© it & tel – E-Werk Wels AG 1 Dienstag, 25. November 2008 / FF Wels BlackBerry – Endgeräte.
Die Verwaltung mobiler Endgeräte – eine vielschichtige ...
Transcript of Die Verwaltung mobiler Endgeräte – eine vielschichtige ...
![Page 1: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/1.jpg)
1
WELCOME TO THE
NEW PC ERA
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Die Verwaltung mobiler Endgeräte – eine vielschichtigeHerausforderungHauke HeineckeMärz, 2014
![Page 2: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/2.jpg)
2
BRING YOUR OWN DEVICEGibt man jedem mit jedem Gerät auf alles Zugriff von überall?
2
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
2
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Einige kleine Hürden….
• Mischung von privaten und dienstlichen Daten
• Mischung von privaten und dienstlichen Applikationen/Apps
• Möglicher Verlust des Gerätes
• Verschiedenste Betriebssysteme
• Arbeiten dort, wo es angenehm ist
![Page 3: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/3.jpg)
3
Einige rechtliche Themen im Zusammenhang mit BYODNur einige Themen
• Nutzung von privaten Geräten durch dritte ist nicht ausgeschlossen
• Private Apps können unbemerkt auch dienstliche Daten absaugen
• Wie sind Backups geregelt
• Wie sieht die Update-Pflicht aus (Sicherheitsupdates)
• Mögliche Kontrolle der Regelarbeitszeit durch den Arbeitgeber
3
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
3
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
• Mögliche Kontrolle der Regelarbeitszeit durch den Arbeitgeber
• Dienstliche und private Daten unterliegen anderen rechtlichen Rahmenbedingungen
- möglicher Zugriff des Arbeitgebers auf private Daten
- Sind dienstliche Daten auf privaten Geräten eine Weitergabe an Dritte und wer muss hier zustimmen
(z.B. Kundendatenbanken)
• Der Einsatz von MDM-Lösungen ist mitbestimmungspflichtig, da Informationen über
Nutzungsverhalten gesammelt werden können
![Page 4: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/4.jpg)
4
Welche Optionen gibt es?
???
4
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
4
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Firmengeräte
Container /VDI Lösung
![Page 5: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/5.jpg)
5
APPLIKATIONS KONTROLLE: PERSÖNLICH VS. FIRMA/INSTITUT
5
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
5
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
ClearPass with WorkSpace
Unified Access
![Page 6: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/6.jpg)
6
Radius Authentisierung – reicht das?Einflussfaktoren auf den Netzwerkzugriff
• Gästezugang
• Geräte on-boarding • Geräte Profiling
Integritätsprüf. des Endgeräts (HIC)
BENUTZEREntwicklung Finanzen Gäste Zeitarbeiter
GERÄT
+
SmartphoneTabletDesktopDrucker IP Telefon
+
6
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
6
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
• Integritätsprüf. des Endgeräts (HIC) • Management mob. Endgeräte (MDM)
• Sichtbarkeit und Reporting• Rollenbasierte Zugangskontrolle• Richtlinien-Management
• SIP Snooping• DPI (Paketanalyse)
SITUATIONZeit Lokation PrüfungMedium
NAHTLOSESERLEBNIS
=
WWW QuarantäneServer Email
Email Video Spiele Soziale Netze
APPLIKATION
+
![Page 7: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/7.jpg)
7
NetzwerkinfrastrukturNMS
Controller (SDN/WLAN)
Access Management
Core
Multimedia Fluency
OperationsControl
Architecture
•Eine Infrastruktur für alle Dienste
•Erkennung der applikationsbezogenen Flows
•Support von VDI
•Support von HIC
•Erkennung von Endgerätetypen /Betriebssystemen(Device Fingerprinting)
7
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
7
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
LAN Switch
Firmengerät
Mitarbeitergerät
XenDesktop /
XenApp ServerICA Channel
Virtual Machines – Virtual Desktop
ICA very high priority Flows – TCP Port 2599
ICA Interactive Flows – Fester TCP Port 2598
ICA Medium Priority Flows – TCP Port 2597
ICA Low Priority Flows – TCP Port 2596
ICA RTP Audio Flows – UDP Port 16501OmniSwitch
DSCP – AF41, 802.1p - 4, Q
DSCP – AF42, 802.1p - 4 , Q
DSCP – AF21, 802.1p - 2, Q
DSCP – BE, 802.1p - 0, Q
DSCP – EF, 802.1p - 5, Q
•Differenzierung der Flows, die von einem Endgerätkommen
•Optimierte Wegewahl und Absicherung durch SDN
![Page 8: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/8.jpg)
8
Netzwerk und gerätebezogene SichtweiseSoftware und Verwaltungsstruktur-Aspekte
NetzwerkinfrastrukturManagement Netzwerkzugang
Desktop ManagementGeräte-Management
8
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
8
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Schutz des
Netzwerkes
Identifizierung
des Nutzers
Eingrenzen von
Nutzungsmöglichkeit
en und Bandbreite
Sicht auf
