SlideShare a Scribd company logo

2012 ah vegas deploying byod

Aruba, a Hewlett Packard Enterprise company
Aruba, a Hewlett Packard Enterprise company
TravelTechnology
1 of 21
Download to read offline
CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 1
CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 2 DEPLOYING BYOD: ONBOARDING, PROVISIONING, POLICY, REPORTING Presented by Aruba Networks March 2012
3 3 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved The BYOD Challenges Trusted •  Company-owned •  Fully managed •  Fully controlled Corporate Liable Employee Liable Tolerated •  Company or Employee owned •  Limited visibility •  Limited control How do I: •  Maintain visibility & control? •  Deliver secure, differentiated access? •  Simplify device provisioning? Requirement: Securely Onboard Mobile Devices
4 4 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Device Access Controls Join BYOD Domain Visibility & Reporting Onboard Device 1 2 3 4 ClearPass Enables Secure Network Access for Mobile Devices
5 5 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Join the BYOD Domain •  Supplicant Config •  Push Trusted Cert •  Enable Posture •  Set Auth type •  Enrolment workflow •  Authorize User to provision device •  Device credential push •  Link User to Device •  Complete view device & network •  Command & Control •  Inventory •  Diagnostics •  Revoke Device Access •  Device Profiling •  Role Derivation •  Corp vs Employee Liable Device Access Controls Join BYOD Domain Visibility & Reporting Onboard Device 1 2 3 4
CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 66 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved BYOD Building Blocks
7 7 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Foundation Technologies for BYOD •  Device Profiling –  Accurately determine device, force enrollment or deny access •  Enrollment and Provisioning Workflow –  Clean user self managed onboarding process, no IT involvement •  Context Aware Policy Enforcement –  Implement business policy for BYOD access, multi-contextual •  BYOD lifecycle management –  Device inventory, revoke network access, more to come . . .
8 8 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 5-Tier Device Profiling CPPM BYOD Guest NETWORK PROTOCOL CORRELATION DEVICE ACCESS HEURISTICS IDENTITY & MESSAGING CLIENT INSPECTION ACCURACY BASELINE FINGERPRINTING Model: Galaxy Tab T849
9 9 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Enrollment & Provisioning Workflow Limited Access Zone Active DirectoryDevice Credential Access Network ClearPass Policy Manager 1. Authorize BYOD enrollment based on AD credentials 2.Register device type & ownership Provision a unique device credential for that user & device 3. + Revoke access for devices that are lost or stolen 4.
10 10 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Context Aware Policy Definition Point Policy VPN
11 11 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Granular Policy Enforcement at the Access Layer Policy Enforcement Firewall (PEF) Instant AP Mobility Controller Mobility Access Switch Identify the Connection Classify the Traffic Control Optimize the Air Follow the UserAccess per Packet 1101010001001111100
12 12 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved BYOD lifecycle management Revoke Device Network Access Device Inventory Data Realtime Dashboard of BYOD Access Enforcement of BYOD Access Policies
CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 1313 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved BYOD Examples
14 14 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved BYOD Policy Examples 1.  Executive BYOD iPad –  Unique Device Credential 802.1x authentication à BYOD Exec 2.  Employee BYOD Windows Laptop –  Unique Device Credential 802.1x authentication à BYOD LAZ 3.  Executive BYOD MacBook –  Unique Device Credential 802.1x authentication à BYOD Exec 4.  Employee BYOD Android Tablet –  Unique Device Credential 802.1x authentication à BYOD LAZ
15 15 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Example BYOD Policy Enforcement OnrampsPolicy Definition Point (PDP) RAP or VIA Aruba Wireless Controller S-3500 Switch Cisco Switch ClearPass Policy Manager Active Directory Enforcement Executives Employee1- Employee5 Employees Employee6- Employee15 Employee Role •  Unrestricted BYOD-Exec Role •  Unlimited Bandwidth •  Intranet Sites •  Payroll Server BYOD-LAZ Role •  Bandwidth = 1 Mbps •  Intranet sites VLAN 681 •  Access based on FW Guest Role •  Internet only Identity Stores
16 16 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 1. Executive BYOD iPad Expected Result: BYOD Exec à Exec Access Zone + unrestricted bandwidth http://www.arubanetworks.com/video.php?v=case-studies/iPad_BYOD.mov&w=960&h=540 1.  iPad connected to PoC-Employee using cached credentials 2.  BYOD device detected & iPad forced to device provisioning page 3.  Executive authorizes with domain credentials & unique device credentials & supplicant configuration pushed to the iPad 4.  iPad disconnected & re-authenticates with new provisioned credentials
17 17 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 2. Employee BYOD Windows Laptop 1.  Laptop connected to PoC-Employee using cached credentials 2.  BYOD device detected & Laptop forced to device provisioning page 3.  Employee authorizes with domain credentials & unique device credentials & supplicant configuration pushed to the Laptop 4.  Laptop disconnected & re-authenticates with new provisioned credentials Expected Result: BYOD LAZ à Limited Access Zone + 512K bandwidth http://www.arubanetworks.com/video.php?v=case-studies/Windows_BYOD.mov&w=960&h=540
18 18 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 3. Executive BYOD MacBook 1.  MacBook connected to PoC-Employee using cached credentials 2.  BYOD device detected & MacBook forced to device provisioning page 3.  Executive authorizes with domain credentials & unique device credentials & supplicant configuration pushed to the MacBook 4.  MacBook disconnected & re-authenticates with new provisioned credentials Expected Result: BYOD Exec à Exec Access Zone + unrestricted bandwidth http://www.arubanetworks.com/video.php?v=case-studies/Macbook_BYOD.mov&w=960&h=540
19 19 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 4. Employee BYOD Android Tablet 1.  Android connected to PoC-Employee using cached credentials 2.  BYOD device detected & Android forced to device provisioning page 3.  Android App downloaded. Executive authorizes with domain credentials & unique device credentials & supplicant configuration pushed to the Android 4.  Android disconnected & re-authenticates with new provisioned credentials Expected Result: BYOD LAZ à Limited Access Zone + 512K bandwidth http://www.arubanetworks.com/video.php?v=case-studies/Android_BYOD.mov&w=960&h=540
20 20 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Summary: 5 Tips for BYOD •  Define your BYOD Access Policy –  Limited Access Zone, Which devices, Bandwidth Contracts •  Device Aware Access Network –  Device Profiling, ability to force enrollment workflow •  Granular Policy Definition & Enforcement –  Centralized policy creation, role based enforcement •  User Managed Onboarding Process –  Avoid Help Desk load, install trusted certs, profile device details •  Method to Revoke Device Access Critical –  Unique device credential, lost device or employee leaves
CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 2121 Have fun tonight!!

