Uploaded bykamalikamj
PPT, PDF759 views

Identity management

This document discusses identity management in 802.1x networks. It explains that identity management provides security, protects confidential data, and enables project-level isolation. It describes how an identity-aware network uses an authentication/authorization server like Microsoft Active Directory and RADIUS to authenticate users and assign them to the appropriate VLAN based on their identity attributes. This allows the network switch to provide VLAN isolation and control access to different parts of the network for different user groups like finance teams and project teams.

Embed presentation

Downloaded 10 times
Identity Management in 802.1x networks
Network without Identity Management Microsoft AD, DC and Radius(IAS/NPS) server Finance Team Finance Dept Project Team Network switch Network switch Client Private Private Project Network Network Visitor Internet Internet
Why is identity management needed in networks • Security to your network. • Protecting confidential data. • Per Project level isolation.
What is Identity Management Authentication/Authorizati Account ID on Server Domain VLAN Membership Identity Identity Network switch Network switch IP Address Mac Address
How does an Identity Aware Network look like Microsoft AD, DC and Finance Team Radius(IAS/NPS) server Finance Dept VLan Project Team Network switch Enabled with Network switch Enabled with identity identity management management Client Project Private Private Network Network Visitor Vlan Guest VLAN Guest VLAN Internet Internet
Network without VLAN t Team Projec e Te am Financ Ne tw or k Sw itc h Since there is no vlan Since there is no vlan isolation in the switch, isolation in the switch, anyone connecting to the anyone connecting to the switch will have access to switch will have access to anything in the network. Finance Project Team anything in the network. Team Visitors
How does VLAN isolation work? Ne tw or k Sw it c h Finance Project Team Team Visitors
How Does Authentication work ? Radius verifies the Radius verifies the Switch sends the user Switch sends the user Account ID /Domain Account ID /Domain identity to identity to • Microsoft AD, DC id with AD id with AD Authentication Server Authentication Server • Radius(IAS/NPS) server Radius processes the policy Radius processes the policy set for that user : : set for that user 1.Security Group 1.Security Group 2.Radius attributes (In this 2.Radius attributes (In this case vlan membership) case vlan membership) Vlan Project Team Mem b ersh Network Switch Network Switch ip Client Private Private Project Network Network Vlan Based on the information sent Based on the information sent User connects to User connects to by Radius, the switch places by Radius, the switch places the networks the networks the person in the the person in the corresponding vlan corresponding vlan
Questions ?

More Related Content

PPTX
DDHS 2009 Microsoft Heads In The Cloud Feet On The Ground Peter de Haas...
byPeter de Haas
 
PDF
Ruckus BYOD whitepaper
byMichal Jarski
 
PPTX
Technical Cyber Defense Strategies Explained!
byMicrosoft TechNet - Belgium and Luxembourg
 
PPTX
Lawful Interception in Virtual Environments
byLiveAction Next Generation Network Management Software
 
PPTX
What is a virtual tap?
byLiveAction Next Generation Network Management Software
 
PPTX
Softchoice Webinar Series: VMware vSphere 5.1 Changes
bySoftchoice Corporation
 
PDF
Cloud Security Foundation
byhagero
 
PDF
Deadly Sins Bcs Elite
byJon G. Hall
 
DDHS 2009 Microsoft Heads In The Cloud Feet On The Ground Peter de Haas...
byPeter de Haas
 
Ruckus BYOD whitepaper
byMichal Jarski
 
Technical Cyber Defense Strategies Explained!
byMicrosoft TechNet - Belgium and Luxembourg
 
Lawful Interception in Virtual Environments
byLiveAction Next Generation Network Management Software
 
What is a virtual tap?
byLiveAction Next Generation Network Management Software
 
Softchoice Webinar Series: VMware vSphere 5.1 Changes
bySoftchoice Corporation
 
Cloud Security Foundation
byhagero
 
Deadly Sins Bcs Elite
byJon G. Hall
 

What's hot

PDF
The Open Splice.Org Community
byAngelo Corsaro
 
PDF
OSS Presentation Keynote by Hal Stern
byOpenStorageSummit
 
PDF
Private Cloud reduces risk calculations by 50%
bySAS
 
KEY
Oscon anatomy of_os_cloud_ecosystem
byhtdvul
 
PPTX
Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...
byCA API Management
 
