S5068 Presentation Live

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    1 Favorite

    S5068 Presentation Live - Presentation Transcript

    1. Strategies for Delivering Secure Wireless Guest Access
    2. Cisco Mobility TV Mobility TV Host Chris Kozup Marketing Manager, Mobility Solutions, Cisco Scott Pope Manager, Guest Access Product Management, Cisco Tony Diep IT Theater Service Manager for US & Canada, Cisco
    3. Thank You for Joining Us Today
      • The next wireless and mobility videocast event will take place on May 8, 2007 at 10:00 AM Pacific
      • The featured subject will be Outdoor Wireless
      • To register visit: http://www.cisco.com/go/semreg/mobilitytvepisodes/142299_3
    4. Wireless in the News
    5. Cisco Mobility Express Solution
      • Affordable business-class mobility solution announced for small and medium businesses
      Application-Based Access Points, Controllers, plus Application Servers Cisco Mobility Express Solution Controller-Based Access Points Plus Controllers Offer a Mobile Foundation for All Standalone Access Points Grow with Your Business Adapt to Your Level of Sophistication
    6. Cisco Empowers the Wireless Branch Office
      • Cisco introduces new WLAN Controller Module for the ISR and new 3G WAN interface to create the Empowered Wireless Branch
      Empowered Wireless Branch Integrated 3G Wireless WAN ISR Wireless LAN
    7. Cisco Wins TechTarget’s 2007 Gold Award
      • Cisco awarded TechTarget Gold Award for Product Leadership in the Wireless Category
      Gold Award: Cisco WiSM/WLSM
    8. Cisco Teams with the NBA
      • The NBA partners with Cisco to transform the experience of sports through the use of technology
    9. Upcoming Cisco Wireless Events
      • Interop
        • Las Vegas, Nevada
        • May 20–26, 2007
      • Cisco Secure Wireless Road Show
        • Sixteen cities in North America
        • Ask your account rep for details
    10. Agenda Why Secure Guest Access? 1 Cisco on Cisco: Guest Access Case Study 2 Cisco’s Secure Wireless Guest Access Solution 3
    11. Business Trends and Challenges
      • Trends
        • Widespread wireless deployment
          • Over 65% of businesses use WLAN
        • Mobility services new business imperative
          • 67% of businesses reported up to 50 visitors per month requiring network access*
        • Increased pressure to reduce network operational cost and complexity
          • Research case revealed ROI of up to 328%*
      • Challenges
        • Optimize partner, vendor and customer interactions with wireless access to network resources
        • Deliver guest access without exposing internal resources to security threats
          • Security ranks as #1 wireless network concern
      Source: WLAN Adoption Study, Forrester Research, 2006
    12. Wireless Guest Access Is Changing Business
      • Retail
      Providing customers real-time product or service information for an enhanced, better informed consumer experience Healthcare Allowing suppliers to place refill orders on the premises to minimize inventory shortages Financial Enabling consultants to complete audits more accurately efficiently Carpeted Office Providing secure access to business partners and consultants to ensure faster decision making and increased business agility
    13. Cisco Mobility TV Mobility TV Host Chris Kozup Marketing Manager, Mobility Solutions, Cisco Scott Pope Manager, Guest Access Product Management, Cisco Tony Diep IT Theater Service Manager for US & Canada, Cisco
    14. Cisco on Cisco Guest Access
      • Build a policy and architecture in which:
        • Non-Cisco employees can access the Internet
          • Where and when Cisco deems appropriate
          • With Cisco's permission
          • From Cisco’s infrastructure
          • Secure, authenticated, recorded
      Objectives and Constraints
    15. Cisco on Cisco Guest Access Architecture WWW Guest Data Guest traffic tunneled in GRE BBSM “ hotspot.cisco.com” Employee generates access code via portal Corporate Current – Layer 3 Architecture WWW Guest Data Guest traffic tunneled in GRE NAC Appliance “ hotspot.cisco.com” Corporate Planned – Strategic
    16. Cisco on Cisco Wireless SSID Architecture Wireless voice SSID EAP-FAST authentication WPA encryption QoS Broadcast = NO Guest networking SSID Open authentication No encryption Broadcast = YES Two production data SSIDs EAP-FAST authentication CKIP encryption on one WPA encryption on the other Broadcast = NO Cisco wireless voice users Cisco wireless data users NON-Cisco, guest WLAN users Common SSID configuration for all access points
    17. Cisco on Cisco Guest Usage Trends - Global
      • Average of 19,000 users per month (and rising)
      • Over 228,000 guests past 12 months
      • Over 330 buildings with wired & wireless guest services
      Guest Users
    18. Cisco on Cisco Support Cost Analysis – FY 2007 $14,450 Support Case Cost ($25 per case) $162,450 or $0.71 per guest Total Support Cost $148,000 Tier 2/3 Support (Est. 1 FTE) 578 # IT Support Cases (Annual) 228,048 Number of Guest Codes (Annual) FY 2007 Support Cost of Hotspot.cisco.com $162,450 Cost of “Hotspot.cisco.com” (see above) $5,538,750 Cost Avoidance $5,701,200 Total cost of support ($25 x 228,048) 228,048 # of helpdesk calls required (without guest service) FY 2007 Support Cost Pre-Hotspot.cisco.com
    19. Cisco on Cisco Hotspot Benefits
      • Access codes can be generated within 15 seconds
      • Batch codes can be generated for large groups
      • IT administrative overhead avoided
      Improved Turnaround
      • Branded network experience – Cisco viewed as technology leader
      • “ No hassle” network access
      Guest Experience
      • Visitor sponsors responsible for generating code – no IT support needed
      Staff Empowerment
      • Users must digitally sign acceptable use policy with legal disclaimer
      Legal Protection
      • Controlled network access
      • Uncontrolled, non-corporate clients segmented from enterprise network
      Improved Security
      • Over $5M in potential support/administrative overhead avoided
      Cost Avoidance
    20. Mobility Services … Beyond Connectivity Security Guest Voice Location
