Andrew Wang EUC BDM Dell

BYOD面面觀-安全、管理、後端整合

2 Confidential

The Evolving Workforce Consumer trends drive a sea change in enterprise computing

3 Confidential

BYOD Network Topology

2013/10/8

Internet

Core Network

LAN Clients

Data Center

Networking

4 Confidential

BYOD Network Topology

2013/10/8

Internet

Core Network

LAN Clients

Data Center

Networking

Mobile Devices – 77% of devices used at work chosen by employee

• Security varies between iOS and Android

• Traditional image mgmt. not an option

• Application access exposes data

• Consumer applications share data

Data Security – 7 of 10 Employees break policy

• Data is not encrypted in transit

• Many consumer apps have viruses

• Network access must be controlled

1

2

Applications – 60%+ of ITDM’s see app access as essential for BYOD

• Workers require more than email

• Must protect the data in business apps

• Developing mobile apps is costly and

difficult

3

Infrastructure – 3.3 Connected Devices Per User

• Even VPN on-site connectivity still a threat

• Consumer apps can degrade network

performance

• Scaling network in a traditional way is not

realistic

4

Dell Data Protection & Encryption

On Device and In the Cloud

Dell SonicWall Secure Remote Access & Next-Gen Firewalls

ProSupport for Multi Vendor

Dell KACE Appliances

Dell Wyse Cloud Client Manager

“How can I get IT control

of consumer devices?

“What happens to my data once it leaves my

network?”

The End-to-End BYOD Solution Portfolio Best in Class Solutions for Each Customer Pain Point

QUEST IAM/Webthority

PowerConnect W & ClearPass Guest Connect

Pocket Cloud

Application Development Services “How can I get people

the apps they need to drive productivity?”

Infrastructure Consulting

“How do I control how BYOD affects my core

network?”

6 Confidential

Mobile Device Management With K-3000 or Wyse Client Cloud Manager

2013/10/8

Internet

K3000

Cloud Client

Manager

• On-Device client creates device control for ITDM

• On-Prem MDM console for <10K Users

• Policy and device configuration

• Device and app management • Surpasses normal MDM as ITDM’s

can manage PC’s, servers, virtual machines and smart devices with one console

• Saas MDM console • Policy and device

configuration • Device and app

management • Augments normal MDM

with thin client, remote desktop and content management

1

Manage Devices Competitive Matrix

Monitor Device Status, Jailbroken or Rooted, Network Connection,

with Alerts

Cloud Client

Manager

* Based on Gartner feature matrix

Robust role based admin + reporting

Active Monitoring

Administration and Reporting

Email Containerization

Document Containerization

Device Wipe, Password Protect

Device Management Device Wipe, Password Protect, Locate Device

Device Wipe, Password Protect, Locate Device

Device Wipe, Password Protect, Locate Device

Policy Management Role Base Policy Administration

Role Base Policy Administration

Role Base Policy Administration

Role Base Policy Administration

Device Configuration

`Configure Device Features from the Admin

Console

`Configure Device Features from the Admin

Console

`Configure Device Features from the Admin

Console

`Configure Device Features from the Admin

Console

Monitor Device Status, Jailbroken or Rooted, Network Connection,

with Alerts

Monitor Device Status, Network Connection,

with Alerts

Monitor Device Status, Jailbroken or Rooted, Network Connection,

with Alerts

Robust role based admin + reporting

Manual role based policy administration

Robust role based admin + reporting

Containerized Email and Application Management

Android only with Touchdown

Android only with Touchdown

Secure Corporate Container

Secure Document Container Only

Pocket Cloud

Device Configuration

Application Management

K-3000

Anyone with Exchange Server Access can Alter

Policies

Device Wipe, Password Protect

No

No

No

No Application Distribution, Inventory, White List /

Black List

Application Distribution, Inventory, White List /

Black List

Application Distribution, Inventory, White List /

Black List

Application Distribution, Inventory, White List /

Black List

No

No No

No

8 Confidential

Secure Data Secure Access and Data with SonicWALL

2013/10/8

Internet

Core Network

Data Center

Networking

• Secure remote access solution for Windows, Mac, Linux and mobile devices

• Mobile Connect uses small On-Device client to configure SSL VPN on iOS and Android

• Aventail VPN provides authentication and access control

• Bandwidth throttling by application type • Network Security Appliance provides

deep packet inspection scanning of network traffic

2

SonicWALL SSL VPN

Secure Remote

Access

SonicWALL Next Generation

Firewalls

Secure Remote Access Competitive Matrix

No

SonicWALL Aventail

No

Integrated One-time Password (OTP)

ICSA Certification

Cross-platform Clientless Access (Windows, Mac, Linux, tablets,

smartphones)

Cross-platform Client Access (Windows, Mac, Linux, iOS, Android)

Yes/Partial Cache Control and Secure Virtual Desktop

Partial/No Yes/Yes Yes/Yes

End Point Control (Windows, Mac, Linux, iOS, Android)

