300 likes | 413 Views
Securely connecting users and applications from anywhere to anywhere in today’s global economy. Mobile Now™ for BYOD All your b usiness applications. None of the business risk. AG series secure access gateways J ump in. The mobile waters are fine. S ections.
E N D
Securely connecting users and applications from anywhere to anywhere in today’s global economy. Mobile Now™ for BYOD All your business applications. None of the business risk. AG series secure access gateways Jump in. The mobile waters are fine.
Sections • What is a secure access gateway? • Array secure accesssolutions • SSL VPN • Remote desktop • Mobility • Business continuity • Array AG Series secureaccess gateways • Product line • Feature matrix • Key takeaways • Case studies and global satisfied customers JUMP IN.THE MOBILE WATERSARE FINE.
What is a secure access gateway? • Mobility • Smart phones, tablets and BYOD • Data, device and app management • Preventing data leakage when using personal devices • Scalability • Enterprise-wide remote access • Support employees, partners and guests • Thousands of users and burst capacity for BCP events • IPsec VPN • Network-level encrypted access • Remote access • Managed laptops • Intranet only • Requires client • SSL VPN • L7, L4 & L3 encrypted access • Any device • Intranet or extranet • Clientless • Granular control 2009 2000 2006 2003 2013 VPN remote accessfor select workers onmanaged PCs Anytime, anywhere secureaccess with greatersecurity and control Remote access as an enterprise-wide strategy for worker productivity Adapting secure access to address new apps,devices and consumerization ANYTIME-ANYWHERE ANY DEVICE ANY APPLICATION
What is a secure access gateway? • SECURE ACCESS ARCHITECTURE • iOS and Android support • Per application L3 mobile VPN • L4 SDK for secure tunneling • Secure Web browser • Enterprise app store • Client, app and device security • Per-user policy engine • Auditing and reporting • End-point security • RDP over SSL • Wake-on-LAN • BCP contingency licenses • Up to 256 virtual gateways • 2048-bit SSL encryption • L3, L4 and L7 connectivity • Advanced AAA integration • Dual-factor authentication • Single sign-on Smart Phone &Tablet Users WiFi Users BYOD Road Warriors Remote Users LAN UsersLaptops & Desktops Home Workers Day ExtendersBusiness Continuity Users Native & Web Apps Enterprise Applications Physical & Virtual Desktops Internal / Campus Network
Array secure access solutions DesktopDirect™Remote Desktop Securely access office desktops and apps from any device or location. AccessDirect™SSL VPN Traditional Web or network-level VPNfor remote workers. VPN RDP • Business ContinuityContingency Licenses • Seamless, cost-effective burst remote access for planned and unplanned events. MotionPro™Secure Mobility Securely connect devices and apps to enable business mobility and BYOD. BYOD
AccessDirect SSL VPN remote access • Pure SSL “anytime-anywhere” browser-based access • Up to 256 virtual instances support multiple communities of interest • Business units, partners, guests, contractors • Scalable up to 128,000 concurrent users • Enables secure access“enterprise-wide” • Range of access methods • Layer-3 client for trusted workers • Specific resources for unmanaged devices • Web portals for extranet partners Applications Applications Users
SSL VPN security architecture • Complete separation between non-secured and secured networks • All standard cipher-suites • Hardware-accelerated • 2048-bit key lengths • Client-side certificates Proxy • Web Apps • Clientless Web application support • End Point Security • Host Checking • Adaptive Policies • Secure Desktop • Cache Cleaning • Eliminates all elements of browser cache • Local sandbox prevents data leakage SSL • AAA • Supports all industry standards (AD, RADIUS, LDAP, SecureID) • RSA certified • Unique SSL integration • Fine grain ACLs • L3, L4 and L7 • External mapping • Black list and white list • Full audit trail • Who, what and when • Syslog support • Configurable email alerts FW • File Shares • Clientless access to shared directories • CIFS/NFS • Networks • Full L3 VPN • Any IP protocol • L4 redirection • Denial of Service (DoS) attack protection • ACLs (Layer 4) • URL filtering (Layer 7) • Network probe logging
Multiple communities of interest Internet Only Quarantine Application Access Network Access Network Access Portal 1 Portal 4 Portal 5 Portal 3 Portal 2 • Engineering • Finance • Partners • Guests • Etc. • Portals arecustomizabletothe look and feel and resource needs of each community of interest • Each portal is fully partioned and independentlymanageable