Recommended

Outdoor network engineering jeffrey weaver
Outdoor network engineering jeffrey weaverOutdoor network engineering jeffrey weaver
Outdoor network engineering jeffrey weaverAruba, a Hewlett Packard Enterprise company
 
Airheads vail 2011 air wave overview
Airheads vail 2011 air wave overviewAirheads vail 2011 air wave overview
Airheads vail 2011 air wave overviewAruba, a Hewlett Packard Enterprise company
 
2012 ah apj wlan security fundamentals
2012 ah apj wlan security fundamentals2012 ah apj wlan security fundamentals
2012 ah apj wlan security fundamentalsAruba, a Hewlett Packard Enterprise company
 
Mobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjaliMobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjaliAruba, a Hewlett Packard Enterprise company
 
2012 ah apj wlan design fundamentals
2012 ah apj wlan design fundamentals2012 ah apj wlan design fundamentals
2012 ah apj wlan design fundamentalsAruba, a Hewlett Packard Enterprise company
 
Remote Wireless LANs
Remote Wireless LANsRemote Wireless LANs
Remote Wireless LANsAruba, a Hewlett Packard Enterprise company
 
Migrating to the 7200 controller george anderson marcus christensen
Migrating to the 7200 controller george anderson marcus christensenMigrating to the 7200 controller george anderson marcus christensen
Migrating to the 7200 controller george anderson marcus christensenAruba, a Hewlett Packard Enterprise company
 
Case study migrating 1800 a ps to 7240 mobility controllers_douglas burke_ste...
Case study migrating 1800 a ps to 7240 mobility controllers_douglas burke_ste...Case study migrating 1800 a ps to 7240 mobility controllers_douglas burke_ste...
Case study migrating 1800 a ps to 7240 mobility controllers_douglas burke_ste...Aruba, a Hewlett Packard Enterprise company
 

Recommended

Outdoor network engineering jeffrey weaver
Outdoor network engineering jeffrey weaverOutdoor network engineering jeffrey weaver
Outdoor network engineering jeffrey weaverAruba, a Hewlett Packard Enterprise company
 
Airheads vail 2011 air wave overview
Airheads vail 2011 air wave overviewAirheads vail 2011 air wave overview
Airheads vail 2011 air wave overviewAruba, a Hewlett Packard Enterprise company
 
2012 ah apj wlan security fundamentals
2012 ah apj wlan security fundamentals2012 ah apj wlan security fundamentals
2012 ah apj wlan security fundamentalsAruba, a Hewlett Packard Enterprise company
 
Mobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjaliMobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjaliAruba, a Hewlett Packard Enterprise company
 
2012 ah apj wlan design fundamentals
2012 ah apj wlan design fundamentals2012 ah apj wlan design fundamentals
2012 ah apj wlan design fundamentalsAruba, a Hewlett Packard Enterprise company
 
Remote Wireless LANs
Remote Wireless LANsRemote Wireless LANs
Remote Wireless LANsAruba, a Hewlett Packard Enterprise company
 
Migrating to the 7200 controller george anderson marcus christensen
Migrating to the 7200 controller george anderson marcus christensenMigrating to the 7200 controller george anderson marcus christensen
Migrating to the 7200 controller george anderson marcus christensenAruba, a Hewlett Packard Enterprise company
 
Case study migrating 1800 a ps to 7240 mobility controllers_douglas burke_ste...
Case study migrating 1800 a ps to 7240 mobility controllers_douglas burke_ste...Case study migrating 1800 a ps to 7240 mobility controllers_douglas burke_ste...
Case study migrating 1800 a ps to 7240 mobility controllers_douglas burke_ste...Aruba, a Hewlett Packard Enterprise company
 
Industry breakout government military forum_jon green_stuart schulte
Industry breakout government military forum_jon green_stuart schulteIndustry breakout government military forum_jon green_stuart schulte
Industry breakout government military forum_jon green_stuart schulteAruba, a Hewlett Packard Enterprise company
 
Building an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubiaBuilding an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubiaAruba, a Hewlett Packard Enterprise company
 
2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentalsAruba, a Hewlett Packard Enterprise company
 