Geräteebene
Konfiguration von
Netzwerk-
einstellungen
Firmware- und
Patchmanagement
Kontrolle und
Zurücksetzen
(remote)
Ausrollen und
Provisionieren von
Apps
Provisionierung und
Zurücksetzen von
Geräteeinstellungen
Unified Acces
Systeme
z.B. Clearpass MDM/MAM
![Page 9: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/9.jpg)
9
CORE COMPONENTS OF UNIFIED ACCESSFOUNDATION FOR BYOD
DEVICE PROVISIONING• Self-Provisioning for Wired & WiFi
Windows, iOS, Android devices
• Simplified 802.1X deployment and
management for Unified Access ONBOARD
ADVANCED GUEST MANAGEMENT• Simplified management of HotSpot
with advanced customizable portal
• Guest management in enterprise with
self and sponsor registrations
workflows
GUEST
DHCP Server
Active Directory
CLEARPASS POLICY MANAGER
LAN NMS
WLAN Controller
WLAN NMS
Core
9
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
9
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
POSTURE/HEALTH CHECKS• Enforced constantly security policy of devices
accessing the corporate network
• Profile and Role based security enforcement
management solution
ONGUARD
APPLICATION MANAGEMENT• First integrated solution to control devices,
users, network and applications altogether
• Leverage investments of MDM/MAM and extends
it to the Network Access Control
WORKSPACEExisting RADIUS
(e.g. eduroam)
POLICY MANAGER
MDMLAN Switch
Guest Contractor Employee
![Page 10: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/10.jpg)
10
MULTIPLE GUEST REGISTRATION OPTIONS
10
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
10
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Self-registration•Customizable,
automated workflows
•Notification via SMS, email, badge printer
•One time registration
Sponsored Guest Access•Reception sponsor
interface
•Email sponsor approval workflow
•Enable employees to instantly sponsor
Pre-registration•Bulk import from file
eg. Excel, text
•Generate visitor badges or notify via branded email templates
3rd Party Integration•XML API’s for
integration with existing applications
![Page 11: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/11.jpg)
11
Access NetworkClearPass Policy Manager
Sponsor
SECURE REGISTRATION WORKFLOW
11
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
11
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
1. Sponsor creates credentials for new guest
2. Account enabled, visitor notified via screen, SMS, or
3. User logs in when they arrive
![Page 12: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/12.jpg)
12
CUSTOMIZABLE GUEST PORTAL BRANDING
• Replicates existing web branding
• Automatic optimization for mobile
browsers
• Options for portal per department
• Easily add/change fields
12
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
12
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
• Easily add/change fields
- User info, terms of use acceptance and
verbiage
![Page 13: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/13.jpg)
13
EASY-TO-USE GUEST SELF-REGISTRATION
• Self-help Kiosks
- No IT involvement
- Integrated SMS/email credential
delivery
- Printable name badges
with credentials
13
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
13
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
with credentials
- Offloads IT, sponsors,
receptionists
- Cached credentials for one time
login
![Page 14: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/14.jpg)
14
CORE COMPONENTS OF UNIFIED ACCESSFOUNDATION FOR BYOD
DEVICE PROVISIONING• Self-Provisioning for Wired & WiFi
Windows, iOS, Android devices
• Simplified 802.1X deployment and
management for Unified Access ONBOARD
ADVANCED GUEST MANAGEMENT• Simplified management of HotSpot
with advanced customizable portal
• Guest management in enterprise with
self and sponsor registrations
workflows
GUEST
DHCP Server
Active Directory
CLEARPASS POLICY MANAGER
LAN NMS
WLAN Controller
WLAN NMS
Core
14
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
14
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
POSTURE/HEALTH CHECKS• Enforced constantly security policy of devices
accessing the corporate network
• Profile and Role based security enforcement
management solution
ONGUARD
APPLICATION MANAGEMENT• First integrated solution to control devices,
users, network and applications altogether
• Leverage investments of MDM/MAM and extends
it to the Network Access Control
WORKSPACEExisting RADIUS
(e.g. eduroam)
POLICY MANAGER
MDMLAN Switch
Guest Contractor Employee
![Page 15: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/15.jpg)
15
CLEARPASS CERTIFICATE AUTHORITY
• Easily differentiate devices
- User iPhone / iPad versus corporate issued Windows laptop
• Guarantees user / device identity
- Includes: serial number, user info, device information, etc.