      • Guest networks for customers, partners and auditors
      • Vendor replenishment networks
      • Public access networks
      • Automatic, 24 x 7 security and compliance monitoring for breaches via wireless medium
      • Network access control based on user location
      • Asset management
      • Location-based content distribution
      • Streamlined workflow using historical location data
      • Real-time mobile voice communications
      • Improved collaboration via mobile unified communications
      • Faster customer service response
      Pervasive Wireless Network
    21. Cisco Mobility TV Mobility TV Host Chris Kozup Marketing Manager, Mobility Solutions, Cisco Scott Pope Manager, Guest Access Product Management, Cisco Tony Diep IT Theater Service Manager for US & Canada, Cisco
    22. Types of Network Users Corporate Employees
      • Need internal network access
      • Can be role based to allow granular access if needs require
      • Need restricted internal access
      • Printers
      • File Shares
      • Specific Applications
      • Device Support
      Contractors/ Consultants Guest Users
      • Internet Access Only
      • No need to access internal systems
      • Segment Access Completely
      Full Access Internet Only Cisco Guest Services Give You Control
    23. Cisco Solutions for Secure Guest Access
      • Lobby admin portal for user provisioning
      • End-user registration page
      • Network partitioning using tunneling
      • User authentication and authorization in local database or AAA server
      • Usage logging and reporting
      • Core features, plus…
      • Network privileges based on roles
      • End-user security posture assessment
      • Full policy-based end-user portal customization using partners
      • Unification of wireless and wired guest access
      Versatile Solutions for Diverse Deployment Environments Wireless Guest Access in Cisco Unified Wireless Enhanced Wired and Wireless Guest Access Core and Enhanced Options
    24. Wireless Guest Access
      • Back-end segmentation (mobility anchor)
        • Separate the guest traffic from the corporate internal traffic via EoIP tunnels
      • Lobby ambassador/ host portal
        • Guest user creation and token generation
        • Served from WLAN Controller or WCS
      • Customizable guest screen
        • Served from WLAN Controller or external server
      • Back-end authentication
        • Local WLAN Controller user database or external AAA
      Wired/Wireless VLANs Campus Core LWAPP LWAPP WCS Ether IP “ Guest Tunnel” Emp Emp Internet Ether IP “ Guest Tunnel” DMZ WLAN Controller Guest Emp Guest Emp
    25. Lobby Ambassador Feature
      • Simple and Fast
        • Lobby Ambassador feature enables any staff member to enable guests
      • Integrated Solution
        • Runs on any controller and WCS
      • Secure
        • Generate individual guest name, unique password and duration of access
    26. Enhanced Wired and Wireless Guest Access
      • Cisco NAC Appliance Provides:
      • Very granular role-based access
      • Endpoint posture assessment and remediation
      • OS and posture restrictions
      • QoS policy for guest users
      • Integration with broader AAA servers
      • Uniform guest access for wired/wireless
      • Cisco “GuestNet” Customized Portal:
      • Cisco developed portal services for “one-stop” shop
      • Basic portal customization, per-user customization
      • Partner User Portals Provide:
      • Extensive portal customization
      • Customizable logging, reporting, billing
      • Temporary user accounts for email, printing, etc.
      Campus Core LWAPP LWAPP WCS Ether IP “ Guest Tunnel” Emp Emp Internet Ether IP “ Guest Tunnel” DMZ WLAN Controller NAC Appliance Wired/Wireless VLANs Guest Emp Guest Emp
    27. Role-Based Access Control
      • Validates authorization policies and privileges
        • Layer 3/Layer 4 role-based access control (RBAC) to permit access to specific port, protocol, or subnet
      • Supports multiple user roles
        • Customized portals per guest user group – redirection to a pre-defined page for acceptable user policy notice
        • Bandwidth throttling for each user role by assigning shared or dedicated bandwidth usage
        • Secures internal wired Ethernet ports
      • Scans for Security Requirements
        • Guest session access scheduling
        • Pre-configured Windows critical hot fixes and anti-virus application checks
      • Performs repair and update
        • Self remediation for quarantined users
    28. Implementation Considerations
      • Ensure guest access to only Internet and authorized network resources
      • Eliminate IT administrator involvement with user authorizations
      • Leverage integration of wired and wireless network (policies and administration)
      • Ensure internal users and applications have priority over guests
      • Monitor network use and prohibit services on location or per-user basis
      Whatever the Business Reason for Guest Access, Implementation and Security Goals Should:
    29. With Wireless… Now You Can
    30. Now You Can…
      • Enhance your customer’s retail experience
        • Increase the time and money customers spend on site
      • Improve vendor productivity and accuracy
        • Allow suppliers to update inventory or restocking data real-time
      • Provide a virtual support network for hospitalized patients
        • Enable connectivity to the outside world with online access to family, friends, research, entertainment
      • Track when and where users access the network
        • Ensure the security of your facility and critical business data
    31.  

    + Insight24Insight24, 3 years ago

    custom

    1567 views, 1 favs, 1 embeds more stats

    Cisco presentation on the benefits of the Guest Ac more

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 1567
      • 1566 on SlideShare
      • 1 from embeds
    • Comments 0
    • Favorites 1
    • Downloads 134
    Most viewed embeds
    • 1 views on http://start.freifunk.net

    more

    All embeds
    • 1 views on http://start.freifunk.net

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories