Your SlideShare is downloading. ×
Концепция BYOD дляруководителейАлексей ЛукацкийБизнес-консультант по безопасности, Cisco© Cisco и/или ее дочерние компании...
Сотрудники полны новых ожиданийЭволюция ландшафта рабочего места       БЫСТРЫЙ РОСТ      ЧИСЛА УСТРОЙСТВ                  ...
Сотрудники полны новых ожиданийЭволюция ландшафта рабочего места                                                       КАД...
Сотрудники полны новых ожиданийЭволюция ландшафта рабочего места                                                          ...
Комплексное решение для подхода BYOD («принеси своесобственное устройство»)     ОГРАНИЧЕННЫЙ ДОСТУП                   БАЗО...
Как это работает у Cisco
Presentation_ID   © 2008 Cisco Systems, Inc. All rights reserved.   Cisco Confidential   7
Presentation_ID   © 2008 Cisco Systems, Inc. All rights reserved.   Cisco Confidential   8
Доверенная                                                       с е т ь                                                  ...
Доверенная                                                        с е ть                                                  ...
Доверенная                                                        с е т ь                                                 ...
Доверенная                                                   сеть                                                   WiFi  ...
Н е д о в е р е н н а я                   с е т ь          W i F i                             Политика роуминга          ...
Presentation_ID   © 2008 Cisco Systems, Inc. All rights reserved.   Cisco Confidential   14
Presentation_ID   © 2008 Cisco Systems, Inc. All rights reserved.   Cisco Confidential   15
3G/4G            Доступ: Ограничен                  Нет   Да                               Досье клиента                  ...
UPDATE                                 3G/4GPresentation_ID     © 2008 Cisco Systems, Inc. All rights reserved.   Cisco Co...
Доверенный                                                                                                                ...
Доверенный                                                                                         Приоритет полосы   WiFi...
Presentation_ID   © 2008 Cisco Systems, Inc. All rights reserved.   Cisco Confidential   20
Спасибо за внимание!security-request@cisco.com
Upcoming SlideShare
Loading in...5
×

Концепция BYOD для руководителей

791

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
791
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • What are the transformations.. And the specific challengesNeed to make this more impactful.Focus on three themes:Slide #1 Device Proliferation - 15 Billion devices by 2015 that will be connecting to your network - Every person has 3-4 devices on them that connects to the network - 40% of Staff are bringing their own devices to work2) Next Generation Workforce - Work is no longer a place you go to work - People are willing to take a pay cut as long as they are able to work from home - Globalization, acquisitions, increased competitiveness - Need anywhere, anytime, any device access3) Virtualization No content yet, just put placeholderSlide #2Device ProliferationHow do I ensure consistent experience on all devices? How and what do I support?How do I implement multiple security policies per user, device? What devices are on my networks?  2) Changing WorkforceAm I hindering my workforce to be competitive?How do I retain top talent?How do I ensure compliance with SOX, HIPAA, etc?Can I handle partners, consultants, guest appropriately? 3) VirtualizationHow do I know who is accessing my virtual desktop infrastructure?How do I secure access to my data across the cloud.. in a scalable wayCan I ensure compliance across geographic boundaries
  • What are the transformations.. And the specific challengesNeed to make this more impactful.Focus on three themes:Slide #1 Device Proliferation - 15 Billion devices by 2015 that will be connecting to your network - Every person has 3-4 devices on them that connects to the network - 40% of Staff are bringing their own devices to work2) Next Generation Workforce - Work is no longer a place you go to work - People are willing to take a pay cut as long as they are able to work from home - Globalization, acquisitions, increased competitiveness - Need anywhere, anytime, any device access3) Virtualization No content yet, just put placeholderSlide #2Device ProliferationHow do I ensure consistent experience on all devices? How and what do I support?How do I implement multiple security policies per user, device? What devices are on my networks?  2) Changing WorkforceAm I hindering my workforce to be competitive?How do I retain top talent?How do I ensure compliance with SOX, HIPAA, etc?Can I handle partners, consultants, guest appropriately? 3) VirtualizationHow do I know who is accessing my virtual desktop infrastructure?How do I secure access to my data across the cloud.. in a scalable wayCan I ensure compliance across geographic boundaries
