byod面面觀 安全、 管理、後端整合•security varies between ios and android...
TRANSCRIPT
Andrew Wang EUC BDM Dell
BYOD面面觀-安全、管理、後端整合
2 Confidential
The Evolving Workforce Consumer trends drive a sea change in enterprise computing
3 Confidential
BYOD Network Topology
2013/10/8
Internet
Core Network
LAN Clients
Data Center
Networking
4 Confidential
BYOD Network Topology
2013/10/8
Internet
Core Network
LAN Clients
Data Center
Networking
Mobile Devices – 77% of devices used at work chosen by employee
• Security varies between iOS and Android
• Traditional image mgmt. not an option
• Application access exposes data
• Consumer applications share data
Data Security – 7 of 10 Employees break policy
• Data is not encrypted in transit
• Many consumer apps have viruses
• Network access must be controlled
1
2
Applications – 60%+ of ITDM’s see app access as essential for BYOD
• Workers require more than email
• Must protect the data in business apps
• Developing mobile apps is costly and
difficult
3
Infrastructure – 3.3 Connected Devices Per User
• Even VPN on-site connectivity still a threat
• Consumer apps can degrade network
performance
• Scaling network in a traditional way is not
realistic
4
Dell Data Protection & Encryption
On Device and In the Cloud
Dell SonicWall Secure Remote Access & Next-Gen Firewalls
ProSupport for Multi Vendor
Dell KACE Appliances
Dell Wyse Cloud Client Manager
“How can I get IT control
of consumer devices?
“What happens to my data once it leaves my
network?”
The End-to-End BYOD Solution Portfolio Best in Class Solutions for Each Customer Pain Point
QUEST IAM/Webthority
PowerConnect W & ClearPass Guest Connect
Pocket Cloud
Application Development Services “How can I get people
the apps they need to drive productivity?”
Infrastructure Consulting
“How do I control how BYOD affects my core
network?”
6 Confidential
Mobile Device Management With K-3000 or Wyse Client Cloud Manager
2013/10/8
Internet
K3000
Cloud Client
Manager
• On-Device client creates device control for ITDM
• On-Prem MDM console for <10K Users
• Policy and device configuration
• Device and app management • Surpasses normal MDM as ITDM’s
can manage PC’s, servers, virtual machines and smart devices with one console
• Saas MDM console • Policy and device
configuration • Device and app
management • Augments normal MDM
with thin client, remote desktop and content management
1
Manage Devices Competitive Matrix
Monitor Device Status, Jailbroken or Rooted, Network Connection,
with Alerts
Cloud Client
Manager
* Based on Gartner feature matrix
Robust role based admin + reporting
Active Monitoring
Administration and Reporting
Email Containerization
Document Containerization
Device Wipe, Password Protect
Device Management Device Wipe, Password Protect, Locate Device
Device Wipe, Password Protect, Locate Device
Device Wipe, Password Protect, Locate Device
Policy Management Role Base Policy Administration
Role Base Policy Administration
Role Base Policy Administration
Role Base Policy Administration
Device Configuration
`Configure Device Features from the Admin
Console
`Configure Device Features from the Admin
Console
`Configure Device Features from the Admin
Console
`Configure Device Features from the Admin
Console
Monitor Device Status, Jailbroken or Rooted, Network Connection,
with Alerts
Monitor Device Status, Network Connection,
with Alerts
Monitor Device Status, Jailbroken or Rooted, Network Connection,
with Alerts
Robust role based admin + reporting
Manual role based policy administration
Robust role based admin + reporting
Containerized Email and Application Management
Android only with Touchdown
Android only with Touchdown
Secure Corporate Container
Secure Document Container Only
Pocket Cloud
Device Configuration
Application Management
K-3000
Anyone with Exchange Server Access can Alter
Policies
Device Wipe, Password Protect
No
No
No
No Application Distribution, Inventory, White List /
Black List
Application Distribution, Inventory, White List /
Black List
Application Distribution, Inventory, White List /
Black List
Application Distribution, Inventory, White List /
Black List
No
No No
No
8 Confidential
Secure Data Secure Access and Data with SonicWALL
2013/10/8
Internet
Core Network
Data Center
Networking
• Secure remote access solution for Windows, Mac, Linux and mobile devices
• Mobile Connect uses small On-Device client to configure SSL VPN on iOS and Android
• Aventail VPN provides authentication and access control
• Bandwidth throttling by application type • Network Security Appliance provides
deep packet inspection scanning of network traffic
2
SonicWALL SSL VPN
Secure Remote
Access
SonicWALL Next Generation
Firewalls
Secure Remote Access Competitive Matrix
No
SonicWALL Aventail
No
Integrated One-time Password (OTP)
ICSA Certification
Cross-platform Clientless Access (Windows, Mac, Linux, tablets,
smartphones)
Cross-platform Client Access (Windows, Mac, Linux, iOS, Android)
Yes/Partial Cache Control and Secure Virtual Desktop
Partial/No Yes/Yes Yes/Yes
End Point Control (Windows, Mac, Linux, iOS, Android)
Yes Partial Partial Yes
Secure Virtual Access
No No No Yes
No Yes Yes
No Yes Yes
Yes Yes Yes Yes
Yes Partial Yes
Resource or Object-based Access Controls
FIPS 140 Certification – No additional Hardware Required
Certain models require additional hardware
