The document discusses five essentials for implementing bring your own device (BYOD) in a business: unified network access, security and remote access, identity and policy management, applications management, and devices. It provides an overview of Cisco products and services that can help deliver flexibility and control in a BYOD environment, including tools for network access, security, identity management, and mobility applications. The document also outlines strategies for onboarding user devices and maintaining control over resource access on personal and corporate-owned devices.
Building layers to support All the the Devices. Taking an architectural approach. Not building out Point solutions.Re-iterate the 5 points, through the show.
Due to proliferation of web-based applications (all traversing ports 80 and 443) and the port-hopping nature of several applications like Skype, ports are no longer a good proxy for applications.“Next-generation” firewalls address this by offering application-based visibility and control. However, merely classifying an application is no longer enough either. Now you must identify the “micro-applications” being used within a bigger application, and make the access controls decision based on all of these inputs.ASA CX offers very granular controls that allow administrators to create firewall policies that match the nuanced business needs of today. ASA CX not only identifies 1,000+ applications, but also identifies 75,000+ micro applications, like Farmville on Facebook. These micro applications are bucketed into easy-to-use categories so that firewall administrators can easily allow / deny access to the relevant parts of the application, for example, on Facebook these micro applications are categorized into business, community, education, entertainment, games, and so on. Similarly, other applications like Google+, LinkedIn, Twitter, iTunes etc are also broken down into micro applications.In addition to micro applications, ASA CX also identifies the application behavior, that is, what action is the user taking within that application. As an example, the Facebook Videos category identifies whether the user is uploading, tagging or posting a video. So an administrator may allow users to view and tag videos, but not allow users to upload a video. You could also deny any postings from users, effectively making Facebook read-only.
Common control point – MDM plus moreCall our what our partnership entails…call our roadmap
Cisco’s Secure BYOD offers a complementary solution to the MDM vendors. PLEASE NOTE: There should be noMDM partnership discussions unless under NDA before March 20th, 2012. MDM deliver a great set of functionalities for smartphones and tablets only. They can: Do a device inventory Provision & de-provision devices Deliver data security Deliver device application security Cost management And enable full or selective wipeOne of the key element to know is that MDM solutions take full control of an employees owned to device to put it under managementCisco’s solution are complementary as they bring additional functionalities such as : User and device authentication, posture assessment, policy enforcement, contact aware controls with ISE Advanced web security and threat device with WSA and ScanSafe Secure Remote access with AnyConnectThe major difference is that we will address all kind of devices from printer, fax machines, laptops, smartphones, tablets…As you can see, Cisco Secure BYOD and MDM solutions are complementary and we are working on integration between the major MDM vendors and ISE to complete our storyTransition: Let’s now, put all the pieces together in a simple network diagram to show an example of how this blocks could be implemented
Break out into two slides … “on-boarding differentiators (1.1MR) on second slide”
Call to action – Come to the stand and have a look at a working BYOD network…