Yes Partial Partial Yes

Secure Virtual Access

No No No Yes

No Yes Yes

No Yes Yes

Yes Yes Yes Yes

Yes Partial Yes

Resource or Object-based Access Controls

FIPS 140 Certification – No additional Hardware Required

Certain models require additional hardware

module

Requires additional hardware

Requires additional hardware

Entire appliance and software solution are

certified

Yes

Partial – Secure Meeting available

Yes Yes Yes

Secure and control data across all mobile and portable endpoints

• Device detection and enforced provisioning across all connections

• Local policy enforcement ensures data protection travels with the device at all times

• Scalable, single point of management and control for all platforms

• Encryption enabling collaboration in public cloud storage services such as Dropbox and Box

10 Confidential 2013/10/8

Secure Data Dell Data Protection | Encryption

DDP|E

Enterprise

Server

Admin Console

Active Directory

Enterprise Applications, Databases, Email

2

Exchange with

DDP|E OTA Sync

Control

Business Owner

DDP|E Policy

Proxy

DDP|E Proxy Policy

DMZ

FIR

EW

ALL

FIR

EW

ALL

Local Protected

Devices

Dell Data Protection | Encryption Comprehensive lineup of endpoint protection products

Confidential 11 2013/10/8

Enterprise Edition Centrally managed data-centric encryption software (Includes External Media Edition)

Personal Edition Locally managed data-centric encryption software (Includes External Media Edition)

Hardware Crypto Accelerator Full volume encryption exclusive technology with FIPS 140-2, Level 3 certification (Available on Dell Latitude, OptiPlex and Precision; Sold with either Enterprise or Personal Edition)

External Media Edition Encrypts external media devices; set policies for encryption or disable ports all together

BitLocker Manager Easily manages Microsoft BitLocker™ for comprehensive protection, auditing and compliance

Mobile Edition Encrypts mobile devices (Android, iOS) with management capabilities

Cloud Edition Encrypts end user files in public clouds where user keeps the keys & controls who has access

12 Confidential

Develop and Modernize Apps Create and Deliver Applications

2013/10/8 Data Center

Deliver

Cloud Client Manager

K-3000

Define

• Requirement analysis

• Scope and sign-off

• Prepare project plan

Design

• Usability interface

• Wireframes

• Visual design

Test

• Test cases and scripts

• Across multiple platforms

Deploy & Support

• App store certification

• Pro-active support

Development • iOS, Android, BB, WP7,

Windows 8. etc.

• MEAP-based cross-platform dev

• Certification-compliant design

3

13

Remote access to apps and files on your computers and virtual environments

Features

o Fast efficient, easy access to PC, Mac and Virtual desktop

o Connects to any desktop securely with RSA two-factor authentication

o Supports Standard Protocols: MS RDP 7, VNC, VMWare View

o Device Auto Discovery, simple interface

o Multi-touch with Touch Pointer and Rich Gestures

o High precision and easy control

Benefits

o Minimal setup and configuration

o Up to 50% faster over 3G/4G than RDP 5.2.

o SSL & FIPS encryption, RSA2 Factor Authentication (VMWare certified)

o Intuitive interface designed for smaller screens

o Multiple connections in Pro version

o Access sensitive files with enterprise-grade performance / security

PocketCloud Remote Desktop Pro 3

14

PocketCloud supports more Hosts, Connections and Features

15 Confidential 2013/10/8

Intranet Access

Optimize Infrastructure QUEST Webthority

File Server

Active Directory

Enterprise Applications, Databases, Email

4

• User accesses any browser

• Logs in to Landing Page using existing

credentials

• Webthority queried for access policies

• Authorization is driven by user profile

• Contextual Policy Control to assets

• Risk Tolerance might demand additional

encryption

• BYOD Friendly

• Remote Security

• Active Directory

• Single Sign-On

• Landing Page

• Role Based Access

• IAM Integration

16 Confidential 2013/10/8

Optimize Infrastructure Quest One Identify Manager

File Server

Lync Server

Active Directory

Enterprise Applications, Databases, Email

4

App Servers

• Access Governance

• Privileged Account Management

• Identity Administration

• User Activity Monitoring

• Unified identity (user)

• Unified AuthN/AuthZ

• Unified policy

• Unified workflow

• LOB controls access

• Access governance

• Strong AuthN

Business Owner

Leverage Our Strength in BYOD The Competitive Landscape

Manage Devices

MDM

Client Management

Virtual Endpoint Management

Secure Data

Secure Remote Access

On Device and Cloud Encryption

Network Security

Modernize Applications

Cloud Clients

Application Development

Identify management

Optimize Infrastructure

Network Bandwidth Management

Virtualization Solutions

Infrastructure Consulting

Leverage Our Strength in BYOD The Competitive Landscape

• BYOD Consulting Workshop and Assessment

• DVS Blueprint Assessment

End-to-end services

• Application Services

• OS Migration Services

• Platform Optimization

• Dell ProSupport

• Security Services

• MPP Program

• Solution Design

• Configuration Services

• Infrastructure Services

• Project Implementation

Design and implement Evaluate, assess and

plan

Manage and support

Modernize and optimize

Three key elements to enable the evolving workforce

Define IT policies and acceptable devices

Foundation The right solution depends on customer needs, their current

infrastructure, risk tolerance, and overall business strategy

1

Protect data, secure and manage your infrastructure

Empower workforce with access to data anytime, anywhere

2 3

19

Thank you!

20