module
Requires additional hardware
Requires additional hardware
Entire appliance and software solution are
certified
Yes
Partial – Secure Meeting available
Yes Yes Yes
Secure and control data across all mobile and portable endpoints
• Device detection and enforced provisioning across all connections
• Local policy enforcement ensures data protection travels with the device at all times
• Scalable, single point of management and control for all platforms
• Encryption enabling collaboration in public cloud storage services such as Dropbox and Box
10 Confidential 2013/10/8
Secure Data Dell Data Protection | Encryption
DDP|E
Enterprise
Server
Admin Console
Active Directory
Enterprise Applications, Databases, Email
2
Exchange with
DDP|E OTA Sync
Control
Business Owner
DDP|E Policy
Proxy
DDP|E Proxy Policy
DMZ
FIR
EW
ALL
FIR
EW
ALL
Local Protected
Devices
Dell Data Protection | Encryption Comprehensive lineup of endpoint protection products
Confidential 11 2013/10/8
Enterprise Edition Centrally managed data-centric encryption software (Includes External Media Edition)
Personal Edition Locally managed data-centric encryption software (Includes External Media Edition)
Hardware Crypto Accelerator Full volume encryption exclusive technology with FIPS 140-2, Level 3 certification (Available on Dell Latitude, OptiPlex and Precision; Sold with either Enterprise or Personal Edition)
External Media Edition Encrypts external media devices; set policies for encryption or disable ports all together
BitLocker Manager Easily manages Microsoft BitLocker™ for comprehensive protection, auditing and compliance
Mobile Edition Encrypts mobile devices (Android, iOS) with management capabilities
Cloud Edition Encrypts end user files in public clouds where user keeps the keys & controls who has access
12 Confidential
Develop and Modernize Apps Create and Deliver Applications
2013/10/8 Data Center
Deliver
Cloud Client Manager
K-3000
Define
• Requirement analysis
• Scope and sign-off
• Prepare project plan
Design
• Usability interface
• Wireframes
• Visual design
Test
• Test cases and scripts
• Across multiple platforms
Deploy & Support
• App store certification
• Pro-active support
Development • iOS, Android, BB, WP7,
Windows 8. etc.
• MEAP-based cross-platform dev
• Certification-compliant design
3
13
Remote access to apps and files on your computers and virtual environments
Features
o Fast efficient, easy access to PC, Mac and Virtual desktop
o Connects to any desktop securely with RSA two-factor authentication
o Supports Standard Protocols: MS RDP 7, VNC, VMWare View
o Device Auto Discovery, simple interface
o Multi-touch with Touch Pointer and Rich Gestures
o High precision and easy control
Benefits
o Minimal setup and configuration
o Up to 50% faster over 3G/4G than RDP 5.2.
o SSL & FIPS encryption, RSA2 Factor Authentication (VMWare certified)
o Intuitive interface designed for smaller screens
o Multiple connections in Pro version
o Access sensitive files with enterprise-grade performance / security
PocketCloud Remote Desktop Pro 3
14
PocketCloud supports more Hosts, Connections and Features
15 Confidential 2013/10/8
Intranet Access
Optimize Infrastructure QUEST Webthority
File Server
Active Directory
Enterprise Applications, Databases, Email
4
• User accesses any browser
• Logs in to Landing Page using existing
credentials
• Webthority queried for access policies
• Authorization is driven by user profile
• Contextual Policy Control to assets
• Risk Tolerance might demand additional
encryption
• BYOD Friendly
• Remote Security
• Active Directory
• Single Sign-On
• Landing Page
• Role Based Access
• IAM Integration
16 Confidential 2013/10/8
Optimize Infrastructure Quest One Identify Manager
File Server
Lync Server
Active Directory
Enterprise Applications, Databases, Email
4
App Servers
• Access Governance
• Privileged Account Management
• Identity Administration
• User Activity Monitoring
• Unified identity (user)
• Unified AuthN/AuthZ
• Unified policy
• Unified workflow
• LOB controls access
• Access governance
• Strong AuthN
Business Owner
Leverage Our Strength in BYOD The Competitive Landscape
Manage Devices
MDM
Client Management
Virtual Endpoint Management
Secure Data
Secure Remote Access
On Device and Cloud Encryption
Network Security
Modernize Applications
Cloud Clients
Application Development
Identify management
Optimize Infrastructure
Network Bandwidth Management
Virtualization Solutions
Infrastructure Consulting
Leverage Our Strength in BYOD The Competitive Landscape
• BYOD Consulting Workshop and Assessment
• DVS Blueprint Assessment
End-to-end services
• Application Services
• OS Migration Services
• Platform Optimization
• Dell ProSupport
• Security Services
• MPP Program
• Solution Design
• Configuration Services
• Infrastructure Services
• Project Implementation
Design and implement Evaluate, assess and
plan
Manage and support
Modernize and optimize
Three key elements to enable the evolving workforce
Define IT policies and acceptable devices
Foundation The right solution depends on customer needs, their current
infrastructure, risk tolerance, and overall business strategy
1
Protect data, secure and manage your infrastructure
Empower workforce with access to data anytime, anywhere
2 3
19
Thank you!
20