15
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
15
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Unique Cert
Device enrollment / onboarding
![Page 16: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/16.jpg)
16
Provisions 802.1X configuration
User ExperienceUser Experience
� Self-serve connectivity
� Windows, Mac, iOS, Android
OR
SIMPLE 802.1X DEVICE CONFIGURATION
Local or Remote Access
Does not require Policy Manager or Certificates
16
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
16
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Network Access
Access toSecure Network
Impact to ITImpact to IT
� Eliminates time to provision new devices
� Allows for faster updates
Captive Portalor
Distributed Media
![Page 17: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/17.jpg)
17
CORE COMPONENTS OF UNIFIED ACCESSFOUNDATION FOR BYOD
DEVICE PROVISIONING• Self-Provisioning for Wired & WiFi
Windows, iOS, Android devices
• Simplified 802.1X deployment and
management for Unified Access ONBOARD
ADVANCED GUEST MANAGEMENT• Simplified management of HotSpot
with advanced customizable portal
• Guest management in enterprise with
self and sponsor registrations
workflows
GUEST
DHCP Server
Active Directory
CLEARPASS POLICY MANAGER
LAN NMS
WLAN Controller
WLAN NMS
Core
17
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
17
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
POSTURE/HEALTH CHECKS• Enforced constantly security policy of devices
accessing the corporate network
• Profile and Role based security enforcement
management solution
ONGUARD
APPLICATION MANAGEMENT• First integrated solution to control devices,
users, network and applications altogether
• Leverage investments of MDM/MAM and extends
it to the Network Access Control
WORKSPACEExisting RADIUS
(e.g. eduroam)
POLICY MANAGER
MDMLAN Switch
Guest Contractor Employee
![Page 18: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/18.jpg)
18
COMPLIANCE CONTROL FOR LAPTOPS/DESKTOPS
Quarantine / Remediation
• Out of date A/V, A/S Restricted / Denial of Access
• VM not allowed
• Firewall off
• USB Device not allowed
Checks prior to Access
18
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
18
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Full Access
• Firewall on
• Encrypted disk
• Current A/S, A/V Dat file
• All Services on
Checks prior to Access
Wireless, Wired, VPN
![Page 19: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/19.jpg)
19
APP SPECIFIC BASED POLICIES
Mobile Context
TIME-FENCING
Point of Sale App:Must be used during store hours
GEO- FENCING EMR Apps:Must be used at hospital or member facilities
19
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
19
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
MOTIONSENSING
Email App:Can not be used while driving/moving
DEVICE CONTROL
Device Status:Cut & paste restrictions, Jailbreak / Root detection, Cloud backup
CONTENTCONTROL
Browser App:Can not access torrent sites
![Page 20: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/20.jpg)
20
CORE COMPONENTS OF UNIFIED ACCESSFOUNDATION FOR BYOD
DEVICE PROVISIONING• Self-Provisioning for Wired & WiFi
Windows, iOS, Android devices
• Simplified 802.1X deployment and
management for Unified Access ONBOARD
ADVANCED GUEST MANAGEMENT• Simplified management of HotSpot
with advanced customizable portal
• Guest management in enterprise with
self and sponsor registrations
workflows
GUEST
DHCP Server
Active Directory
CLEARPASS POLICY MANAGER
LAN NMS
WLAN Controller
WLAN NMS
Core
20
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
20
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
POSTURE/HEALTH CHECKS• Enforced constantly security policy of devices
accessing the corporate network
• Profile and Role based security enforcement
management solution
ONGUARD
APPLICATION MANAGEMENT• First integrated solution to control devices,
users, network and applications altogether
• Leverage investments of MDM/MAM and extends
it to the Network Access Control
WORKSPACEExisting RADIUS
(e.g. eduroam)
POLICY MANAGER
MDMLAN Switch
Guest Contractor Employee
![Page 21: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/21.jpg)
21
VIRTUAL DESKTOP INFRASTRUKTUR
VDI App(Desktop App
zentrale Speicherung von Daten)
Data CenterVDI Server
21
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
21
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
![Page 22: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/22.jpg)
22
Container Prinzip
Container App(App in App