2012 ah emea top 10 tips from aruba tac
2012 ah emea top 10 tips from aruba tac 2012 ah emea top 10 tips from aruba tac
2012 ah emea top 10 tips from aruba tac Aruba, a Hewlett Packard Enterprise company
 
2012 ah apj wi fi design for voice & video
2012 ah apj wi fi design for voice & video2012 ah apj wi fi design for voice & video
2012 ah apj wi fi design for voice & videoAruba, a Hewlett Packard Enterprise company
 
2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentalsAruba, a Hewlett Packard Enterprise company
 
Security advanced rich langston_jon green
Security advanced rich langston_jon greenSecurity advanced rich langston_jon green
Security advanced rich langston_jon greenAruba, a Hewlett Packard Enterprise company
 
8 software defined networking and traffic engineering partha narasimhan_ash c...
8 software defined networking and traffic engineering partha narasimhan_ash c...8 software defined networking and traffic engineering partha narasimhan_ash c...
8 software defined networking and traffic engineering partha narasimhan_ash c...Aruba, a Hewlett Packard Enterprise company
 
2012 ah emea advanced mobility design
2012 ah emea advanced mobility design2012 ah emea advanced mobility design
2012 ah emea advanced mobility designAruba, a Hewlett Packard Enterprise company
 
2012 ah vegas rf troubleshooting
2012 ah vegas rf troubleshooting2012 ah vegas rf troubleshooting
2012 ah vegas rf troubleshootingAruba, a Hewlett Packard Enterprise company
 
2 top10 tips from aruba tac rizwan shaikh
2 top10 tips from aruba tac rizwan shaikh2 top10 tips from aruba tac rizwan shaikh
2 top10 tips from aruba tac rizwan shaikhAruba, a Hewlett Packard Enterprise company
 
BYOD with ClearPass
BYOD with ClearPassBYOD with ClearPass
BYOD with ClearPassAruba, a Hewlett Packard Enterprise company
 
2012 ah vegas wlan design for high density
2012 ah vegas wlan design for high density2012 ah vegas wlan design for high density
2012 ah vegas wlan design for high densityAruba, a Hewlett Packard Enterprise company
 
Next generation remote networks aruba instant gokul rajagopalan
Next generation remote networks aruba instant gokul rajagopalanNext generation remote networks aruba instant gokul rajagopalan
Next generation remote networks aruba instant gokul rajagopalanAruba, a Hewlett Packard Enterprise company
 
4 healthcare forum deploying vocera on aruba wlan_kevin huey
4 healthcare forum deploying vocera on aruba wlan_kevin huey4 healthcare forum deploying vocera on aruba wlan_kevin huey
4 healthcare forum deploying vocera on aruba wlan_kevin hueyAruba, a Hewlett Packard Enterprise company
 
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Aruba, a Hewlett Packard Enterprise company
 
Industry breakout focus on education open_dns_andy logan
Industry breakout focus on education open_dns_andy loganIndustry breakout focus on education open_dns_andy logan
Industry breakout focus on education open_dns_andy loganAruba, a Hewlett Packard Enterprise company
 
2012 ah apj mobile device fundamentals
2012 ah apj mobile device fundamentals2012 ah apj mobile device fundamentals
2012 ah apj mobile device fundamentalsAruba, a Hewlett Packard Enterprise company
 
Aruba instant the easy button for wireless gokul rajagopalan
Aruba instant the easy button for wireless gokul rajagopalanAruba instant the easy button for wireless gokul rajagopalan
Aruba instant the easy button for wireless gokul rajagopalanAruba, a Hewlett Packard Enterprise company
 
Spectralink airheads 2013
Spectralink airheads 2013Spectralink airheads 2013
Spectralink airheads 2013Aruba, a Hewlett Packard Enterprise company
 
2012 ah emea deploying byod
2012 ah emea deploying byod2012 ah emea deploying byod
2012 ah emea deploying byodAruba, a Hewlett Packard Enterprise company
 
2012 ah apj deploying byod
2012 ah apj deploying byod2012 ah apj deploying byod
2012 ah apj deploying byodAruba, a Hewlett Packard Enterprise company
 

More Related Content

What's hot

8 software defined networking and traffic engineering partha narasimhan_ash c...
8 software defined networking and traffic engineering partha narasimhan_ash c...8 software defined networking and traffic engineering partha narasimhan_ash c...
8 software defined networking and traffic engineering partha narasimhan_ash c...Aruba, a Hewlett Packard Enterprise company
 
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Aruba, a Hewlett Packard Enterprise company
 

What's hot (20)

Industry breakout government military forum_jon green_stuart schulte
Industry breakout government military forum_jon green_stuart schulteIndustry breakout government military forum_jon green_stuart schulte
Industry breakout government military forum_jon green_stuart schulte
 
Building an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubiaBuilding an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubia
 
2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals
 
2012 ah emea top 10 tips from aruba tac
2012 ah emea top 10 tips from aruba tac 2012 ah emea top 10 tips from aruba tac
2012 ah emea top 10 tips from aruba tac
 
2012 ah apj wi fi design for voice & video
2012 ah apj wi fi design for voice & video2012 ah apj wi fi design for voice & video
2012 ah apj wi fi design for voice & video
 
2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals
 
Security advanced rich langston_jon green
Security advanced rich langston_jon greenSecurity advanced rich langston_jon green
Security advanced rich langston_jon green
 
8 software defined networking and traffic engineering partha narasimhan_ash c...
8 software defined networking and traffic engineering partha narasimhan_ash c...8 software defined networking and traffic engineering partha narasimhan_ash c...
8 software defined networking and traffic engineering partha narasimhan_ash c...
 
