Home >Technology >Enterasys Mobile IAM BYOD Brochure

Enterasys Mobile IAM BYOD Brochure

Date post:23-Jan-2015
View:1,648 times
Download:1 times
Share this document with a friend
Latest brochure for Enterasys Mobile IAM for BYOD.

2. Mobile IAMMO BILE IAM - BY OD D ONE RI GHT Addressing the true scope of mobility imperatives Employees in your enterprise are expecting to access the corporate network from their personal tablets and smartphones. Higher education long ago conceded to students demand to use their own devices on campus networks. Health care institutions have adapted to employeeBottom-line Benefits owned devices to achieve gains in workforce effectiveness and they still ensure network security, Embrace the BYOD opportunity and device performance and compliance. Why are you hesitating to fully embrace BYOD? cost savings Without doubt the sheer numbers of the types and quantities of the devices are staggering. Increase workforce productivity and morale, Industry data count 2 billion devices in use by 2015 with 75% of them used for both business engage young new-hiresand personal use. Already 75% of all trouble tickets are generated by mobile users. Management Monitor and manage risk end-to-endisnt talking about opening reqs for help desk staff. Nor do you want to be distracted from the critical strategic business initiatives requiring IT support. What are the costs of deploying a BYOD Gain control without adding IT staff, program and how can they be controlled once this Pandoras box is opened? In addition, like other keep OpEX under control IT professionals, your worries probably include maintaining the security of your network, controlling Guarantee application delivery to unauthorized access and managing more risk from new threats and vulnerabilities. mobile devices However a conservative response, avoid embracing BYOD and simply contain non-corporate owned devices, means the enterprise is squandering opportunities for significant competitive benefits. Using their own devices, staff has choice, flexibility and can more easily collaborate. Workforce productivity and morale increase. IT reduces costs by saving the expenses of procuring and maintaining corporate owned devices for every staff person. The only answer is to implement a comprehensive BYOD solution - one that addresses all your requirements: network security, seamless user experience, end-to-end visibility and control, leverage existing staff and predictable costs over the short and long term. Enterasys Mobile IAM is BYOD Done Right. It is a comprehensive solution for all classes of users, on any consumer or corporate mobile device. It delivers the highest user experience and security by controlling access to the right set of connections and resources at the right times. 3. SolutionThe Enterasys system is so easy to use for students that this is something we do not have to worryabout trouble shooting, said McHugh. The faculty is taking advantage of the wireless network, andthe students, with their own devices, are enjoying having more accessibility to the network. 4. BYO D DONE RI GHTBYOD Total security, IT simplicity with total control, seamless user experience Bring your own device (BYOD) has become an industry mega trend. However, typical BYOD solutions are seriously incomplete. They only focus on devices and the management of non-corporate owned devices. But, devices are just one part of the control problem. The most effective solution encompasses devices, types and identity, and adds attributes associated with users, locations and applications. Enterasys BYOD Done Right means total security, IT simplicity with full control and a predictable network experience for users. It provides the complete set of capabilities and features that meet the markets real need for a secure and comprehensive solution. Enterasys Mobile IAM, BYOD Done Right, is comprised of seven core capabilities: auto-discovery, multi-level device profiling, flexible onboarding, advanced context-based policy management, guest access, virtual desktopAddressing Todays Challenges infrastructure (VDI) and mobile device management integration (MDM). Enable employee choice and flexibility The solution is enabled by OneFabric Security, a distinctive security framework. OneFabric Security Deliver predictive user experience treats the infrastructure as a whole and is purpose-built to ensure that every security component Prohibit unauthorized accessis integrated and communicates with every other component. This cohesive approach provides Manage threats and vulnerabilitiesvisibility, threat detection, automated response and enforcement end-to-end. Ensure network availability and performance Purpose built for campuses and enterprises, Enterasys Mobile IAM is simple: one BYOD solution Predictive costsappliance and choice from a set of Enterasys service offerings. Your BYOD program success is assured with the engagement of Enterasys service professionals, seasoned experts who have successfully done hundreds of these implementations. Done Right means visibility and policy enforcement, end-to-end, simply and flexibly, without an army of new IT staff. 5. Done RightT H E E NTE RASY S DIFF ERE NCEUnified Management, Automatic Policy, Service GuaranteeMobile IAM provides important unique advantages which translate into greater IT control and abetter user experience. It provides granular wireless-wired network bandwidth allocation, andspecific quality of service priorities for devices by device, user, location and application. Thismeans, for example, that in a lecture or presentation setting the teacher can have the highestpriority quality of service (QoS), higher bandwidth may be allotted for essential applications andonly limited bandwidth allocated for irrelevant applications. Mobile IAM enforces policies atthe entry point into the infrastructure eliminating resource wastage and optimizing wireless andwired network bandwidth. Enforcing policy at the entry point also frees up network resources forincreased device scalability without having to add or overprovision network resources. Mobile IAMsimplifies IT operations with its intelligent automated provisioning and policy enforcement. Incontrast, alternative BYOD solutions are a complex array of separately priced products and productsub-components for a more expensive solution that is not integrated to this sophisticated level ofunified wired/wireless visibility and control.The value of Enterasys Mobile IAM, BYOD Done Right is the ability to embrace BYOD withthe knowledge that your solution is secure, scalable and delivers a demonstrably superior userexperience. Users experience simple one-step onboarding, predictable application delivery andthe flexibility to use any device. No flood of tickets to the help desk. Enterasys BYOD DoneRight does not require any additional IT resources to manage it. It scales easily to grow as devicesincrease. No matter what device they bring, the enterprise infrastructure is secure with Enterasysindustry leading capabilities: discovery, profiling and authentication; advanced context-basedpolicy enforcement; and predictive threat management. 