  • What are the transformations.. And the specific challengesNeed to make this more impactful.Focus on three themes:Slide #1 Device Proliferation - 15 Billion devices by 2015 that will be connecting to your network - Every person has 3-4 devices on them that connects to the network - 40% of Staff are bringing their own devices to work2) Next Generation Workforce - Work is no longer a place you go to work - People are willing to take a pay cut as long as they are able to work from home - Globalization, acquisitions, increased competitiveness - Need anywhere, anytime, any device access3) Virtualization No content yet, just put placeholderSlide #2Device ProliferationHow do I ensure consistent experience on all devices? How and what do I support?How do I implement multiple security policies per user, device? What devices are on my networks?  2) Changing WorkforceAm I hindering my workforce to be competitive?How do I retain top talent?How do I ensure compliance with SOX, HIPAA, etc?Can I handle partners, consultants, guest appropriately? 3) VirtualizationHow do I know who is accessing my virtual desktop infrastructure?How do I secure access to my data across the cloud.. in a scalable wayCan I ensure compliance across geographic boundaries
  • What does this all really mean? It introduces a new chasm – the netherworld between trusted enterprise networks, and the wild world of the internet that is accessed while roaming hotspots, 3G/4G networks and home networks. Did you know that employee devices spend a full 50% of connected lives OFF the enterprise network? As never before, organizations must manage the transitions on and off different networks seamlessly, while protecting sensitive information.But this growth in wireless and mobility can also create new opportunities to increase efficiency and grow your business today. Just how can you take advantage of this market transition?What I’m going to do today is break it down into a very simple example. Let’s walk through a day in the life of Dr. Jack Thompson, something that is happening right now in hospitals across the country. [TRANSITION] Let’s see what a true seamless experience should be for Dr. Thompson, and the systems that make it happen.
  • Dr. Thompson buys a 3G iPad during lunch, walks back to the hospital and hands his new iPad to IT and says I want to use this for my work. Now what?[TRANSITION]
  • His IT manager tells him that using his username and password, he can “onboard” the device and the network will apply all the correct policies and approved apps automaticallyThe IT manager knows the importance of keeping the network secure, and complying with regulations to protect patient data. So things like remote wipe and data loss prevention are critical. [TRANSITION]
  • Luckily, his system can help him apply contextual policies based on things like device type, user or location automatically, without user intervention. We’ve kept it simple for this example, but as you all know you can apply polices based on many more attributes.That’s it, Dr. Thompson has now on-boarded his new iPad. Keep in mind, to enable this seamless experience the network needs to support certain things: First, you need an 802.11n Wi-Fi network which can withstand the challenges of Mobility including complex RF interference. Second, you need identity-based network control for the contextual policy we just touched on. Mobile Device Management is required for functions such as installing enterprise applications or remote wipe if the device is lost. Last but not least, Make sure you have a management system for the infrastructure and a service assurance manager for visibility into what’s going on in the network, and what you need to do if things start going wrong. If you have branches in the Hospital, WAN optimization will help help keep network resources available.[TRANSITION]
  • Let’s get back to Dr. Thompson…. He is now attending to patients in the OR. His contextual policy has been defined from an application perspective such that when he is at work, he has full access electronic medical records, mobile telepresence, email and IM. Again, we are keeping it simple here in terms of applications used. It’s key to note that you can tailor this policy for unique job and regulatory requirements, with the doctor only allowed to access sensitive patient records while in the office due to HIPPA regulations.It’s now 2 o’clock and Dr. Thompson needs his afternoon coffee, what happens when he leaves the Hospital? [TRANSITION]
  • Doctor goes to OR, pulls up EMR and xray imagesCommunicates with staff via IMWe know that literally billions of devices are pouring onto networks – at hospitals that presents doctors, administrators, patients, and visitors. Each has unique needs, and along with tablets and smart phones, healthcare has specialized medical equipment, and wireless tracking tags, connecting in increasing numbersA wi-fi network must be designed to meet these challenges, these changing device profiles, application profiles, and device density.Capacity and performance to support the influx of clientsPerformance to handle new applications, such as two-way TP with patients, and EMR data housed centrally for a medical group, and application data now residing in the cloud Acceleration for all client types, even the medical asset tags, slower tablets and smart phonesPROACTIVE protection against wireless interference from things like blanket warmers and light controlsLocation tracking for assets and peoplePlus, patient data is protected by HIPPA regulations, so IT must carefully govern when and how this can be accessed
  • He decides to visit the coffee shop next door, which has a Wi-Fi hotspot. Now, his contextual policy becomes a roaming policy defined by the Hospital. The policy says that Dr. Thompson will not have access to EMR while at the coffee shop, but he will be able to use email, telepresence and IM[TRANSITION] While there, he gets a paged from his nurse, and gets into a video chat session to have a two-way video chat about his patient.
