GTRI Zenprise MDM WorkShop
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

GTRI Zenprise MDM WorkShop

  • 1,004 views
Uploaded on

GTRI BYOD /MDM workshops

GTRI BYOD /MDM workshops

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,004
On Slideshare
1,002
From Embeds
2
Number of Embeds
1

Actions

Shares
Downloads
29
Comments
0
Likes
0

Embeds 2

http://securitycrunch.com 2

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • It’s one thing for us to say that we’re leading the mobility pack.It’s another when Gartner says so, and over 700 blue-chip customers choose to partner with us.
  • The mobility space has seen dramatic change in the last few years.Imagine, a year and a half ago the iPad didn’t exist. Last year saw the explosion of apps, and this year we’re seeing businesses really get serious about mobile. With the bring your own device trend well underway, lots of organizations are using mobile to transform their business.
  • With that in mind, we have three primary offerings: on premise and cloud-based mobile device management solutions and a host of support and services offerings to help you with your mobile goals.
  • Not only are we simple to manage, but we’re simple and transparentfor users, which means fewer support calls to IT support. Some of our competitors require, for example, the user to have a GMAIL account to register an Android device, which creates a huge headache for IT at enrollment time, and others burden users with things like agreeing to having location services turned on on the device so they can monitor device status like whether the device is jailbroken. But that’s really a burden for users who have to deal with the battery drain of location services just so they can enroll in their company’s BYOD program.As one of our Phoenix-based Transportation customers put it, “users don’t even know it’s there”.
  • A basic requirement of all of our customers, no matter where they are in their mobile adoption, is great services, support, and training. Our competitors talk about their support offerings, but make sure you push on them to make sure you’re getting the same level of commitment.We’ve made customer success our number one priority. Only Zenprise offers global, 24x7x365 support across all time zones, and with support in key local languages: English, Spanish, German, French, Russian, Mandarin, Hindi, Filipino, Portuguese, Japanese.Our customer success professionals are top-notch in their field, with an average of a technical bachelor of science degree and 10 years of experience.We’ve also shown commitment with lots of product communications choices, clear SLAs, a social presence, and by simply prioritizing the hiring of really talented support folks.
  • As a baseline, your MDM solution should support your organization’s mobile devices over their lifecycle. This includes: Configuring devices and setting policies.Provisioning devices by having users self-service enroll, providing an enterprise app store, and delivering policies and apps over the air.Securing devices by configuring native security settings, blacklisting and whitelisting apps, locking apps, and securing data; Providing helpdesk functions, remote support, and troubleshooting; Monitoring and reporting on device, service, infrastructure, security, and compliance; and Decommissioning devices upon employee departure
  • Also in the more ADVANCED category is architecture. Given how important mobile access is, architecture can make or break you. CLICK. We pass muster with your security architects. Unlike some of our appliance based competitors, we don’t hold your data hostage in the DMZ. We also don’t require that you synch or store LDAP data in the DMZ like our competitors do. Finally, the way we’re built doesn’t require you to open a bunch of ports to make the solution work. Some of the appliance based solutions would have you open 3x the number of ports we do. And because we meet security best practices, it’s just a lot easier and more straightforward to get buy-in on the deployment plan from your security and network counterparts.CLICK. Any business-critical mobile environment needs to be highly available. We support active-active clustering at all tiers so there are no points of failure. It’s industry-standard, straightforward, and clearly documented, so there’s no mystery. Some of our competitors say they are highly available, but make you call customer support for any information on how to configure it, and some do it through a series of steps that involve virtual machine snapshots, which is either a manual process or requires you to run scripts to make failover and failback work. Those just don’t scale – when you go down, you need your HA to just work. We also have a scale-out architecture with load balancing built in, so we can scale as your deployment grows.We also don’t require changes to your mail environment. Some of our competitors do, and we’ve learned that this has caused grief for IT because simple things like an upgrade or even a patch can cause downtime for Exchange, your MDM, or both until they can give you a patch to fix the problem.
  • Our customers have the option of taking advantage of our cloud deployment as well. We run on SAS70 Type II and FISMA Moderate compliant and Federal Cloud Certified infrastructure…CLICK. …that’s highly available, scalable, and globally redundant with four datacenters around the world. CLICK. It’s a truly cloud, multi-tenant solution, but with separate database instances for each of our customers so that their data won’t be co-mingled. This is unlike some of our cloud competitors who do co-mingle customer data in the cloud, and whose customers have experienced data loss, exposure, or corruption. This is also unlike some of our cloud competitors who do not offer secure access to the corporate backend such as LDAP, PKI, Exchange ActiveSync, and even the BES environment.