6. MO BILE IAM APPLIANCEPurpose built Purpose built solution for a secure campus and enterpriseEnterasys Mobile IAM addresses IT challenges being driven by todays enterprise and campusmobility imperatives providing end-to-end visibility and control over individual users, devices andapplications, in multi-vendor infrastructures. It provides complete software for: identity, access andinventory management, context-based policy enforcement, end-to-end management from a single,easy-to-use management application, auditing and reporting.Policy management is the most granular in the industry including per port, per device layer 2-4access control, QoS/priority, rate limit/shape and more. Real time tracking and unique state changenotification for over 50 attributes per device and user give IT maximum visibility into all networkactivity. It offers an open architecture for assessment (MDM integration) and threat response(Next Generation Firewall (NGFW), Security Information and Event Management (SIEM), IntrusionPrevention System (IPS)). Mobile IAM can scale up to 100,000 devices, depending on theconfiguration, for the flexibility to meet current and future needs without having to buy componentsthat are excessive at the start. The Mobile IAM Appliance is available as a physical or virtualappliance to best meet your deployment needs. 7. Advanced Context-Based Policy ManagementMobile IAMs advanced context-based policy engine is the most flexible in the industry. Theattributes available for policy rule definition include authentication type, device type, user, role,location, time, and assessment status. Within each attribute, specific classifications enable themost fine-grained discriminations. It integrates with authentication services and provides unifiedwired, wireless and VPN enforcement.Auto DiscoveryAuto Discovery automatically detects end systems and users and creates a hardware inventoryfor all attached end systems. The multiple methods provided for user detection include networkauthentication using 802.1X, Kerberos and RADIUS snooping, portal-based registration andauthentication and external user-IP mapping technologies. Multiple methods are used for devicedetection with MAC authentication followed by IP resolution and reverse DNS lookup and multi-level device profiling. Auto discovery can discover and track 50 attributes per end system and userpair a level of detail that is unmatched in the industry.Multi-Level Device ProfilingMobile IAM provides a comprehensive set of profiling capabilities and APIs for integrationsto extend these capabilities even further. Features include OUI based profiling, DHCP optionfingerprinting with the ability to customize, captive portal, user agent profiling and network-based and agent-based assessment. With MDM integration granular device type and capabilityinformation is identified. With the Mobile IAM Fusion API information from external profilers thatare behavior based can be incorporated.Zero Effort and Secure Onboarding and AuthenticationWith Mobile IAM, end users experience Zero Effort onboarding. Not even portal registration isrequired with the transparent web cache/proxy redirect functionality. For flexibility portal based andautomated onboarding are two additional approaches that are provided. Portal based registrationwith back end integration into LDAP and RADIUS means zero effort for IT. With automatedonboarding Web Services are used to allow external systems, such as student management, dormmanagement, registration and enrollment portals to provision access.Managed Guest Access Control with SponsorshipGuess access management provides accountability, tracking and control. It is fully integratedwith Mobile IAM. There are no additional software modules to purchase and maintain. Guestaccess is through a voucher, pre-registration, authenticated or sponsored access. It is highlyautomated, including, for example, web-based guest registration with automatic workflow for asponsors validation and approval. No matter which vendors populate the infrastructure, MobileIAM automated guest services provide unified wired/wireless access control for all non-employees.Partners, contractors, visitors or conference attendees are productive while critical business systemsand resources are protected from misuse or compromise. 8. MO BILE IAM SERV ICESQuickest timeQuickest time to value Enterasys is confident of the value we deliver. Take advantage of Enterasys award-winning services by choosing from four implementation options. This portfolio enables you to choose the service that best fits your needs and priorities. The benefit for you is the ability to utilize expert resources to deploy your optimal solution most efficiently. Mobile IAM Professional Services include everything needed to effectively implement the solution including: auto discovery of existing infrastructure; integration with existing wired and wireless LAN; access policy definition and deployment; and as built documentation. The Fusion MDM Connect Service enables enterprises to extend the value and simplicity of Mobile IAM by integrating the MDM functions of a mobile device management product. Gain simplified management with one interface and enhance Mobile IAMs capabilities with the additional device- specific attributes and health status information available from the MDM. 9. Fusion SDN Connect Integration Service provides integration with a variety of IT systems such asPalo Alto NG-FW, IF-MAP, student onboarding systems, SEN OpenScape, Polycom and others. Theintegration automates context-based policy provisioning of network services for user, device andapplication for enhanced IT efficiency. IT also gains additional visibility into all devices, users andapplications enabling more control.Some enterprises in highly regulated industries turn to virtual desktop infrastructure (VDI)as a method to securely deliver applications for BYOD or other mobile devices. There is nodata on the device in a VDI implementation eliminating the problem of lost sensitive data if adevice is lost or stolen. But, there are important challenges with a VDI approach. How do youautomatically provision the correct access roles for each user in the data center? How can youvisualize and track who is using your VDI instances at any point in time and with which accessroles? Enterasys VDI Data Center Integration Service provides a solution in a single architecturefor the edge and data center. 