  • Doctor goes to his child’s soccer game, still with iPad, on 3GAgain, his VPN has roamed from hotspot to 3G, preventing any interruption or interventionHe has full access to patient data, but his applications have been throttled to prevent overloading the 3G network and to prevent application performance issuesOur doctor pulls up his EMR application, checks for updates on patient status, all is well, watches game with ease
  • Doctor goes to his child’s soccer game, still with iPad, on 3GAgain, his VPN has roamed from hotspot to 3G, preventing any interruption or interventionHe has full access to patient data, but his applications have been throttled to prevent overloading the 3G network and to prevent application performance issuesOur doctor pulls up his EMR application, checks for updates on patient status, all is well, watches game with ease
  • Doctor goes to his child’s soccer game, still with iPad, on 3GAgain, his VPN has roamed from hotspot to 3G, preventing any interruption or interventionHe has full access to patient data, but his applications have been throttled to prevent overloading the 3G network and to prevent application performance issuesOur doctor pulls up his EMR application, checks for updates on patient status, all is well, watches game with ease
  • Doctor goes home – connects on home Wi-Fi, He has partitioned access – tunnel back to hospital, and a personal SSID for family accessDoctor calls in on his IP softphone to talk with a colleague about tomorrow’s operations[TRANSITION]
  • Doctor goes home – connects on home Wi-Fi, He has partitioned access – tunnel back to hospital, and a personal SSID for family accessDoctor calls in on his IP softphone to talk with a colleague about tomorrow’s operationsSon starts a Call of Duty “Modern Warfare 3” game – but his home router applies QoS and prioritizes this lower than his phone callHis call continues with perfect quality
  • What can you expect to see next? Plenty!Over the coming quarters, Cisco will be expanding and integrating the technologies that make this story a realityRobust WLAN infrastructure to support more mobile clients (preview 3600 and 7.2)Strategies for MDM to ensure management and security of these smart but vulnerable devices.Continuing evolution of identity-based access control to help IT cope with the rapid change in client base
  • Transcript of "Концепция BYOD для руководителей"

    1. 1. Концепция BYOD дляруководителейАлексей ЛукацкийБизнес-консультант по безопасности, Cisco© Cisco и/или ее дочерние компании, 2011 г. Все права защищены. 1
    2. 2. Сотрудники полны новых ожиданийЭволюция ландшафта рабочего места БЫСТРЫЙ РОСТ ЧИСЛА УСТРОЙСТВ В среднем каждый пользователь имеет 3–4 устройства, К 2015 году 15 миллиардов соединяющих его с сетью устройств будут подключаться к сети 40 % сотрудников приносят свои собственные устройства на работу БЫСТРЫЙ РОСТ КАДРЫ ВИРТУАЛИЗАЦИЯ ЧИСЛА УСТРОЙСТВ НОВОГО ПОКОЛЕНИЯ
    3. 3. Сотрудники полны новых ожиданийЭволюция ландшафта рабочего места КАДРЫ НОВОГО ПОКОЛЕНИЯ Люди готовы к снижению заработной 70 % конечных пользователейРабота больше не то место, куда платы ради возможности работать дома признаются в нарушении правил ИТ- нужно идти безопасности ради облегчения своей жизни Им необходим доступ любых устройств в любое время, из любого места БЫСТРЫЙ РОСТ КАДРЫ ВИРТУАЛИЗАЦИЯ ЧИСЛА УСТРОЙСТВ НОВОГО ПОКОЛЕНИЯ
