Enable your networks to support enterprise mobility

COPYRIGHT © 2014 ALCATEL-LUCENT. ALL RIGHTS RESERVED.

ENTERPRISE MOBILITY ENABLE YOUR NETWORKS TO SUPPORT ENTERPRISE MOBILITY

Presenter

October, 2014

Mobility is #1 PRIORITY FOR IT DECISION MAKERS VANSON BOURNE

MOBILITY AND THE APPLICATION INVASION

1.2 BillionSMART PHONES TO BE 41.7 Billion

2


THE NETWORKS NEED TO EVOLVE

87% OF ENTERPRISES WILL ADD VIDEO CONFERENCING BY 2014FROST & SULLIVAN

The frontiers between private and professional are blurring.

SMART PHONES TO BE SHIPPED IN 2014 IDC

41.7 BillionAPP DOWNLOADS PER YEAR

BY 2015 OVUM

ENTERPRISE MOBILITY CHALLENGES

3


More Devices than Capacity

Minimizing Impact to IT and Helpdesk staff

How Do I Keep My Network and My Users Protected?

Providing a Reliable & Intuitive Experience for Employees & Guests

SOLV ING ENTERPR ISE MOBIL ITY CHALLENGES WHILE PROVID ING SOL ID INVESTMENT PROTECT ION

THE STATUS OF MANY CORPORATE CAMPUS NETWORKS TODAYLAN NMSWiFi NMS

What’s the status of your network?

• Difficult to connect personal devices?

• Anyone can access your assets?

• No control on device misbehavior?

Network Infrastructure

LAN WiFi

4


• No control on device misbehavior?

• WiFi limited to guest areas?

REQUIRES RESOURCE INTENSIVE MANAGEMENT

LAN WiFi

Meeting Room Guest Area All Other Company Areas

UNIFIED ACCESSSAME NETWORK SERVICES AVAILABLE FOR WIRED AND WIRELESS

Guest

Access

Multimedia

Fluency

APPLICATION

ANALYTICSSECURE

WORKGROUPS

Network Services

�High quality user

5


ANY DEVICE

Unified Access

USER

PROFILING

QoS�High quality user experience on wired and wireless

� Simplify operations and improve network security

THE MOBILE ENTERPRISE WITH ENHANCED POLICY SERVICESFOR WIRED & WIRELESS DEVICES

DEVICE PROVISIONING (ON-BOARDING)

• Empower employees• Enhances security for LAN and WLAN• Off-loads IT

ONBOARD

ADVANCED GUEST MANAGEMENT• Empowers guests and business unit• Improves customer satisfaction• Potential revenue generator

GUEST

DHCP Server

Active Director

y

6


DEVICE POSTURE/HEALTH CHECKS• Improves security• Maintain compliance

ONGUARD

POLICY MANAGEMENT & DEVICE FINGERPRINTING• Better visibility• Enhanced user experience

POLICY MANAGEMENT/ FINGERPRINTING

ExistingRADIUS

POLICY MANAGER*

MDM

DEVICE ONBOARDING/PROVISIONING SOLVING THE LAN ACCESS SECURITY PROBLEM

86% of all installations with 802.1X capable switches do not use the functionality!

WLAN security is well deployed and understood BUT LAN is typically unsecured!

Policy Manager

BYOD Services

7


• Eliminating IT Burden of deploying LAN security

- Automatic device configuration, including creation and installation of certificates

- Automatic registration of printers, cameras, etc.

switches do not use the functionality!

Network Infrastructure

ZK Research – Network Purchase Intention Study 2013

CONSISTENT SECURITY ACROSS WIRED AND WIRELESS LAN

DEVICE ONBOARDING/PROVISIONING802.1X AND CERTIFICATE AUTHORITY BUILT-IN

1. Connects to web portal

Policy Manager

Unified Access

Unique Cert

Provisions 802.1X configuration (wired or wireless)

8


3. Tells the switches and AP’s which uNP or Role to apply (and enforce)

Fingerprints the device, authenticates the user and associates the two

2.Unique Cert(wired or wireless)

+

S IMPLE TO DEPLOY AND SAVES COSTS

ADVANCED GUEST MANAGEMENTSPONSORED OR SELF-SERVICE GUEST ACCESS

Access Network

Policy ManagerNew Visitor

9


1.

