Secure Mobility from GGR Communications
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Secure Mobility from GGR Communications

  • 135 views
Uploaded on

What is Secure Mobility? Remote working or working outside of the workplace With Any device from Anywhere at Anytime, ensuring High Security and Credential Assurance by using Active Security Policy......

What is Secure Mobility? Remote working or working outside of the workplace With Any device from Anywhere at Anytime, ensuring High Security and Credential Assurance by using Active Security Policy Enforcement while Improving ease of use and management. This presentation goes into more detail regarding Secure Mobility from GGR Communications.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
135
On Slideshare
135
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Secure Mobility An Introduction to Secure Mobility By Adrian Clinton-Watkins GGR Communications
  • 2. www.ggr.net Adrian Clinton-Watkins Managing Director CCIE#21806
  • 3. What is Secure Mobility? Remote working or working outside of the workplace With Any device from Anywhere at Anytime, ensuring High Security and Credential Assurance by using Active Security Policy Enforcement while Improving ease of use and management Anyone Anything Anywhere Anytime
  • 4. Why Secure Mobility? Employee Productivity BYOD – Bring Your Own Device Access to Corporate Systems from Anywhere Reduce CO2 Footprint/Travel == Reduced Cost Work / Life Balance Replace old school user based VPN
  • 5. Why Secure Mobility? 20% of workers telecommute IT consumerization: Now a reality 1B+ worldwide mobile workers in 2011 Smartphone adoption growing 50%+ annually One third of workers will be mobile by 2013 Mobile Individuals Mobile Technology 1.3 billion networked mobile devices entering the workplace
  • 6. London Olympics 2012 800,000 people will be using public transport in London Deloitte's recent research claims 43% of businesses are concerned with the impact of the games on their workforce An estimated 5.3M people are expected to attend the Olympics during the 16 day event The busiest areas will only be able to cope if 60% of people who normally commute stay away or change their travel plans (TFL)
  • 7. Bad Weather Disruptions Mean temperatures over the UK were 5.0 °C below average during December and 0.3 °C below average in January The 2011-12 may be one of worst overall UK winters in last 100 Years 2010 was the second-coldest winter since 1985/86
  • 8. Secure Mobility & Unified Communications Secure Access to Voice,Video Conference and Presence via Softphone, Mobile and tablet using NORMAL office communications.
  • 9. Based on User Legacy VPN How it Used to Work Network based Access (IP to IP) Filter IP access at Firewall (Not Always) Extend Network Reach to Remote Machines Increased Network Breech Risk from Remote Machines
  • 10. SSL VPN - Clientless VPN Uses SSL Web technology to provide Secure Remote Access Easy of Use - Requries Web Browser access only IP traffic terminates on SSL concentrator (Network access not required) Cache Cleaning / Keystroke Logging checks / Remote and Virtual checks Provides a Secure Desktop eg: Mobile devices - no footprint
  • 11. Advanced End Point Assessment Real-time verification of Access Device leads to dynamic access policy / access denied e.g.: Hardware Type and OS Check for Presence of Certain Software Check Anti-Virus Vendor and Latest Updates Check Windows Patch Levels Implement Firewall / Firewall Policy on Connection Check for Disk Encryption Software Levels USER Credentials Access Device Type Apply a Dynamic Access Policy (DAP) based on user, what they are accessing from and its security threat. Where necessary updating software dynamically.
  • 12. Advanced End Point Assessment Real-time verification of Access Device leads to dynamic access policy / access denied e.g.: Hardware Type and OS Check for Presence of Certain Software Check Anti-Virus Vendor and Latest Updates Check Windows Patch Levels Implement Firewall / Firewall Policy on Connection Check for Disk Encryption Software Levels USER Credentials Access Device Type Apply a Dynamic Access Policy (DAP) based on user, what they are accessing from and its security threat. Where necessary updating software dynamically.
  • 13. Authentication Weak Methods Active Directory only Active Directory with Secret Word Strong but Complex Device and User Certificates with AD credentials Strongest but Simple One time password device (eg: RSA / Quest Defender)
  • 14. Web Security
  • 15. Advantages Robust Security – Minimising Direct Network Access. Create AND Enforce Access policy by user/ device / location. IT Cost reduction for VPN client software and support / deployment Enhance Productivity Any device, any location availability Ease of Use High User Credential Security (Two Factor + One Time Password) Automatic Reconnect for Mobile devices
  • 16. CASE STUDY Perimeter Security and Mobile Working The British Horseracing Authority
  • 17. British Horseracing Authority UK Regulatory Body for Horseracing World Leader in Race Day Regulation Perform Race Day Planning, Scheduling and regulate events 364 Days a year, Over 1,300 Fixtures, 250K Entries
  • 18. Business Issues Risk of Failure to access systems (Race Day Staff) High Profile Regulatory Body - Media Focus / Daily Media Mentioning Loss of Data Forced Disruption Loss of Reputation
  • 19. Conflicting Business Requirements Provide High Level of Security preventing network break in Provide Remote Access for Raceday Staff and Internal Staff Increasing use from simple remote email through to access of HR, Finance, Case Management and Racing systems. Reduce Productivity Loss and Enforce Internet AUP Allow Company Use Social Networking Complex and Secure Authentication Mixed Ability Users - Simple Authentication
  • 20. Problems Old 'out of date' security infrastructure Different Vendors / Rulesets Poor Update / Upgrade policy - New Threat Defense Single non-redundant 'raceday staff' access method No Internet usage enforcement - Productivity Loss No Policy based VPN access for Staff
  • 21. Single Vendor / Full Redundancy / Multiple Providers Internet Connectivity – Different Provides at two locations Multiple ASA – Secure Mobility Connection Points High Speed MPLS between Sites – Form Triangle Dynamic Access Policies created Integrated with Web Filtering Software Integrated Threat Management Solution
  • 22. Internet Policy Monitoring / Enforcement The BHA Requirements The ability to monitor, audit and block internet usage Allow specific web content usage for a predefined period per day (quotas) - Company Social Networking / Balancing Staff Expectations Fully Integrated into Active Directory groups for access levels, usage and content reporting
  • 23. The Solution Websense Enterprise Edition Fully Cisco Integrated with the ASA firewalls and Security Policy All web traffic passing through the ASA at either site is reported and checked with Websense Software This software also checks all small office/home office sites internet traffic that is passing the router Integrated into the Cisco product range, providing easy to manage web filtering functionality Best Categorisation Engine - Important to allow certain racing sites
  • 24. Project outcome in line with defined business requirements Provide Secure Remote Access for Raceday Staff as well as Staff remote access of HR, Finance, Case Management and Racing systems Highly Secure yet simple authentication Internet Content filtering and monitoring High Availability to reduce the risk of business impact No single point of failure Provide Policy based threat management from Internet as well as remote users via dynamic access policies
  • 25. Secure Mobility - Conclusion Provide Secure Access from Any Device, Anytime, Any Where. Define and IMPLEMENT Corporate policies Robust Security and Threat Management Provide Business Applications and Systems including UC from Anywhere. Increased Productivity Reduced Cost