2012 ah emea advanced mobility design
2012 ah emea advanced mobility design2012 ah emea advanced mobility design
2012 ah emea advanced mobility design
 
2012 ah vegas rf troubleshooting
2012 ah vegas rf troubleshooting2012 ah vegas rf troubleshooting
2012 ah vegas rf troubleshooting
 
2 top10 tips from aruba tac rizwan shaikh
2 top10 tips from aruba tac rizwan shaikh2 top10 tips from aruba tac rizwan shaikh
2 top10 tips from aruba tac rizwan shaikh
 
BYOD with ClearPass
BYOD with ClearPassBYOD with ClearPass
BYOD with ClearPass
 
2012 ah vegas wlan design for high density
2012 ah vegas wlan design for high density2012 ah vegas wlan design for high density
2012 ah vegas wlan design for high density
 
Next generation remote networks aruba instant gokul rajagopalan
Next generation remote networks aruba instant gokul rajagopalanNext generation remote networks aruba instant gokul rajagopalan
Next generation remote networks aruba instant gokul rajagopalan
 
4 healthcare forum deploying vocera on aruba wlan_kevin huey
4 healthcare forum deploying vocera on aruba wlan_kevin huey4 healthcare forum deploying vocera on aruba wlan_kevin huey
4 healthcare forum deploying vocera on aruba wlan_kevin huey
 
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
 
Industry breakout focus on education open_dns_andy logan
Industry breakout focus on education open_dns_andy loganIndustry breakout focus on education open_dns_andy logan
Industry breakout focus on education open_dns_andy logan
 
2012 ah apj mobile device fundamentals
2012 ah apj mobile device fundamentals2012 ah apj mobile device fundamentals
2012 ah apj mobile device fundamentals
 
Aruba instant the easy button for wireless gokul rajagopalan
Aruba instant the easy button for wireless gokul rajagopalanAruba instant the easy button for wireless gokul rajagopalan
Aruba instant the easy button for wireless gokul rajagopalan
 
Spectralink airheads 2013
Spectralink airheads 2013Spectralink airheads 2013
Spectralink airheads 2013
 

Viewers also liked

Viewers also liked (20)

2012 ah emea deploying byod
2012 ah emea deploying byod2012 ah emea deploying byod
2012 ah emea deploying byod
 
2012 ah apj deploying byod
2012 ah apj deploying byod2012 ah apj deploying byod
2012 ah apj deploying byod
 
Do d directives regarding wireless lan
Do d directives regarding wireless lanDo d directives regarding wireless lan
Do d directives regarding wireless lan
 
Airheads vail 2011 amigopod overview
Airheads vail 2011 amigopod overviewAirheads vail 2011 amigopod overview
Airheads vail 2011 amigopod overview
 
Guest wlan via gu iv3
Guest wlan via gu iv3Guest wlan via gu iv3
Guest wlan via gu iv3
 
Mac authentication amigopod radius
Mac authentication amigopod radiusMac authentication amigopod radius
Mac authentication amigopod radius
 
Creating an 802 1 xv3
Creating an 802 1 xv3Creating an 802 1 xv3
Creating an 802 1 xv3
 
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
 
Aruba networks webinar_wi-fi_without_interruption_sep20_2012
Aruba networks webinar_wi-fi_without_interruption_sep20_2012Aruba networks webinar_wi-fi_without_interruption_sep20_2012
Aruba networks webinar_wi-fi_without_interruption_sep20_2012
 
2012 ah vegas unified access fundamentals
2012 ah vegas unified access fundamentals2012 ah vegas unified access fundamentals
2012 ah vegas unified access fundamentals
 
Gigabit wifi 802.11 ac in depth_peter thornycroft
Gigabit wifi 802.11 ac in depth_peter thornycroftGigabit wifi 802.11 ac in depth_peter thornycroft
Gigabit wifi 802.11 ac in depth_peter thornycroft
 
2012 ah vegas guest access fundamentals
2012 ah vegas guest access fundamentals2012 ah vegas guest access fundamentals
2012 ah vegas guest access fundamentals
 
Hello instant 0612_1a
Hello instant 0612_1aHello instant 0612_1a
Hello instant 0612_1a
 
2012 ah vegas top10 tips from aruba tac
2012 ah vegas top10 tips from aruba tac2012 ah vegas top10 tips from aruba tac
2012 ah vegas top10 tips from aruba tac
 
Airheads vail 2011 pci 2.0 compliance
Airheads vail 2011 pci 2.0 complianceAirheads vail 2011 pci 2.0 compliance
Airheads vail 2011 pci 2.0 compliance
 
2012 ah vegas remote networking fundamentals
2012 ah vegas remote networking fundamentals2012 ah vegas remote networking fundamentals
2012 ah vegas remote networking fundamentals
 
Aruba webinar dorm wi fi design v4
Aruba webinar dorm wi fi design v4Aruba webinar dorm wi fi design v4
Aruba webinar dorm wi fi design v4
 
2012 ah apj guest access fundamentals
2012 ah apj guest access fundamentals2012 ah apj guest access fundamentals
2012 ah apj guest access fundamentals
 
Advanced rf troubleshooting_peter lane
Advanced rf troubleshooting_peter laneAdvanced rf troubleshooting_peter lane
Advanced rf troubleshooting_peter lane
 