Transcript

  • 1. Zenprise / GTRI Lunch n Learn Protecting Mobile Enterprises Everywhere© 2012 Zenprise, Inc. All rights reserved. 0
  • 2. Zenprise – Background Well-funded Silicon Valley VC-backed company. $30,000,000 Funding round announced 10/18/2011 Greylock Partners, Bay Partners, Mayfield, Ignition Capital, Investors Rembrandt, Shasta Ventures Customer 700+ Founded 2003 Seasoned enterprise software team with experience taking Exec Team private companies public Patent 8 patents accepted Portfolio 5 patents currently under review Gartner Critical Capabilities Source: Gartner July 2011, Overall Score for Each Vendor’s Product Based on the Non-Weighted Score for Each Critical Capacity© 2012 Zenprise, Inc. All rights reserved. 1
  • 3. Mobility Rapidly Coming of Age Mobile Business Device Proliferation App Explosion Optimization $ 2010 2011 2012 “Gotta Have It!” “That’s Cool!” “That’s Productive” Devices Eclipse PCs 60 Apps Per iOS Device Best-in-Class Companies 3x as Likely to Have Mobility Strategy How do we manage How do we protect our How can we transform all these devices? data and network? our business? Sources: Asymco and Aberdeen© 2012 Zenprise, Inc. All rights reserved. 2
  • 4. Zenprise Offerings ZENPRISE Industry’s Leading Complete MOBILEMANAGER™ Secure Mobile Device Management Solution Software Solution Management Solution for All Devices iPhone, iPad, Android, Windows Mobile, ZENCLOUD™ Private, Public, Hybrid Blackberry, Symbian Cloud-based Offering 100% Uptime SLA QuickStart, Mobile Policy WORLD CLASS Implementation, Cert. SERVICES AND SUPPORT Server Implementation, and Custom Consulting© 2012 Zenprise, Inc. All rights reserved. 3
  • 5. Zenprise Solution Focus Simple for User & Administrator • Easy Enrollment • Policy Creation & Deployment • Remote Support Capabilities • Set it and Forget it Security Readiness Enterprise Integration & Readiness • Always on compliance • Real-time AD integration • Limited ports required • No changes to existing environment • Database behind firewall (email, vpn, SharePoint etc…) • IL vs. CL Policies • No appliance in mail path to create issues with Exchange • Secure container integrated with SharePoint • Scalability & Auto HA • App Security • Modular architecture • SIEM Integration • No black box appliance in DMZ Support & Services Mobile Business Optimization • 24x7x365 Worldwide Support • Presence on 5 continents • Focused on application and data protection • 10 Languages • Maintain user experience • Packaged service offerings • Leverage general purpose for special • Flexible Training purpose© 2012 Zenprise, Inc. All rights reserved. 4
  • 6. Simple Enrollment for User 1 2 3 4 5 Begin Enter Install Certs. T’s & C’s Push Policies/Apps Enrollment AD Credentials and Profile Download Apps© 2012 Zenprise, Inc. All rights reserved. 5
  • 7. Enterprise Integration - ActiveSync Verify - AD/LDAP - BES - VPN - Authentication - PKI/Certs. Manage Connect - WiFi - SharePoint - SIEM - Q1, Arcsight, RSA, Splunk etc.. - SDK & API’s Secure - HPOV, Remedy, Tivoli, SCCM, syslog etc…© 2012 Zenprise, Inc. All rights reserved. 6
  • 8. IT Operations • Policy Management • Support Management  Real time integration with A/D  User self service  Create one policy, push to many groups  Remote support / service desk  Integration with 3rd party ops mgt ( HPOV, • Configuration & Change Management Tivoli, Remedy, etc…)  Role Based Access  Notifications  Configure device OTA • Compliance Management • Application Management  Unmanaged devices blocked from A/S  Inventory: Hardware, software, O/S  Audit trails  Distribution: App push/wipe, enterprise app store, external stores • Asset Management  Security: blacklist/whitelist, context aware policies  Inventory: Statistics on hardware, software,Configure OS  Expense: VPP Integration  Ownership: IL vs. CL Retire Provision  Utilization: Roaming etc… Monitor Secure Support© 2012 Zenprise, Inc. All rights reserved. 7