3. Account enabled, visitor notified via

screen, SMS, or email

Collect visitor information 2.

Sponsor prompted to confirm that guest is valid

Sponsor

DEVICE POSTURE/HEALTH CHECKSDEVICE ACCESS CONTROL AND COMPLIANCE

Minimal Risk to Network

Policy Manager with OnGuard

Unified Access

Detect unsecure devices

10


• Minimal Risk to Network

• Block access to network resources across wired, wireless & remote

• Auto-Remediate the device

• Out of date A/V, A/S

• Voice mail not allowed

• Firewall off

• USB device not allowed

POLICY MANAGEMENT AND DEVICE FINGERPRINTING

• Differentiated access per device

• Services based on context (user, device, situation, application) for wired and wireless

• Policy enforcement based on rolesUSER

Engineering Finance Guest Contractor+

11


DEVICESmartphoneTabletDesktopPrinter IP Phone

SITUATION

+

Time Location PostureMedium

=

WWW QuarantineServers Email

Email Video Game Social media

APPLICATION

+

POLICY TO BE ENFORCED

EMPLOYEE GUEST

EXECUTIVE CONTRACTOR

USERSPROFILES

UNIFIED AIRGROUPTMNETWORK SERVICEENABLING APPLE DEVICES TO BE USED IN CORPORATE ENVIRONMENTS

Benefits:

• Enables the use of Apple devices across the corporate network

• Users self-register Apple devices

DormitoryLibrary

Engineering Bldg

12


User XProf: Faculty

User AProf: Student

User BProf: Student

ONLY VENDOR TO SUPPORT A IRGROUP ON WIRED AND WIRELESS LAN

• Users self-register Apple devices

• Users customize Apple device accessibility

OMNIVISTA 2500 NETWORK MANAGEMENTENABLES IT TO STAY ON TRACK WITH BUSINESS REQUIREMENTS

� Unified dashboard for wired and wireless network (user, device and app)

� End-to-end visibility & user-centric troubleshooting (OV Locator)

Policy management for wired and

13


� Policy management for wired and wireless devices and users

OV2500 PROVIDES THE V IS IB IL ITY AND CONTROL IT NEEDS

ENTERPRISE MOBILITY AND UNIFIED ACCESSCOST SAVINGS AND BENEFITS

• Eliminates or reduces the need for VPN’s

- Users are authenticated (employees or guests) and are authorized to access servers/sites only pre-approved in the policy management system.

• Saves onboarding costs

- Based on hourly billing rates, onboarding a device costs from $150 to $300

14


• Enables choice of devices

- Laptop/PC costs between $400 - $600 per year over a five year life span.

- The cost of a tablet is estimated to be between $150- $200 per year.

• Intangible benefits include increase in productivity, customer satisfaction, brand loyalty, etc.

- These may not directly contribute to the bottom line, but will play a major part in overall performance and strategic vision. (Enterprise Mobility Blog, June 2012)

USER AND DEVICE MANAGEMENT WITH UNIFIED ACCESS

1. Investment Protection and Cost Savings

- No need for infrastructure or equipment upgrades to enable BYOD and policy management

2. Consistent contextual enforcement of policies across LAN and WLAN

- Unified Access provides policy management and enforcement across wired and wireless

3. Full featured RADIUS/AAA services

15


3. Full featured RADIUS/AAA services

- Supporting 802.1x, Web and MAC Authentication

4. Simplified and Secure Device Onboarding

- 802.1x and built-in certificate authority

5. Personalization of Apple Devices

- AirGroup for both wired and wireless devices

v

16


Twitter.com/ALUEnterprise

Facebook.com/ALUEnterprise

Youtube.com/user/enterpriseALU

Follow us on

17


Linkedin.com – Group: Alcatel-Lucent Enterprise

Slideshare.net/tagged/Enterprise

Storify.com/ALUEnterprise

enterprise.alcatel-lucent.com

Enable your networks to support enterprise mobility

Technology

Transcript of Enable your networks to support enterprise mobility