Air waveupdate sujathamandava
Air waveupdate sujathamandavaAir waveupdate sujathamandava
Air waveupdate sujathamandava
 

Similar to 2012 ah vegas deploying byod

Enable your networks to support enterprise mobility
Enable your networks to support enterprise mobilityEnable your networks to support enterprise mobility
Enable your networks to support enterprise mobilityAlcatel-Lucent Enterprise
 
Express Data - BYOD
Express Data - BYODExpress Data - BYOD
Express Data - BYODGen-i
 
Express Data - BYOD
Express Data - BYODExpress Data - BYOD
Express Data - BYODGen-i
 
ReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered serviceReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered serviceGen-i
 
IMS WebRTC Workshop Oracle
IMS WebRTC Workshop OracleIMS WebRTC Workshop Oracle
IMS WebRTC Workshop OracleAlan Quayle
 
Securing Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessSecuring Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessCloudflare
 
Securing Internal Applications with Cloudflare Access - April 2018
Securing Internal Applications with Cloudflare Access - April 2018Securing Internal Applications with Cloudflare Access - April 2018
Securing Internal Applications with Cloudflare Access - April 2018Meghan Weinreich
 

Similar to 2012 ah vegas deploying byod (20)

Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
 
2012 ah apj keynote - technology update
2012 ah apj keynote - technology update2012 ah apj keynote - technology update
2012 ah apj keynote - technology update
 
Adaptive Trust Security
Adaptive Trust SecurityAdaptive Trust Security
Adaptive Trust Security
 
Shanghai Breakout: Access Management with Aruba ClearPass
Shanghai Breakout: Access Management with Aruba ClearPassShanghai Breakout: Access Management with Aruba ClearPass
Shanghai Breakout: Access Management with Aruba ClearPass
 
Enable your networks to support enterprise mobility
Enable your networks to support enterprise mobilityEnable your networks to support enterprise mobility
Enable your networks to support enterprise mobility
 
Ppt ebo
Ppt eboPpt ebo
Ppt ebo
 
Understanding AWS security
Understanding AWS securityUnderstanding AWS security
Understanding AWS security
 
Express Data - BYOD
Express Data - BYODExpress Data - BYOD
Express Data - BYOD
 
Express Data - BYOD
Express Data - BYODExpress Data - BYOD
Express Data - BYOD
 
ReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered serviceReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered service
 
Enabling AirPrint & AirPlay on Your Network
Enabling AirPrint & AirPlay on Your NetworkEnabling AirPrint & AirPlay on Your Network
Enabling AirPrint & AirPlay on Your Network
 
BYOD without Compromise
BYOD without CompromiseBYOD without Compromise
BYOD without Compromise
 
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf ItalyAdvanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
 
Defining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access NetworksDefining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access Networks
 
Breakout - Airheads Macau 2013 - Cloud WiFi
Breakout - Airheads Macau 2013 - Cloud WiFiBreakout - Airheads Macau 2013 - Cloud WiFi
Breakout - Airheads Macau 2013 - Cloud WiFi
 
IMS WebRTC Workshop Oracle
IMS WebRTC Workshop OracleIMS WebRTC Workshop Oracle
IMS WebRTC Workshop Oracle
 
Secure Enterprise Mobility
Secure Enterprise MobilitySecure Enterprise Mobility
Secure Enterprise Mobility
 
Securing Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessSecuring Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare Access
 
Securing Internal Applications with Cloudflare Access - April 2018
Securing Internal Applications with Cloudflare Access - April 2018Securing Internal Applications with Cloudflare Access - April 2018
Securing Internal Applications with Cloudflare Access - April 2018
 
Air heads rio 2010 aruba pef overview
Air heads rio 2010 aruba pef overviewAir heads rio 2010 aruba pef overview
Air heads rio 2010 aruba pef overview
 

More from Aruba, a Hewlett Packard Enterprise company

More from Aruba, a Hewlett Packard Enterprise company (20)

Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
 
Airheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard AgentsAirheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard Agents
 
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.x
 
EMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralEMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba Central
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
 
EMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS SwitchEMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS Switch
 
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS SwitchEMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
 
Introduction to AirWave 10
Introduction to AirWave 10Introduction to AirWave 10
Introduction to AirWave 10
 
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS SwitchEMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
 
EMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APEMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant AP
 
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.xEMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
 
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPMEMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
 
EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP Deployment
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)
 
EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2 EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2
 
Airheads Meetups: 8400 Presentation
Airheads Meetups: 8400 PresentationAirheads Meetups: 8400 Presentation
Airheads Meetups: 8400 Presentation
 
Airheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau PresentationAirheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau Presentation
 
Airheads Meetups- High density WLAN
Airheads Meetups- High density WLANAirheads Meetups- High density WLAN
Airheads Meetups- High density WLAN
 
Airheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes ArubaAirheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes Aruba
 

Recently uploaded

Top 10 Traditional Indian Handicrafts.pptx
Top 10 Traditional Indian Handicrafts.pptxTop 10 Traditional Indian Handicrafts.pptx
Top 10 Traditional Indian Handicrafts.pptxdishha99
 
Akshay Mehndiratta Summer Special Light Meal Ideas From Across India.pptx
Akshay Mehndiratta Summer Special Light Meal Ideas From Across India.pptxAkshay Mehndiratta Summer Special Light Meal Ideas From Across India.pptx
Akshay Mehndiratta Summer Special Light Meal Ideas From Across India.pptxAkshay Mehndiratta
 
