Networking for BYOD

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

The Challenge
Complex to deploy and manage

Lack of security for employee & guest personal devices

Unreliable connection & poor app performance

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

How to Make BYOD Work?

BYOD 2012+
How do I keep my network and my users protected?

iOS

Android Ultrabooks How do I provide a reliable & intuitive experience to my employees & guest

VPN

ANY NETWORK How do I minimize impact to my IT and helpdesk staff

ANY USER

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

The Solution:
Best in Class Enterprise Wi-Fi and Access Management

Simple & Flexible Deployment

BYOD Security & Support

Always Connected Voice & Video Optimized Employee & Corp Owned

Dependable Wi-Fi for Mobile Apps

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Aruba Networks MOVE Portfolio

Expanded MOVE Architecture
Mobility Controller AirWave Network Management ClearPass Access Management

+
DATA CENTER

Thin Access On-Ramps

WIRELESS WIRED VPN REMOTE OFFICE OUTDOOR

Any Device

Open BYOD Framework Strategy Enforcement Across Any Network Type Device Profiling with Advanced Posture Multi-point Access Visibility Secure and Highly Scalable

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

ClearPass Product Family

Profile
Device Identification and classification

OnGuard
Endpoint Health/Posture Collection

ClearPass Policy Manager

Guest
Guest/Visitor access management
CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

OnBoard
Device onboarding and provisioning

The ClearPass Access Management Solution

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Aruba ClearPass Product Summary

Open Architecture for BYOD
ClearPass Policy Manager: Central policy decision point &
Add-on capabilities include

AAA.

ClearPass Profile: Identify devices in the network as a basis for making

access policy decisions

ClearPass Onboard: guest access & employee self-serve mobile device

provisioning of VPN, e-mail and network security, and revocation of device access

ClearPass OnGuard:
compromised devices

Controlled access and remediation for

ClearPass Guest: Guest access provisioning and management

ClearPass QuickConnect: Automated configuration of 802.1X settings

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Aruba ClearPass Simplifies BYOD

1 Onboard
Device

Assign Policy

Enforce Policy

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Accurately Identify Devices

ClearPass Profile

Enterprise Infrastructure
Data Collectors

iPad 1 iOS 5.0.1

SNMP
ActiveSync

DHCP
AD

HTTP
DEVICE PROVISIONING IDENTITY CENTRIC PROFILING

Policy Manager

IF-MAP
Mobility Controller
NETWORK HEURISTICS PROFILING

EVENTS-CENTRIC FINGERPRINTING

BASELINE FINGERPRINTING

OnGuard

10

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

ACCURACY

Enrollment and Provisioning Workflow

ClearPass Onboard ClearPass Policy Manager

Access Network

Active Directory Device Credential

3.
Limited Access Zone

1.

Provision a unique device credential for that user & device

Revoke access for devices that are lost or stolen

Authorize BYOD enrollment based on AD credentials

4.

2.

Register device type & ownership

11

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

BYOD Lifecycle Management

Revoke Device Network Access Real-time Dashboard of BYOD Access

Device Inventory Data

Enforcement of BYOD Access Policies

12

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Control Compromised Devices

ClearPass OnGuard ClearPass Policy Manager with OnGuard Access Network

Detect unsecure devices

Minimal Risk to Network

Block access to network resources across wired, wireless & remote Auto-Remediate the device
13
CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Automated Guest OnBoarding

ClearPass Guest
New Visitor

ClearPass Policy Manager Access Network

Sponsor

1.
14

3.
2.

Collect visitor information

Account enabled, visitor notified via screen, SMS, or email

Sponsor prompted to confirm that guest is valid

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Enhanced Guest Experience

Advanced Guest Management
Streamlined workflow; No IT
Sponsored-based, Visitor SelfRegistration, Pre-registration, Anonymous Guest Access 3rd Party Integrations

Assignable roles, expiration times, user names, passwords

APIs for integration with existing applications / CRM tools

Highest Customization
Skin technology, software plugins, APIs Targeted advertising and content delivery

15

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Context Aware Policy Definition Point

BYOD Policy
Allow personal devices into a limited access zone (LAZ)

Executive Class Policy

All traffic from executive devices get higher priority

Multimedia Policy
Optimize delivery of MS Lync traffic over the air Policy

Unauthorized Use Policy

Disable Rogue AP, Blacklist User

Device Revocation Policy

Disable device access, not user access, if device is stolen/lost

Device Quarantine Policy

Quarantine unhealthy devices for remediation
CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

16

Enforce a Policy Across Any Network

POLICY DECISION ClearPass Policy Manager

POLICY ENFORCEMENT:

Any Network

Policy Enforcement Optimized for Mobility

17

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Aruba ClearPass QuickConnect

User Experience
Simple self-service connectivity Windows, Mac, iOS, Android
Web-hosted Captive Portal

1.

802.1X settings & NAC configuration

2.

QuickConnect then connects device to secure network

Secure Network

Impact to IT
Eliminates help desk calls Protects the network with strong security

3.

Intranet Resources

Open Network

Internet

18

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Why Aruba ClearPass for BYOD?

Only Aruba Provides:

1
2 3 4 5
19

The most complete BYOD network access solution. Most robust but simple to use policy management system and AAA platform Easiest to deploy and scale BYOD solution for any size network Enterprise-class functionality from a single platform (i.e. profiling, onboarding, guest, load-balancing, redundancy) Seamless integration with existing standards-based networking products

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Summary

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

The Complete, Multi-Vendor Way to do BYOD

Enable secure BYOD on ALL networks

Easily connect & provision ALL devices

Take back control over YOUR network

21

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved

Thank You!

CONFIDENTIAL Copyright 2011. Aruba Networks, Inc. All rights reserved