    4. 4. Сотрудники полны новых ожиданийЭволюция ландшафта рабочего места ВИРТУАЛИЗАЦИЯ «К 2013 году 60 % нагрузки серверов будет виртуализовано» “К 2013 году управление 20 % профессиональных ПК будет осуществляться в рамках модели размещаемых виртуальных настольных систем.” Центры обработки данных эволюционируют. Теперь приложения — это объекты, которые перемещаются по сети БЫСТРЫЙ РОСТ КАДРЫ ВИРТУАЛИЗАЦИЯ ЧИСЛА УСТРОЙСТВ НОВОГО ПОКОЛЕНИЯ
    5. 5. Комплексное решение для подхода BYOD («принеси своесобственное устройство») ОГРАНИЧЕННЫЙ ДОСТУП БАЗОВЫЙ ДОСТУП РАСШИРЕННЫЙ ДОСТУП ДОСТУП НОВОГО ПОКОЛЕНИЯ Среда требует строгого контроля Ориентирован на базовые сервисы Поддержка дифференцированных Собственные корп. приложения, и удобный доступ почти для всех сервисов, адаптационный период, новые сервисы, защищенный доступ, но не для собственных полный контроль устройств Только устройства компании Более широкий круг устройств, Множество типов устройств и методов доступа Множество типов устройств, Среда производителя но только Интернет (корпоративных) Здравоохранение Торговая площадка Среды образовательных учреждений Предприятия, первыми принявшие подход Инновационные предприятия Закрытые сети гос. органов Гос. учреждения BYOD Электронная розничная торговля Традиционные предприятия Простые гости Доступ для подрядчиков Сервисы мобильной торговли (видео, совместная работа и т. д.)
    6. 6. Как это работает у Cisco
    7. 7. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7
    8. 8. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8
    9. 9. Доверенная с е т ь W i F i Адаптационный период  Аутентификация пользователя  Цифровая метка устройства  Применение корпоративной конфигурации  Корпоративный AppStore  Банковские приложения  Автоматические политикиPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9
    10. 10. Доверенная с е ть W i F i Политика с учетом контекста Применение установленных профилей политики, исходя из: типа устройства пользователя местоположения приложенияPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10
    11. 11. Доверенная с е т ь W i F i Политика с учетом контекста Доступ: ПОЛНЫЙ Нет Да Электронные досье клиентов Мобильная технология TelePresence / ВКС Электронная почта Мгновенный обмен сообщениямиPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11
    12. 12. Доверенная сеть WiFi Результаты оценки клиента Х уже готовы? Еще нет, но я дам вам знать, когда они поступятPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12
    13. 13. Н е д о в е р е н н а я с е т ь W i F i Политика роуминга Доступ: ограниченный Нет Да Электронные досье клиентов Мобильная технология TelePresence Электронная почта Мгновенный обмен сообщениямиPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13
    14. 14. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14
    15. 15. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15
    16. 16. 3G/4G Доступ: Ограничен Нет Да Досье клиента Mobile TelePresence Email Instant MessengerPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 16
    17. 17. UPDATE 3G/4GPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17
    18. 18. Доверенный WiFi Доступ : ПОЛНЫЙ Нет Да Досье на клиента Mobile TelePresence Email Instant MessengerPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18
    19. 19. Доверенный Приоритет полосы WiFiPresentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19
    20. 20. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 20
    21. 21. Спасибо за внимание!security-request@cisco.com

    ×