(8264348440) 🔝 Call Girls In Nand Nagri 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Nand Nagri 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Nand Nagri 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Nand Nagri 🔝 Delhi NCRsoniya singh
 
Night 7k Call Girls Noida Sector 93 Escorts Call Me: 8448380779
Night 7k Call Girls Noida Sector 93 Escorts Call Me: 8448380779Night 7k Call Girls Noida Sector 93 Escorts Call Me: 8448380779
Night 7k Call Girls Noida Sector 93 Escorts Call Me: 8448380779Delhi Call girls
 
Dubai Call Girls O528786472 Call Girls Dubai Big Juicy
Dubai Call Girls O528786472 Call Girls Dubai Big JuicyDubai Call Girls O528786472 Call Girls Dubai Big Juicy
Dubai Call Girls O528786472 Call Girls Dubai Big Juicyhf8803863
 
Hoi An Ancient Town, Vietnam (越南 會安古鎮).ppsx
Hoi An Ancient Town, Vietnam (越南 會安古鎮).ppsxHoi An Ancient Town, Vietnam (越南 會安古鎮).ppsx
Hoi An Ancient Town, Vietnam (越南 會安古鎮).ppsxChung Yen Chang
 
08448380779 Call Girls In Shahdara Women Seeking Men
08448380779 Call Girls In Shahdara Women Seeking Men08448380779 Call Girls In Shahdara Women Seeking Men
08448380779 Call Girls In Shahdara Women Seeking MenDelhi Call girls
 
A Comprehensive Guide to The Types of Dubai Residence Visas.pdf
A Comprehensive Guide to The Types of Dubai Residence Visas.pdfA Comprehensive Guide to The Types of Dubai Residence Visas.pdf
A Comprehensive Guide to The Types of Dubai Residence Visas.pdfDisha Global Tours
 
best weekend places near delhi where you should visit.pdf
best weekend places near delhi where you should visit.pdfbest weekend places near delhi where you should visit.pdf
best weekend places near delhi where you should visit.pdftour guide
 
Moving to Italy - A Relocation Rollercoaster
Moving to Italy - A Relocation RollercoasterMoving to Italy - A Relocation Rollercoaster
Moving to Italy - A Relocation RollercoasterStefSmulders1
 
How can I fly with the British Airways Unaccompanied Minor Policy?
How can I fly with the British Airways Unaccompanied Minor Policy?How can I fly with the British Airways Unaccompanied Minor Policy?
How can I fly with the British Airways Unaccompanied Minor Policy?flightsvillacom
 
VIP Call Girls in Noida 9711199012 Escorts in Greater Noida,Ms
VIP Call Girls in Noida 9711199012 Escorts in Greater Noida,MsVIP Call Girls in Noida 9711199012 Escorts in Greater Noida,Ms
VIP Call Girls in Noida 9711199012 Escorts in Greater Noida,Msankitnayak356677
 
08448380779 Call Girls In Chhattarpur Women Seeking Men
08448380779 Call Girls In Chhattarpur Women Seeking Men08448380779 Call Girls In Chhattarpur Women Seeking Men
08448380779 Call Girls In Chhattarpur Women Seeking MenDelhi Call girls
 
Exploring Sicily Your Comprehensive Ebook Travel Guide
Exploring Sicily Your Comprehensive Ebook Travel GuideExploring Sicily Your Comprehensive Ebook Travel Guide
Exploring Sicily Your Comprehensive Ebook Travel GuideTime for Sicily
 
BERMUDA Triangle the mystery of life.pptx
BERMUDA Triangle the mystery of life.pptxBERMUDA Triangle the mystery of life.pptx
BERMUDA Triangle the mystery of life.pptxseribangash
 
Italia Lucca 1 Un tesoro nascosto tra le sue mura
Italia Lucca 1 Un tesoro nascosto tra le sue muraItalia Lucca 1 Un tesoro nascosto tra le sue mura
Italia Lucca 1 Un tesoro nascosto tra le sue murasandamichaela *
 
DARK TRAVEL AGENCY presented by Khuda Bux
DARK TRAVEL AGENCY presented by Khuda BuxDARK TRAVEL AGENCY presented by Khuda Bux
DARK TRAVEL AGENCY presented by Khuda BuxBeEducate
 
"Fly with Ease: Booking Your Flights with Air Europa"
"Fly with Ease: Booking Your Flights with Air Europa""Fly with Ease: Booking Your Flights with Air Europa"
"Fly with Ease: Booking Your Flights with Air Europa"flyn goo
 

Recently uploaded (20)

Top 10 Traditional Indian Handicrafts.pptx
Top 10 Traditional Indian Handicrafts.pptxTop 10 Traditional Indian Handicrafts.pptx
Top 10 Traditional Indian Handicrafts.pptx
 
Akshay Mehndiratta Summer Special Light Meal Ideas From Across India.pptx
Akshay Mehndiratta Summer Special Light Meal Ideas From Across India.pptxAkshay Mehndiratta Summer Special Light Meal Ideas From Across India.pptx
Akshay Mehndiratta Summer Special Light Meal Ideas From Across India.pptx
 
Rohini Sector 18 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 18 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 18 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 18 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
(8264348440) 🔝 Call Girls In Nand Nagri 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Nand Nagri 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Nand Nagri 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Nand Nagri 🔝 Delhi NCR
 
