BYOD/MDM Seminar @ ROCKBOTTOM

  • 527 views
Uploaded on

GTRI InfoSec debriefing on BYOD,MDM. Cisco ISE and Zenprise MDM.

GTRI InfoSec debriefing on BYOD,MDM. Cisco ISE and Zenprise MDM.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
527
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
34
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Identity ManagementRole Based AccessNAC/BYOD - 802.1xDemoTroubleshootingOn boarding New DevicesEmployee ServicesDevice ProfilingWhat + Who = Access to WhereGuest ServicesSponsored or Self Registered

Transcript

  • 1. BYOD/MDM Workshop Luncheon @ RockBottom DenverBYOD/MDM Workshop LuncheonSponsored by Ciscoand Zenprise Rev2 Hosted by Greg Hanchin Global Technology Resources, Inc. / Trusted Security Advisor September 19, 2012 ©2012 Global Technology Resources, Inc., All Rights Reserved. Contents herin contain confidential information not to be copied
  • 2. Agenda Welcome Mobility Cisco ISE / BYOD ZenPrise / MDM Questions Breakout © 2012 GTRI
  • 3. Who is GTRI?•$200M Systems Integrator Customers•14 years old•214 People•Profitable Employees•Scratch built•Denver - HQ Projects•$15 Million a Year in Professional Services•$70M in Commercial / $130M in Federal © 2012 GTRI
  • 4. GTRI InfoSec Quilt © 2012 GTRI
  • 5. Recent GTRI Security Projects © 2012 GTRI
  • 6. © 2012 GTRI
  • 7. iPad Sales – Just iPads © 2012 GTRI
  • 8. MobilityMonty PetrichSA - Wireless GTRI © 2012 GTRI
  • 9. Mobility Changes Everything Simple Secure Scalable ANY USER ANY DEVICE ANYTIMEANYWHERE © 2012 GTRI
  • 10. Where is Wireless Going Future Technologies  802.11ac  802.11ad Wi-Fi Offload and DAS  What the carriers are doing  802.11u AnyConnect  How to prepare customers BYOD and Dynamic VLANs © 2012 GTRI
  • 11. © 2012 GTRI
  • 12. © 2012 GTRI
  • 13. © 2012 GTRI
  • 14. Bring Your Own Device Micah Montgomery SE-Information Security GTRI © 2012 GTRI
  • 15. MDM vs BYOD/NAC MDM BYOD /NAC  Managing device WLAN/ Wired Managing Device on 3g/ 4g Access Manage Files  Role Based Access Control (RBAC) Manage APPS / Email  Concept of Device Stacking on Corp JailBreak Control  Identity Remote Wipe  Posture / Profile / Quarantine Device Encryption  Hoteling GEO Fencing  DLP – Lite on critical Files Device Recovery- LoJack  Authentication/Authorization/ Accounting -AAA © 2012 GTRI
  • 16. Bridging the GAP © 2012 GTRI
  • 17. Sample ISE Deployment © 2012 GTRI
  • 18. The User to Device Ratio Has Changed © 2012 GTRI
  • 19. Identity Services EngineACS • Centralized Policy Identity • RADIUS ServerNAC ServicesProfiler Engine • Posture AssessmentNAC • Guest Access ServicesGuest • Device ProfilingNAC • MonitoringManager • Troubleshooting NAC Server • Reporting © 2012 GTRI
  • 20. BYOD Deployment Scenarios © 2012 GTRI
  • 21. ISE Node Types © 2012 GTRI
  • 22. ISE Platforms © 2012 GTRI
  • 23. Gradual DeploymentMonitor Mode Low Impact High Security• Authentication Mode Mode Without Access • Minimal Impact • Logical Isolation Control to Network and of User Groups / Users Device Types © 2012 GTRI
  • 24. What Device? © 2012 GTRI
  • 25. ISE Profiler: 3 Steps © 2012 GTRI
  • 26. Guest Self Service © 2012 GTRI
  • 27. Guest User Experience © 2012 GTRI
  • 28. Certificate Location by DeviceDevice Certificate Storage Location Access MethodiPhone/iPad Standard certificate store Settings > General > ProfileAndroid Encrypted certificate store Invisible to end users. Note Certificates can be removed using Settings > Location & Security > Clear Storage.Windows Standard certificate store Launch mmc.exe from /cmd prompt, or view in certificate snap-in.Mac Standard certificate store Application > Utilities > Keychain Access © 2012 GTRI
  • 29. What about Accounting? Provides additional information about the session Marks end of a session (Removes endpoint from licensing count) Provides IP address Profile IOS probe © 2012 GTRI
  • 30. MDM vs BYOD/NAC MDM BYOD /NAC  Managing device WLAN/ Wired Managing Device on 3g/ 4g Access Manage Files  Role Based Access Control (RBAC) Manage APPS / Email  Concept of Device Stacking on Corp JailBreak Control  Identity Remote Wipe  Posture / Profile / Quarantine Device Encryption  Hoteling GEO Fencing  DLP – Lite on critical Files Device Recovery- LoJack  Authentication/Authorization/ Accounting -AAA © 2012 GTRI
  • 31. Mobile Device Management David DeCesare SE – Denver Region © 2012 GTRI
  • 32. ZenPrise MDM Slides See - http://slidesha.re/N2lTWL © 2012 GTRI
  • 33. Questions? © 2012 GTRI
  • 34. BYOD/MDM Workshop LuncheonThank You! July 26, 2012 ©2012 Global Technology Resources, Inc., All Rights Reserved. Contents herin contain confidential information not to be copied