PPTX
Cisco Presentation 1
bychangcai
 
PDF
Bridging the Enterprise and the Cloud from Layer 7
byCA API Management
 
PDF
Embrace Change
byAngelo Corsaro
 
PDF
Open APIs + Software Competitions = Innovative & Creative Solutions
byCA API Management
 
PPTX
17h30 aws enterprise_app_jvaria
byLuiz Gustavo Santos
 
PDF
Layer 7: Cloud Security For The Public Sector
byCA API Management
 
PPT
CDS in Regenstrief's New Gopher CPOE
byJon Duke, MD, MS
 
PDF
Ct 1 Danielson
byguest43dc4b
 
PDF
Enhancing and Operating Video Collaboration with your Network
byCisco Canada
 
PDF
Cryptocard Next Generation Authentication
byCRYPTOCARD
 
PDF
Over the Air 2011 Security Workshop
byEricsson Labs
 
The Open Splice.Org Community
byAngelo Corsaro
 
OSS Presentation Keynote by Hal Stern
byOpenStorageSummit
 
Private Cloud reduces risk calculations by 50%
bySAS
 
Oscon anatomy of_os_cloud_ecosystem
byhtdvul
 
Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...
byCA API Management
 
Cisco Presentation 1
bychangcai
 
Bridging the Enterprise and the Cloud from Layer 7
byCA API Management
 
Embrace Change
byAngelo Corsaro
 
Open APIs + Software Competitions = Innovative & Creative Solutions
byCA API Management
 
17h30 aws enterprise_app_jvaria
byLuiz Gustavo Santos
 
Layer 7: Cloud Security For The Public Sector
byCA API Management
 
CDS in Regenstrief's New Gopher CPOE
byJon Duke, MD, MS
 
Ct 1 Danielson
byguest43dc4b
 
Enhancing and Operating Video Collaboration with your Network
byCisco Canada
 
Cryptocard Next Generation Authentication
byCRYPTOCARD
 
Over the Air 2011 Security Workshop
byEricsson Labs
 

Similar to Identity management

PDF
Cisco Study: State of Web Security
byCisco Canada
 
PPTX
ReadyCloud Collaboration, a Cisco Powered service
byGen-i
 
PDF
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
byYury Chemerkin
 
PPTX
Express Data - BYOD
byGen-i
 
PPTX
Express Data - BYOD
byGen-i
 
PDF
Cisco switching technical
byImranD1
 
PDF
DirectAccess
byDigicomp Academy AG
 
PDF
Networking concepts and terms
byHemnath R.
 
PDF
Axial What We Do
bydmcleodglas
 
PDF
Microsoft Direct Access (Part II)_John Delizo
byQuek Lilian
 
PPT
IT Essential - Course Overview
byIrsandi Hasan
 
PDF
CCNA Training Details..
bycisco training
 
PPT
CCNA Security - Chapter 8
byIrsandi Hasan
 
PDF
[SOS 2009] D-Link: Red Segura L2 L3
byChema Alonso
 
PPT
Dc tco in_a_nutshell
byerjosito
 
PDF
Deploying the Cisco Mobility Services Engine for Advanced Wireless Services
byCisco Mobility
 
PPTX
Check Point75 Makes3 D Security A Reality Q22011
bychaucheckpoint
 
PPTX
Vfm security with aruba wireless
byvfmindia
 
PDF
At8000 s configurando_8021x
byNetPlus
 
PDF
Network Infrastructure Virtualization Case Study
byCisco Canada
 
Cisco Study: State of Web Security
byCisco Canada
 
ReadyCloud Collaboration, a Cisco Powered service
byGen-i
 
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
byYury Chemerkin
 
Express Data - BYOD
byGen-i
 
Express Data - BYOD
byGen-i
 
Cisco switching technical
byImranD1
 
DirectAccess
byDigicomp Academy AG
 
Networking concepts and terms
byHemnath R.
 
