security features
Integrated UTM Security
Strong Encryption
Sophos UTM
UTM Security features
21
Optional Subscriptions provide the security features you want
• Wireless controller • Multi-zone (SSID) support• Captive Portal
UTM Wireless Protection
• URL filter• Antivirus & antispyware• Application control• Reporting
UTM Web Protection
• Reverse proxy• Web application firewall• Antivirus
UTM WebserverProtection
• Intrusion prevention• IPSec/SSL VPN & RED• HTML5 VPN Portal• Reporting
UTM Network Protection
• Anti-spam & -phishing• Dual virus protection• Email encryption
UTM EmailProtection
• Stateful firewall• Network address translation• PPTP/L2TP remote access
Essential Network Firewall
• Antivirus• HIPS• Device Control
UTM EndpointProtection Antivirus
optional
Sophos UTM fit any size network
22
HardwareAppliance UTM 110/120 UTM 220 UTM 320 UTM 425 UTM 525 UTM 625 Multiple
+ RED
Environment Small network
Medium network
Medium network
Large network
Large network
Large network
Large networks+ branches
Network ports 4 8 8 6 & 2 SFP 10 & 4 SFP 10 & 8 SFP Multiple
Max. recommended firewall users
10/80 300 800 1.500 3.500 5.000 10.000+
Max. recommended UTM users
10/35 75 200 600 1.300 2.000 5.000
Software Appliance * Runs on Intel-compatible PCs and servers
VirtualAppliance *
VMware Ready & Citrix Ready certified Runs in Hyper-V, KVM, and other virtual environments
*Pricing based #IPs/Users
Questions?
Resources
• National Educational Technology Standards • http://www.iste.org/STANDARDS
http://digitalcitizenship.net/
http://www.zdnet.com/how-to-write-a-byod-policy-7000003502/
http://www.fathomdelivers.com/the-benefits-and-risks-of-byod-in-schools/
23
Staying ahead of the curve
US and Canada 1-866-866-2802
http://nakedsecurity.sophos.com