  • 9. Security, Risk & Governance • Security & Risk Management • Content Management  Secure Mail Gateway ( SMG)  Encryption  Policy enforcement  Control: Expire, Wipe, Block etc…  Remote wipe/selective wipe/  Collaboration lock/password/authentication  Transparent Integration/ Use  Lock & manage profiles and block user actions  Secure container/ secure collaboration • Governance  Application tunnels  Audit Logs  Enforce encryption  T’s & C’s  Lock device features  Location Services© 2012 Zenprise, Inc. All rights reserved. 8
  • 10. Enterprise Grade Architecture – On-Premise Flexible, Scalable, Resilient Zenprise Administration Console ActiveSync Mail flow DMZ Device Management Real-time AD integration – Zenprise Server(s) No Split Brain Cache Active Directory DC(s) External DB Support Active / Active No sensitive data in Microsoft SQL NLB support the DMZ scale-out ActiveSync front-end server Front End, ISA, TMG, CAS Exchange – 2003 / 2007 / 2010 Mailbox server(s) Zenprise SMG Filter 3 ports inbound 80, 443, 8443 Secure Mobile Gateway - ISAPI Filter Enrollment and Device blocking Corporate Network© 2012 Zenprise, Inc. All rights reserved. 9
  • 11. ZenCloud Overview Best in Class Hosting Zenprise Data Center Locations ZenCloud • SAS70 Type II audits every 6 months • Physical Security • 2 factor authentication required for access x • Professional staff patrolling grounds x x • Cameras & intrusion detection systems used x • Power: fully redundant UPS systems used x • 100% SLA guarantee with penalties • Flexible, Scalable and Resilient • Dedicated server, network, service and db instances (replicated for availability + offline copies) • IPSec VPN connection (AD, SharePoint, …) • Hybrid Cloud options (on prem.)© 2012 Zenprise, Inc. All rights reserved. 10
  • 12. Enterprise Grade Architecture – ZenCloud Flexible, Scalable, Resilient Zenprise Administration console ActiveSync Mail flow Real-time AD ZenCloud Device Management integration – No Split Brain 100% SLA Cache Separate Host, Network and DB instances DMZ Active Directory DC(s) VPN Concentrator Exchange – 2003 / 2007 / 2010 Mailbox server(s) ActiveSync front-end server Front End, ISA, TMG CAS Zenprise SMG Filter Secure Mobile Gateway - ISAPI Filter Enrollment and Device blocking Corporate Network© 2012 Zenprise, Inc. All rights reserved. 11
  • 13. World-Class Services, Support, and Training Global, 24x7x365 Support all time zones, key local languages Top Professionals Demonstrated Commitment  Clear, published SLAs Avg. 10 years’ experience  Robust service offerings  Comprehensive, flexible training Avg. BS in CS, EE, MIS  Support options: web, phone, social media  5x growth in support org in past year© 2012 Zenprise, Inc. All rights reserved. 12
  • 14. © 2012 Zenprise, Inc. All rights reserved. 13
  • 15. Mobile Device Lifecycle Management© 2012 Zenprise, Inc. All rights reserved. 14
  • 16. Enterprise-Grade (On Premise) Secure, Available, Scalable INTERNET DMZ LAN Three ports inbound: 80, 443, 8443 Real- time LDAP integ- LDAP ration External DB support (no data Database in DMZ) HA / active-active, load- balanced, scale-out© 2012 Zenprise, Inc. All rights reserved. 15
  • 17. Enterprise-Grade (Cloud) Secure, Available, Data Reliable, and Scalable CORPORATE Secure Separate DB instance SECURE CLOUD corporate for each customer (no access data co-mingled) LDAP PKI App Servers INTERNET Customer 1 Load-balancing with HA proxy Customer 2 Highly-available, Administrative Console scalable, redundant Customer 3© 2012 Zenprise, Inc. All rights reserved. 16