Night 7k Call Girls Noida Sector 93 Escorts Call Me: 8448380779
Night 7k Call Girls Noida Sector 93 Escorts Call Me: 8448380779Night 7k Call Girls Noida Sector 93 Escorts Call Me: 8448380779
Night 7k Call Girls Noida Sector 93 Escorts Call Me: 8448380779
 
Dubai Call Girls O528786472 Call Girls Dubai Big Juicy
Dubai Call Girls O528786472 Call Girls Dubai Big JuicyDubai Call Girls O528786472 Call Girls Dubai Big Juicy
Dubai Call Girls O528786472 Call Girls Dubai Big Juicy
 
Hoi An Ancient Town, Vietnam (越南 會安古鎮).ppsx
Hoi An Ancient Town, Vietnam (越南 會安古鎮).ppsxHoi An Ancient Town, Vietnam (越南 會安古鎮).ppsx
Hoi An Ancient Town, Vietnam (越南 會安古鎮).ppsx
 
08448380779 Call Girls In Shahdara Women Seeking Men
08448380779 Call Girls In Shahdara Women Seeking Men08448380779 Call Girls In Shahdara Women Seeking Men
08448380779 Call Girls In Shahdara Women Seeking Men
 
A Comprehensive Guide to The Types of Dubai Residence Visas.pdf
A Comprehensive Guide to The Types of Dubai Residence Visas.pdfA Comprehensive Guide to The Types of Dubai Residence Visas.pdf
A Comprehensive Guide to The Types of Dubai Residence Visas.pdf
 
best weekend places near delhi where you should visit.pdf
best weekend places near delhi where you should visit.pdfbest weekend places near delhi where you should visit.pdf
best weekend places near delhi where you should visit.pdf
 
Moving to Italy - A Relocation Rollercoaster
Moving to Italy - A Relocation RollercoasterMoving to Italy - A Relocation Rollercoaster
Moving to Italy - A Relocation Rollercoaster
 
How can I fly with the British Airways Unaccompanied Minor Policy?
How can I fly with the British Airways Unaccompanied Minor Policy?How can I fly with the British Airways Unaccompanied Minor Policy?
How can I fly with the British Airways Unaccompanied Minor Policy?
 
Call Girls In Munirka 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In Munirka 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In Munirka 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In Munirka 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
VIP Call Girls in Noida 9711199012 Escorts in Greater Noida,Ms
VIP Call Girls in Noida 9711199012 Escorts in Greater Noida,MsVIP Call Girls in Noida 9711199012 Escorts in Greater Noida,Ms
VIP Call Girls in Noida 9711199012 Escorts in Greater Noida,Ms
 
08448380779 Call Girls In Chhattarpur Women Seeking Men
08448380779 Call Girls In Chhattarpur Women Seeking Men08448380779 Call Girls In Chhattarpur Women Seeking Men
08448380779 Call Girls In Chhattarpur Women Seeking Men
 
Exploring Sicily Your Comprehensive Ebook Travel Guide
Exploring Sicily Your Comprehensive Ebook Travel GuideExploring Sicily Your Comprehensive Ebook Travel Guide
Exploring Sicily Your Comprehensive Ebook Travel Guide
 
BERMUDA Triangle the mystery of life.pptx
BERMUDA Triangle the mystery of life.pptxBERMUDA Triangle the mystery of life.pptx
BERMUDA Triangle the mystery of life.pptx
 
Italia Lucca 1 Un tesoro nascosto tra le sue mura
Italia Lucca 1 Un tesoro nascosto tra le sue muraItalia Lucca 1 Un tesoro nascosto tra le sue mura
Italia Lucca 1 Un tesoro nascosto tra le sue mura
 
DARK TRAVEL AGENCY presented by Khuda Bux
DARK TRAVEL AGENCY presented by Khuda BuxDARK TRAVEL AGENCY presented by Khuda Bux
DARK TRAVEL AGENCY presented by Khuda Bux
 
"Fly with Ease: Booking Your Flights with Air Europa"
"Fly with Ease: Booking Your Flights with Air Europa""Fly with Ease: Booking Your Flights with Air Europa"
"Fly with Ease: Booking Your Flights with Air Europa"
 

