Worker productivity continues to be key focus of the mid-market. Continuing economic concerns are forcing businesses to persist in finding ways to do more with less and they are embracing mobility as a way to achieve that goal. Mobility is allowing employees to work more effectively inside and outside of the office. Mid-size businesses are arming employees with smartphones, laptops, touchpads, as well as dealing with a trend of employees using their own personal devices for work-related activities.They are finding new ways of staying in touch with and servicing customers such as video collaboration and social media.They are exploring technology approaches such as cloud computing that can help them streamline their business, cut costs and increase productivity.
In 2011, roughly twice as many smart mobile devices as laptops were shipped, IT has been faced to revaluate how to support this growing array of mobile devices in the enterprise. – GartnerThe question is no longer if IT accepts these “smart mobile” devices on the enterprise network but “how” it supports them, and how it manages and secruirs them. Consumerizationremiains a grassroots phenomenon, driven by business units demanding that users be allowed to bring their personal mobile devices to the office. Isolating these end points on a separate network helps to maintain dta protection policies and network stability in the production environement.
First wave — At the peak of the worm era (Sasser in 2003; Blaster in 2004), NAC policies werefocused on blocking risky laptops from accessing the network. In the early days of NAC, acommon goal was to establish a policy dictating that endpoints must have up-to-date patchesand antivirus signatures, and must be protected by a personal firewall, to gain access to thenetwork. Common obstacles to NAC during this era included complexity, costs and operationalconcerns about blocking employees from accessing the network.■ Second wave — In addition to the obstacles outlined above, the threat landscape waschanging. Stealthy, financially motivated attacks replaced noisy, mass worm attacks as theprimary threat. Enterprises also improved their endpoint patching and configurationmanagement processes. NAC shifted to simpler authentication-based policies. "Are You One ofGartner, Inc. | G00219087 Page 3 of 10Us" became the primary focus, as enterprises sought to limit access to corporate-owned andmanaged devices. Endpoints that failed authentication were restricted to a guest network,where they were limited to Internet access only.■ Third wave — In response to the consumerization trend, enterprises are turning to NAC toenforce policies related to BYOD programs. For example, some employee-owned devices maybe allowed, whereas others will be blocked (see the Expected Future State section).Rather than implement a full-blown NAC solution, most organizations have taken a shortcutapproach and established wireless guest networks in common areas, such as visitors' centers andconference rooms. This tactic has largely been effective in keeping guests off the corporatenetwork, but mostly by only providing Internet access to guests via Wi-Fi. In many cases, someguest access to the corporate wired network is required. Enterprises that need to protect the wirednetwork need stronger controls.The use cases that drove adoption in the first wave (endpoint baselining) and the second wave(guest networking) of NAC, and the remote access use case, will still be widely implemented (see"Network Access Control in 2009 and Beyond"). However, these scenarios will often beimplemented after the limited access network has been established (see the Road Map section).Gartner expects that, by 2016, 60% of large enterprises will implement limited access networkzones to limit the connectivity of personally owned mobile devices.
The Contain strategy will be relevant for most mainstream organizations. As noted in the followingsections, the Block strategy is too draconian, and the Embrace strategy represents a huge culturalshift that adds technical and operational complexity. A Contain strategy will satisfy the needs ofmost organizations and give them the time to architect effective plans to migrate to an Embracestrategy. A Disregard strategy equates to ignoring the presence of personally owned devices in acorporate environment. This is a poor choice, and organizations that adopt a Disregard strategydon't make any policy or technology changes. In the sections below, we focus on how networkmanagers can use NAC to adopt Contain, Embrace and Block strategies.
HP provides a comprehensive BYOD solution that includes:Secure user authentication AND advanced device profilingEnable seamless policy enforcement based on user and/or deviceCustomizable analysis and reporting of BYOD traffic
You understand our vision for virtual application networks. Well, this is how it all comes together. We start with the blueprint FlexNetwork architecture, with the solutions for the data center FlexFabric, FlexCampus and FlexBranch to connect the users. We are going to virtualize that entire infrastructure symbolized by these three blue ribbons that come into the center discs. And here, once we virtualize the network, we can use tools built on top of IMC to characterize applications using preconfigured templates. So that we can take advantage of virtualized, end-to-end network infrastructure to deliver applications from a cloud data center to a user in a way where the network is tuned to the delivery requirements of that class of applications whether it is video in multiple forms, conferencing, playback, training, or communications like Lync, real time business applications or messaging applications. You can have hundreds of applications falling into several classes requiring maybe 12 different virtual application networks. Most importantly, as these applications move from the private cloud into the public cloud, the policy for virtual application network can follow it as the users move and we will follow them as well providing for a dynamic environment, one where the applications are deployed rapidly. You can have speed without compromise and it is built on open standards, providing the choice, the flexibility as well as the confidence to have a proven path to the cloud.
Is your wired/wireless networkready for the onslaught of BYOD?Michael ZhuDirector, Global Product Line ManagementMay 2012