Tectia MobileID – Tokenless 2-Factor Authentication for Juniper SSL VPN Appliances
| Copyright © 2009 Juniper Networks, Inc. | 1 ICE (In Case of Emergency) for SA Series SSL VPN...
-
Upload
khalil-goodman -
Category
Documents
-
view
217 -
download
1
Transcript of | Copyright © 2009 Juniper Networks, Inc. | 1 ICE (In Case of Emergency) for SA Series SSL VPN...
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net1
ICE (“In Case of Emergency”) for SA Series SSL VPN Appliances Overview
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net2
Definition of Business Continuity: Staying Operational during Disruptions
Natural Disasters – Fire, Floods, Hurricanes/Typhoons– Hurricane Katrina, Earthquake in Italy
Pandemic Planning– Swine Flu, SARS, Bird Flu
Business Disruptions – Transit strikes, oil spikes, terrorist– NYC Transit Strike impacting millions of
commuters
Other – Office relocation
Broadly speaking a “business disruption” is any event that can interrupt the normal flow
of work processes
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net3
Recent Unplanned Events - Impacting the Global Business
Asia Quake Disaster (Dec 04)
Hurricane Katrina (Aug 05)Pakistani Earthquake (Oct 05)
Bird Flu Outbreaks?
MTA Strike in NYC (Dec 05)
Hurricane Stan- S.A. (Oct 05)
Bird Flu Outbreaks?
Pandemic
Swine FluAvian/Bird FluSARS
Natural EarthquakesHurricanesOtherTerror attacksWinter Storms
Disastrous Events
Social Distancing
Geographical isolationQuarantines
Maintain productivity Sustain partnerships Continue to deliver exceptional
service to customers and partners with online collaboration
Meet government mandates for Disaster Recovery and compliance
Business Continuity Challenges
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net4
Challenges Faced during Business Disruption
Need to maintain productivity of users
Must sustain partnerships with suppliers & business partners
Continue to deliver exceptional service to customers and partners with online collaboration
Meet government mandates for disaster recovery and compliance– Continuity of Operations Plan
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net5
The Solution:Juniper Networks Secure Access SSL VPN
VoIPTeleworker
Business Partneror Customer
WirelessUser
AirportKiosk User
Mobile User –Cafe Secure SSL access to remote users
from any device or location
Easy access from Web-browsers – no client software to manage
Dynamic, granular access control to manage users and resources
Single comprehensive solution to access various application types from various devices available
SA6500
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net6
Juniper Networks ICE forBusiness Continuity
Juniper Networks ICE delivers – Proven market-leading SSL
VPN – Easy deployments– Instant activation – Investment protection– Affordable risk protection
Peak Demand
Nu
mb
er
of
Re
mo
te U
se
rs
Time
Average usage
Unplanned event
What will you do when your non-
remote users need access?
Meeting the peak in demand for remote access in the event of a disaster
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net7
What is ICE (“In Case of Emergency”) in Details?
Software license that enables temporary bursting capabilities for emergency situations in which a large number of employees must log in for a short period of time
One time purchase that can be activated up to 8 weeks; does not have to renewed every year
Available to use with SA4500 or SA6500– SA4500
Targeted to mid-to-large sized enterprises Supports up to 1000 concurrent users
– SA6500 Targeted to large enterprises and service providers Supports up to 10,000 concurrent users on a single unit; up to 30,000 concurrent
users on a four-unit cluster– Available on SA4500 FIPS and SA6500 FIPS models, too
Federal Information Processing Standards (FIPS)-compliant models with a certified hardware security module targeted for US government agencies
– In clustered configurations for high-availability, a separate ICE license must be ordered for the clustered SA devices
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net8
How Does ICE Work?
1) Turn on the ICE license on the SA via the admin console
2) Once turned on, it’s activated to meet additional capacity of remote access demand for up to 8 weeks
3) Each time it is deactivated, the timer will freeze and will start from the same point the next time you activate it
4) Once 8 weeks is reached, you can either buy a new user license (if greater user support is needed permanently) or a new ICE license to extend the time
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net9
Instant Online Collaboration During Emergencies- Secure Meeting Included with ICE License
Easy to Use Web Conferencing– Share desktop/applications– Group and private chat– No training required
Easy to Deploy and Maintain– No pre-installed software required – Web-based, cross platform– Personalized meeting URLs for
users https://meeting.company.com/ meet
ing/johndoe
Affordable – No usage/service fees Secure
– Fully encrypted/secured traffic using SSL
– No peer-to-peer backdoor– User credentials protected– Policy flexibility to meet
authentication requirements
Instant or scheduled online collaboration
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net10
Customer Example – Blood Systems, Inc.
One of the country’s oldest and largest blood service providers
Relies heavily on keeping their employees across 84 locations in close contact in order to provide critical care services
Have to provide employees access to the applications they need, under ordinary circumstances or in extraordinary situations like a natural disaster or pandemic
Purchased an SA with ICE license to meet immediate expansion of remote access connectivity in the event of a disaster
To view the full case study, please visit: – http://www.juniper.net/us/en/local/pdf/case-studies/3520235-en.pdf
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net11
ICE Summary
Productivity Issues in Disaster Scenarios
Secure Access meets those needs with ICE
Geographic isolation of employees – can’t reach the office
Anywhere, anytime, any device secure remote access
No access to managed laptop – must use home PC or mobile device
Broad cross platform support
Easy to use and deploy No pre-installed client Employees login in same way, regardless of device
No communication to partners & customers to sustain business
Secure granular remote access(user to application control)
No means of meeting/collaborating - restricted travel
Secure online Web conferencing (Secure Meeting)
Abnormally large number of remote access users
Secure Access scales to meet the needs of any size deployment
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net12
Why Juniper for SSL VPN?
Core Competence in SSL-based Access
– Proven in tens of thousands of customer deployments!
– Market leadership/industry Awards– Product maturity
Single Platform for All Enterprise Remote Access Needs
– Support for complex Web content, Files, Telnet/SSH using only a browser
– Client/Server applications – Adaptive dual transport method for
network-layer access
End-to-End Security– Robust host checking capabilities– Dynamic Access Privilege Management – 3rd party security audits
Performance, Scalability & HA– Differentiated hardware platforms– Global & local stateful clustering – Compression, SSL acceleration, GBIC
connectors, dual hot-swappable hard disks, power supplies, and fans
Ease of Administration– Centralized management– Granular role-based delegation– Extensive integration with existing
directories– Native automatic endpoint remediation
and password management integration
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net13
THANK YOU