2012 ah vegas deploying byod

  • 1. CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 1
  • 2. CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 2 DEPLOYING BYOD: ONBOARDING, PROVISIONING, POLICY, REPORTING Presented by Aruba Networks March 2012
  • 3. 3 3 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved The BYOD Challenges Trusted •  Company-owned •  Fully managed •  Fully controlled Corporate Liable Employee Liable Tolerated •  Company or Employee owned •  Limited visibility •  Limited control How do I: •  Maintain visibility & control? •  Deliver secure, differentiated access? •  Simplify device provisioning? Requirement: Securely Onboard Mobile Devices
  • 4. 4 4 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Device Access Controls Join BYOD Domain Visibility & Reporting Onboard Device 1 2 3 4 ClearPass Enables Secure Network Access for Mobile Devices
  • 5. 5 5 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Join the BYOD Domain •  Supplicant Config •  Push Trusted Cert •  Enable Posture •  Set Auth type •  Enrolment workflow •  Authorize User to provision device •  Device credential push •  Link User to Device •  Complete view device & network •  Command & Control •  Inventory •  Diagnostics •  Revoke Device Access •  Device Profiling •  Role Derivation •  Corp vs Employee Liable Device Access Controls Join BYOD Domain Visibility & Reporting Onboard Device 1 2 3 4
  • 6. CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 66 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved BYOD Building Blocks
  • 7. 7 7 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Foundation Technologies for BYOD •  Device Profiling –  Accurately determine device, force enrollment or deny access •  Enrollment and Provisioning Workflow –  Clean user self managed onboarding process, no IT involvement •  Context Aware Policy Enforcement –  Implement business policy for BYOD access, multi-contextual •  BYOD lifecycle management –  Device inventory, revoke network access, more to come . . .
  • 8. 8 8 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 5-Tier Device Profiling CPPM BYOD Guest NETWORK PROTOCOL CORRELATION DEVICE ACCESS HEURISTICS IDENTITY & MESSAGING CLIENT INSPECTION ACCURACY BASELINE FINGERPRINTING Model: Galaxy Tab T849
  • 9. 9 9 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Enrollment & Provisioning Workflow Limited Access Zone Active DirectoryDevice Credential Access Network ClearPass Policy Manager 1. Authorize BYOD enrollment based on AD credentials 2.Register device type & ownership Provision a unique device credential for that user & device 3. + Revoke access for devices that are lost or stolen 4.
  • 10. 10 10 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Context Aware Policy Definition Point Policy VPN
  • 11. 11 11 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Granular Policy Enforcement at the Access Layer Policy Enforcement Firewall (PEF) Instant AP Mobility Controller Mobility Access Switch Identify the Connection Classify the Traffic Control Optimize the Air Follow the UserAccess per Packet 1101010001001111100
  • 12. 12 12 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved BYOD lifecycle management Revoke Device Network Access Device Inventory Data Realtime Dashboard of BYOD Access Enforcement of BYOD Access Policies
  • 13. CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 1313 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved BYOD Examples
  • 14. 14 14 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved BYOD Policy Examples 1.  Executive BYOD iPad –  Unique Device Credential 802.1x authentication à BYOD Exec 2.  Employee BYOD Windows Laptop –  Unique Device Credential 802.1x authentication à BYOD LAZ 3.  Executive BYOD MacBook –  Unique Device Credential 802.1x authentication à BYOD Exec 4.  Employee BYOD Android Tablet –  Unique Device Credential 802.1x authentication à BYOD LAZ
  • 15. 15 15 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Example BYOD Policy Enforcement OnrampsPolicy Definition Point (PDP) RAP or VIA Aruba Wireless Controller S-3500 Switch Cisco Switch ClearPass Policy Manager Active Directory Enforcement Executives Employee1- Employee5 Employees Employee6- Employee15 Employee Role •  Unrestricted BYOD-Exec Role •  Unlimited Bandwidth •  Intranet Sites •  Payroll Server BYOD-LAZ Role •  Bandwidth = 1 Mbps •  Intranet sites VLAN 681 •  Access based on FW Guest Role •  Internet only Identity Stores
  • 16. 16 16 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 1. Executive BYOD iPad Expected Result: BYOD Exec à Exec Access Zone + unrestricted bandwidth http://www.arubanetworks.com/video.php?v=case-studies/iPad_BYOD.mov&w=960&h=540 1.  iPad connected to PoC-Employee using cached credentials 2.  BYOD device detected & iPad forced to device provisioning page 3.  Executive authorizes with domain credentials & unique device credentials & supplicant configuration pushed to the iPad 4.  iPad disconnected & re-authenticates with new provisioned credentials
  • 17. 17 17 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 2. Employee BYOD Windows Laptop 1.  Laptop connected to PoC-Employee using cached credentials 2.  BYOD device detected & Laptop forced to device provisioning page 3.  Employee authorizes with domain credentials & unique device credentials & supplicant configuration pushed to the Laptop 4.  Laptop disconnected & re-authenticates with new provisioned credentials Expected Result: BYOD LAZ à Limited Access Zone + 512K bandwidth http://www.arubanetworks.com/video.php?v=case-studies/Windows_BYOD.mov&w=960&h=540
  • 18. 18 18 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 3. Executive BYOD MacBook 1.  MacBook connected to PoC-Employee using cached credentials 2.  BYOD device detected & MacBook forced to device provisioning page 3.  Executive authorizes with domain credentials & unique device credentials & supplicant configuration pushed to the MacBook 4.  MacBook disconnected & re-authenticates with new provisioned credentials Expected Result: BYOD Exec à Exec Access Zone + unrestricted bandwidth http://www.arubanetworks.com/video.php?v=case-studies/Macbook_BYOD.mov&w=960&h=540
  • 19. 19 19 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 4. Employee BYOD Android Tablet 1.  Android connected to PoC-Employee using cached credentials 2.  BYOD device detected & Android forced to device provisioning page 3.  Android App downloaded. Executive authorizes with domain credentials & unique device credentials & supplicant configuration pushed to the Android 4.  Android disconnected & re-authenticates with new provisioned credentials Expected Result: BYOD LAZ à Limited Access Zone + 512K bandwidth http://www.arubanetworks.com/video.php?v=case-studies/Android_BYOD.mov&w=960&h=540
  • 20. 20 20 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved Summary: 5 Tips for BYOD •  Define your BYOD Access Policy –  Limited Access Zone, Which devices, Bandwidth Contracts •  Device Aware Access Network –  Device Profiling, ability to force enrollment workflow •  Granular Policy Definition & Enforcement –  Centralized policy creation, role based enforcement •  User Managed Onboarding Process –  Avoid Help Desk load, install trusted certs, profile device details •  Method to Revoke Device Access Critical –  Unique device credential, lost device or employee leaves
  • 21. CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 2121 Have fun tonight!!