Axial What We Do
bydmcleodglas
 
Microsoft Direct Access (Part II)_John Delizo
byQuek Lilian
 
IT Essential - Course Overview
byIrsandi Hasan
 
CCNA Training Details..
bycisco training
 
CCNA Security - Chapter 8
byIrsandi Hasan
 
[SOS 2009] D-Link: Red Segura L2 L3
byChema Alonso
 
Dc tco in_a_nutshell
byerjosito
 
Deploying the Cisco Mobility Services Engine for Advanced Wireless Services
byCisco Mobility
 
Check Point75 Makes3 D Security A Reality Q22011
bychaucheckpoint
 
Vfm security with aruba wireless
byvfmindia
 
At8000 s configurando_8021x
byNetPlus
 
Network Infrastructure Virtualization Case Study
byCisco Canada
 

More from kamalikamj

PPTX
Anatomy of a Continuous Delivery Pipeline
bykamalikamj
 
PPTX
DevOps Not A Toolbox
bykamalikamj
 
PPTX
Back To Basics
bykamalikamj
 
PPTX
Change Can Be Good
bykamalikamj
 
PPTX
Testing for infra code using test-kitchen,docker,chef
bykamalikamj
 
PPTX
Automating Dev Environment - Introduction to Docker and Chef
bykamalikamj
 
Anatomy of a Continuous Delivery Pipeline
bykamalikamj
 
DevOps Not A Toolbox
bykamalikamj
 
Back To Basics
bykamalikamj
 
Change Can Be Good
bykamalikamj
 
Testing for infra code using test-kitchen,docker,chef
bykamalikamj
 
Automating Dev Environment - Introduction to Docker and Chef
bykamalikamj
 

Identity management

  • 1.
    Identity Management in802.1x networks
  • 2.
    Network without Identity Management Microsoft AD, DC and Radius(IAS/NPS) server Finance Team Finance Dept Project Team Network switch Network switch Client Private Private Project Network Network Visitor Internet Internet
  • 3.
    Why is identitymanagement needed in networks • Security to your network. • Protecting confidential data. • Per Project level isolation.
  • 4.
    What is IdentityManagement Authentication/Authorizati Account ID on Server Domain VLAN Membership Identity Identity Network switch Network switch IP Address Mac Address
  • 5.
    How does anIdentity Aware Network look like Microsoft AD, DC and Finance Team Radius(IAS/NPS) server Finance Dept VLan Project Team Network switch Enabled with Network switch Enabled with identity identity management management Client Project Private Private Network Network Visitor Vlan Guest VLAN Guest VLAN Internet Internet
  • 6.
    Network without VLAN t Team Projec e Te am Financ Ne tw or k Sw itc h Since there is no vlan Since there is no vlan isolation in the switch, isolation in the switch, anyone connecting to the anyone connecting to the switch will have access to switch will have access to anything in the network. Finance Project Team anything in the network. Team Visitors
  • 7.
    How does VLANisolation work? Ne tw or k Sw it c h Finance Project Team Team Visitors
  • 8.
    How Does Authenticationwork ? Radius verifies the Radius verifies the Switch sends the user Switch sends the user Account ID /Domain Account ID /Domain identity to identity to • Microsoft AD, DC id with AD id with AD Authentication Server Authentication Server • Radius(IAS/NPS) server Radius processes the policy Radius processes the policy set for that user : : set for that user 1.Security Group 1.Security Group 2.Radius attributes (In this 2.Radius attributes (In this case vlan membership) case vlan membership) Vlan Project Team Mem b ersh Network Switch Network Switch ip Client Private Private Project Network Network Vlan Based on the information sent Based on the information sent User connects to User connects to by Radius, the switch places by Radius, the switch places the networks the networks the person in the the person in the corresponding vlan corresponding vlan
  • 9.