Delivering workspace mobility

Secure Mobile Device Access

Jolene Tam

Product & Solutions Marketing | Enterprise Mobility

Cisco BYOD with AirWatch by VMware

2© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Mobility at Work – Increasingly Top of Mind

89%Companies

support corporate-issued mobile devices

Top Mobility Initiatives

Companies have adopted

corporate mobility

initiatives67%

MobileSecurity

60%

MDM

57%

MAM

>75%

50%Companies support

BYOD

Cisco 2014 Mobility Landscape Wave II Survey


What If You Could…

Drastically reduce security risks despite increase in employee-owned devices?

Empower on-the-move employees to be more productive, responsive, collaborative?

Provide employees with secure access to business apps, data, collaboration, or conferencing on any device?

Reduce IT mobility operations expenses?

Any Device Applications and Content

You Can – with Cisco Mobile WorkspaceComplete Mobile Infrastructure for Secure, Seamless Access on Any Device, Anywhere

MOBILE PRODUCTIVITY

Mobile Collaboration

Mobile Data Security

APPLICATION DELIVERY

Application Storefront

MOBILE POLICY

Network Policy Control

CORE INFRASTRUCTURE + SECURITYMobile Networking Cloud Infrastructure

App/Desktop Virtualization

Mobile Device Management

Cisco BYOD Solution Cisco Desktop Virtualization Solution

Cisco Mobile Collaboration Solution


Cisco BYOD Solution with AirWatchIntegrating Network Access and Device Policy

Reduced Complexity• Unified Access with simplified

management

• Simplified design, implementation

Better User Experience• Application visibility and control

• Gigabit Wi-Fi; leading .11ac with HDX

Increased Security• Network-wide, contextual access

policy

• Secure remote access

• Zero-touch onboarding

Flexible deployment and configuration

• Highly customizable advanced feature set

• Professional services, extended support

• MDM integration capabilities with AirWatch

Mobile Device Management

Secure Mobility

Policy Manageme

nt

Core Infrastructure

Integrated 3rd Party MDM

On-Premise

Cisco Unified Access

Cisco Prime Infrastructur

e

Cisco AnyConnect

Cisco ISE Firewall

Wireless

Wired

One Policy | One Management | One Network


Security: All-in-One Enterprise Policy ControlCisco Identity Services Engine (ISE)

Who What

Where When

How

VM client, IP device, guest, employee, remote user

Wired Wireless VPN

Business-Relevant Policies

Security Policy Attributes

Identity Context MDM

Cisco Confidential 7© 2013-2014 Cisco and/or its affiliates. All rights reserved.

ISE and MDM IntegrationBetter together…

Cisco ISE

Secure policy enforcement

but…Limited awareness of

device posture

VMWare AirWatch

Provides posture information

but…Limited capacity to

enforce network policies

With the REST API Integration, ISE is able to

Receive device compliance information from the MDM to make network access policy decisions

Push administrative device actions (such as remote-wiping) via the MDM

Cisco Confidential 8© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Enrollment: ISE-orchestrated to simplify user experience

Non-registered clients are redirected to MDM registration page

Non-compliant clients are given restricted access

ISE and MDM

ISE and MDM IntegrationThree Phases of Network Access

Daily Access: Network + Device

Update data from endpoint which can be tied into access policy

De-enrollment: Initiate device action from ISE

Device stolen can wipe data on client


Cisco BYOD Solution for Secure Mobile Device Access

SIMPLIFIED OPERATIONS

• Unified Access: One Policy, One Management, One Network

• Cisco Validated Designs

• On-premise or cloud-managed solution

RICH USER EXPERIENCE

• Broadest 802.11ac Portfolio

• Cisco High-Density Experience (HDX)

• Application Visibility & Control

HIGHLY SECURE

• Streamlined Device On-Boarding

• Context-Aware Policy

• Integration with MDM partners

• Secures corporate and employee owned devices

Thank you.

Technology

Delivering workspace mobility