Lokale Speicherung von Daten)
Data Center
22
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
22
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
![Page 23: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/23.jpg)
23
CAN LEVERAGE THIRD-PARTY MDM INVESTMENTS
3rd Party Device Management
23
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
23
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Network Policies• Firewall policy
• BW prioritization
• RF Location
Unified AccessManagement
Device Context
• Black, whitelisted apps
• Jailbreak detection
• GPS location
Context: • Exchange rich
endpoint data
• Trigger on or off
network policies
• Extendable
architecture
![Page 24: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/24.jpg)
24
MANAGEABILITY AND REPORTING
• Central Dashboard
- Different views and privileges by IT role,
location
• Pre-defined Services Templates
- Wired, Wireless, Mac Auth, TACACS+
- Point-n-Click to add auth/authz identity
24
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
24
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
- Point-n-Click to add auth/authz identity
stores, EAP methods
• Trouble-shooting Utilities
- Per session logs
- 3 click problem solving
- Full reporting capabilities
![Page 25: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/25.jpg)
25
PROFILING FOR FULL VISIBILITY
25
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
25
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
![Page 26: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/26.jpg)
26
ClearPass Policy
Manager
DNS/DHCP
Large office
• Centralized/Distributed Administrative Domains
• Active Redundancy/Load Balancing• Cluster wide licenses
EXPLAIN DEPLOYMENT OPTIONS
CPPM Node
Identity Stores
26
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
26
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Identity Stores
Main location
Small office
DMZ
ClearPass Onboard
CPPM Node
LAN Switch
FWFW
Home office
Virtual
CPPM Node
![Page 27: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/27.jpg)
27
UNIFIED ACCESSDie Produktseite
Network Infrastructure
(OmniVista)
MPLS
Service
Router
Branch
Routers
Advanced Policy &BYOD Services
VPN
Client
Management Wide Area Network
Local Area Network
Core
OA5800 ESR OA5700 ESR7750 SRMPLS WAN & LAN
(5620 SAM)
VIA
• BYOD und AAA Dienste
• Access Switch SW
Evolution
- AirGroup Unterstützung
- Regelbasierender Access
- HIC
- Flow basierte ACL/QoS
27
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
27
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Service Level
(VitalSuite)
IP address Management
(VitalQIP)
On The Road Home Office Branch Office Corporate Office Data Center
(ClearPass)
OS10K OS6900 OS9000E
OS6850E/
OS6855/6860OS6450 OS6250
OA4x04, OA4x50
IAP, AP, RAP
Core
Unified Access
BYODBUILT-IN
- Flow basierte ACL/QoS
• SDN Integration vom DC
und WAN bis zum Edge
• OmniVista SW Evolution
- AirGroup switch Konfig
- ClearPass Integration
![Page 28: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/28.jpg)
28
UNIFIED ACCESS
Edge Switch
VEREINHEITLICHUNGCONSISTENTE NETZWERKDIENSTE IM WIRED UND WIRELESS
PERSONALISIERUNG VON DIENSTEN AUF APPLE GERÄTEN
• Kontextabhängiger Zugriff auf Apple Geräte
• Nutzer und IT kann die Geräte selbst registrierenAIRGROUP
CITRIX VDI APPLICATION FLUENCY• Bietet QoS in einer VDI Session
• Simple Administration: One Touch KonfigurationVDI FLUENCY
SEAMLESS
28
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
28
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
Access
Points
WLAN
Controller
SIP FLUENCY• Spezielle QoS für SIP video, voice und andere
• Dashboard der aktuell erreichten Qualität
MULTIMEDIAFLUENCY
USER NETWORK PROFILE• Regelbezogener automatischer Netzwerk Zugang für mobile
Nutzer
• Regelbezogene Konfiguration, Sicherheit and Priorisierung
PROFILINGBYODSERVICES
SEAMLESS NETWORK SERVICES
Integration von fremden Geräten• Kontextabhängiger Netzwerkzugang
![Page 29: Die Verwaltung mobiler Endgeräte – eine vielschichtige ...](https://reader033.fdocuments.in/reader033/viewer/2022052406/589ef2901a28abb8498c261f/html5/thumbnails/29.jpg)
29
www.twitter.com/ALUEnterprise
www.facebook.com/ALUEnterprise
www.youtube.com/user/enterpriseALU
FOLLOW US ON
enterprise.alcatel-lucent.com
29
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
29
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
www.linkedin.com - Group Alcatel-Lucent Enterprise
www.slideshare.net/tagged/Enterprise
www.storify.com/ALUEnterprise