10. MO BILE IAM V ERTICAL M ARKETS Education + Mobile IAM for K-12 Education Pressure for Bring-Your-Own-Device has been especially strong among K-12 schools. Cost pressures, parent and student demand, new styles of teaching, and on-line testing have all had an important role in driving this need. At the same time, insuring compliance with Acceptible Use Policy (AUP) and the Childrens Internet Protection Act (CIPA), as well as maintaining security and preventing inequities without taxing the schools limited IT resources, present major challenges in implementing BYOD for K-12 schools. Enterasys Mobile IAM controls access based on user, device, location, application in fact, it can take into account up to 50 different considerations. So a teacher using video for classroom instruction can get high bandwidth, while students in the cafeteria may be limited in their YouTube viewing. High bandwidth can also be provided for VDI use by the staff, while entertainment devices such PlayStation Portable may be barred from the network entirely. All this is easily managed by the IT staff without additional resources. Mobile IAM provides a single pane of glass for network management including BYOD device management. Teachers and students can be automatically provisioned when they first bring their devices to school. Network usage is simply monitored by user, device, location, and application to insure full compliance with AUP and CIPA. 11. HealthcareMobile IAM for Higher EducationHigher Education has some of the highest demand for Bring Your Own Device, but also faces thegreatest risks and challenges in implementing it. Faculty, staff, students, and parents all demandpermission to bring and use personal wireless devices on campus. The typical college studenttoday has between two and five personal devices, including smartphone, music player, pc, tablet,and portable game console. In the face of this device invasion, the valuable campus networkresources and data must be protected from unauthorized and malicious use.Enterasys Mobile IAM enables BYOD with complete security for the campus network and data.The context-based policy engine controls network usage based on up to 50 factors including user,device, location, and application. So high bandwidth can be provided to staff and students usingVDI. High bandwidth can also be allocated to video for instructional use. Global classrooms onremote campuses as well as distance learning in general are fully supported. But administrativeinformation is fully protected.Enterasys guarantees the Mobile IAM implementation; it is smooth to install and wont requireany additional staffing to the already-stretched higher education IT department. The network andall devices are managed with a single pane of glass. Devices can be automatically provisionedbased on the pre-determined policy. 12. Mobile IAM for HealthcareThe integration of wireless into the clinical workflow has brought an avalanche of new devicesto hospitals tablets, biomedical devices, workstations on wheels, smart phones, VoIP wirelesshandsets putting the burden on IT to successfully manage patient care and staff-ownedvoice, video and data devices. Along with these devices comes the demand for anytime,anywhere patient and clinician access. Reliable and scalable mobile solutions are of paramountimportance to hospitals, both large and small. Success will be based on their ability to deliver aconsistent user experience.Today 80% of physicians own tablets and are seeking to use them in the workplace. Unrestrictedusage could jeopardize private patient information as well as place an unacceptable burden on thenetwork. Similarly, both patients and guests request to use their personal wireless devices whilethey are in the hospital. All of these devices potentially share a network environment with criticalhospital wireless devices including location tracking systems, telemetry, and biomed devices; eachwith their independent needs for security, quality of service, data access, and bandwidth.With Enterasys Mobile IAM network resources are allocated based on up to 50 differentconsiderations, including user, device type, location, and application. This means that a doctorcan get high bandwidth to his iPad for VDI and video. Hell be able to securely check on patientdata. Biomed devices will get high priority and the bandwidth that they need. Guests can easilylog on to the network, but their bandwidth will be controlled and they will get no access tohospital data and devices.And all of these capabilities are simply managed with a single pane of glass, without puttingadditional demands on the hospitals limited IT resources. Enterasys Mobile IAM dynamicallymaintains a list of authorized users, devices, and locations to provide zero-effort onboarding andpredictable, secure application delivery.WANT TO LEARN MORE?Enterasys BYOD Done Right is the maximum solution with the minimum risk. For additionalproduct and services details please see the Enterasys Mobile IAM datasheet. To learn moreand arrange a demo, contact your local Enterasys sales representative, an authorized Enterasyspartner or visit www.onefabric.net. 2012 Enterasys Networks, Inc. All rights reserved. Enterasys Networks reserves the right to changespecifications without notice. Please contact your representative to confirm current specifications.Please visit http://www.enterasys.com/company/trademarks.aspx for trademark information.04/12

of 12/12
Embed Size (px)