Government BYOD Challenge | GSF 2012 | Session 1-1

2. Agenda Connecting GOV in the Post-PC era Empowering IT and the User Explaining a BYOD+ framework Reference architecture, demonstration and multi-vendor discussionPresentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2

8. Almost every major Federal department is responding 45 of all Federal employees use Mobile Apps to do their job. -InformationWeek Government %Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8

9. Classified AF Flight Guest ContractorNetworks Manuals Access Cisco Confidential 9

10. Improve Protect performance my data with more users Consistent &EspeciallEspeciall y when simplified y whenits your policyits your USERS DEMAND: I WANT TOCHALLENGE: HOW DO I? ITExecutivExecutiv e e Onboard My Users Use the Device I 1 and Their Devices Want Seamless Enable Secure, Experience 2 Reliable Experience Across Devices Greater Flexibility Simplify Ongoing and Productivity 3 Operations 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10

11. Uncomplicated Simplified user experience policy controls Protects .GOV data Any device, any time, anywhere 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11

14. 802.11n Wi-Fi Trust eW i d F i Identity- Based Access Control Apply defined policy profiles based on: Device Type Mobile User Device Location Managemen Application t WAN Optimization Service AssurancePresentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14

18. One Scenario Four Results Uncomplicated user experience Simplified policy control Protects .GOV data Any device, any time, anywherePresentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18

19. One Scenario Four Results Uncomplicated user experience Simplified policy control Protects .GOV data Any device, any time, anywhere Additional requirements for GOV High performance wireless (incl. video over wireless) Makes IT life easier to manage and install Always-On Security Granular application control Secure connectivity to classified data Single pane of glass: Wired & WirelessPresentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19

20. My users use multiple devices including their Granul Granul own; they are ar App ar App mobile and need Control Control Single Single IronPort IronPort role-based Pane Pane Directory Exchange Email Web access of of to the Internet glass glass and internal MDM Mgr apps. NCS Prime ISE MDM WLAN Alway Alway Controller s-On s-On NextGe NextGe CleanAir CSM/ASD Securi Securi n n M ty ty Encrypti Encrypti on on High High Performan Performan AC NAM ce ce AC VPN with Cloud Web Security Wireless Wireless 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20

21. My users use multiple devices including their own; they are mobile and need Video over wireless IronPort IronPort role-based Directory Exchange Email Web access Optimize wireless to the Internet capacity and reliability and internal Collaborate NCS Prime MDM Mgr apps. seamlessly ISE across devices Always-on security MDM Unify wired/wireless/mobile WLAN with a single VPN Controller client NextGen Encryption CleanAir CSM/ASD M Granular application control Single pane of glass Configure and enforce AC VPN with AC NAM consistent policies Cloud Web Security across branch, campus, and DC 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21

22. BEFORE AFTER Best-Effort Network Mobility-Optimized Experience AIR QUALITY PERFORMANC AIR QUALITY PERFORMANC E E ClientLink CleanAir VideoStream Unpredictable Difficulty supporting mobile Accelerated up to 30% faster for all clients devices Reliable Interference protection and diagnostics Difficult Connectivity issues from interference Optimized High performance multicast video Low Performance Spotty video performance 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22

23. Web Security Mobile Device Cloud-based Security Security Encrypted Tunnel Mobile User Internet Caf Mobile User Internet 2011 Cisco and/or its affiliates. All rights reserved. Caf Cisco Confidential 23

24. BEFORE AFTER Many Windows, Fragmented View Comprehensive User and Access Visibility Wireless Unified Management Identity Wireless Wired Wired Policy Siloed Inefficient Operational Model Simple Find and solve user problems fast Repetitive Manual correlation of data Unified View of all devices by user, across networks Error Prone Consumes time and resources Lower Opex More efficient use of IT resources 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 24

25. David white slide?Identity Services Engine (ISE) for Advanced Policy Management IDENTITY PROFILING 1 ISE HTTP 802.1x EAP NETFLOW User Authentication SNMP VLAN 10 DNS 2 VLAN 20 RADIUS Profiling to identify device Government DHCP Government asset Resources 4 GOV HQ Wireless LAN Single SSID Controller Policy Internet Only 2:38pm Decision Personal 3 5 asset 6 Posture Enforce policy in of the device the network Full or partial Unified Access Management access granted Applying granular access via Web Controls 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25

26. What youll see in the demo Uncomplicated User Experience Flexible access (for user and IT) Simplified Policy Controls Reference architecturePresentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 26

28. Access ControlSecure Wireless End Point Security

29. SSID: ATCGuestSSID: ATCSecure

31. PssstWorkshops, Advanced Network Its FREE Assessments and Penetration Testing Services can provide: PLAN DESIGN IMPLEMENT SUPPORT Threat Identification, Probability and Analysis Infrastructure Analysis Advance Technology Capability Analysis Security Policy, Regulatory Compliance and Procedure Gap WORKSHOPS Analysis Active and/or Passive Tools to Evaluate your agencys network security Analyze the Infrastructure posture against industry standards for best An Executable Plan to Improve practices. A combination of network and the Agencys Security Posture security tools is used to gain a clearer picture of the infrastructure, policies, regulatory compliance and procedures in place today. You will receive tools along with reports providing specific recommendations to address vulnerabilities and improve your agencys overall security.

32. No Spam We dont sell information Level Playing Field Only scan when you want to be Money doesnt buy scanned preference in the lab Technology speaks for itself No Cost to Attend Attend for free Lunch provided

33. BYOD Tech Days http://www.cisco.com/web/go/semreg/byodsolutions Date Location Date Location 17-APR- Gold River, California, 08-MAY- Malvern, Pennsylvania, 2012 2012 18-APR- Richfield, Ohio, 09-MAY- Bloomington, MN, 2012 2012 19-APR- Boxborough, 09-MAY- Houston, Texas, 2012 Massachusetts 2012 02-MAY- Lawrenceville, Georgia, 15-MAY- Chesterfield, Missouri, 2012 2012 03-MAY- Irvine, California, 16-MAY- Richardson, Texas, 2012 2012 08-MAY- San Jose, California, 16-MAY- Herndon, Virginia, 2012 2012Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 35

34. Visit www.cisco.com/go/challenge Watch the 20-minute video featuring TechWise Jimmy Ray Purser and Robb Boyd with IKE Take the Challenge! Test your knowledge and answer 10 questions.Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 36

35. Various Ways to Approach the BYOD Challenge It is a wireless infrastructure problem It is a security problem and needs a security solution It is a device management problem It needs a virtualization solution Uncomplicated user It is a device problem and needs IT friendly devices experience Simplified policy control Protects .GOV data It is a Remote access problem Any device, any time, anywhere 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 37

37. BEST-IN-CLASS TECHNOLOGY CONVERGED POLICY AND MANAGEMENT Optimized Experience on Who ? What ? Whe n? Where? How ? Mobility Wireless Client acceleration and optimized video protected by proactive spectrum ISE management Protecting Data in Motion Security Context-aware VPN and firewall, cloud- based email and content scanning Rich Experience Across NCS Collaboratio Devices for voice, video, and IM One platform across Cius, other mobile devices, n laptops 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39