Humana – SSL VPN remote access • Large healthcare insurance provider • $40B in yearly revenue • Over 12M members • Why the need for SSL VPN? • Stove pipe secure access for various use cases was costly to manage and too prone to inconsistencies and data leakage • IPsecwas more expensive and less secure vs. SSL VPN • AG Series solution and benefits • Consolidated secure access for local and remote employees, partners and guests on a unified platform • Demonstrable accountability for HIPAA compliance, increased productivity for employees, partners and guests, and decreased cost and complexity
DesktopDirect remote desktop access • Thin-client RDP access over SSL • Data never leaves the network and never resides on end-user devices • Applications on office desktops usable from remote or mobile devices • Securely enables “bring your own…PC, laptop, tablet or smart phone” • Cost-effectively leverages existing investments in infrastructure, applications and devices to rapidly scale productivity and enterprise mobility
Remote desktop access architecture • Ideal for boosting office worker productivity, ensuring business continuity and enabling secure mobility for business laptops Windows VMview Securelyconnect to officedesktops from any device, anywhere. pcs physical desktops smart phones virtual desktops and terminal services tablets
Productivity and business continuity • Provides a means for office workers (those without managed laptops and VPN access) to remain productive under any circumstance Prevent Revenue Loss Maintain Productivity Grow Productivity Natural Disasters Outbreaks Sick Child Repairs & Deliveries Home Working Nights & Weekends
Needham Bank – remote and mobile access • Customer-owned community bank • 5 locations • Over $1B in assets • 48x increase in mobile devices since 2007 • Needed to quickly and cost-effectively provide access to bank applications from tablets and laptops without risking data leakage • Selected DesktopDirect solution for BYOD, remote and mobile access • DesktopDirect impact on remote and mobile productivity • 11x unique users • 120x total hours spent • 10x time per user • No security issues, no additional IT staff required
MotionPro secure mobile access • Enterprise application portal • Secure access to enterprise resources • Secure browser for Web resources • VPN on-demand for native apps • SDK for secure native app tunnels • Enterprise app store • Secure mobile access • Client security • App management • Device management • Part of an overall mobility strategy • Complements MDM
Secure application access Secure SDK for Native Apps Native apps developed with SDK will start L4 VPN tunnel Secure Browser L7 Web apps launched in secure browser VPN on Demand for Native Apps Configured native apps will start L3 VPN automatically Only authorizedapplications may use theVPN tunnel
MotionPro vs. MDM • MotionPro and 3rd party mobile device management (MDM) solutions are complementary Both areneeded to enable an enterprisemobilitystrategy MotionPro provides scalablemobile VPNwith basic device and applicationmanagement MDM providesadvanced deviceand applicationmanagement but they are not a VPN gateway
COPCP – HIPAA compliant mobility • Ohio’s largest physician-owned cooperative • Over 50 physician offices and over 200 physicians • Healthcare mobility requirements • BYOD strategy that provides physicians with flexibility while also addressing IT requirements for security, manageability and cost • Benefits for physicians and IT • Renew prescriptions anytime, anywhere and move seamlessly between exam rooms using iPads • Reduces cost and complexity while improving productivity and compliance
Buckingham Research – BYOD • Institutional research and brokerage firm • Founded in 1982, based in New York • Why the need for BYOD? • Employees bringing personal iPads to the office and wanted access to corporate applications • Field employees wanted to use iPads instead of laptops • Array AG impact on BYOD enablement • No user learning curve, no new passwords • $30K HW install vs. $300K SW upgrade • 3 week installation vs. 8 month project • One HA pair and one DR unit, that’s it!
Business continuity contingency licenses • Array Business Continuity (ABC) • Scalable and affordable burst capacity to meet the demands of planned and unplanned surge remote and mobile access • Affordable and flexible contingency license certificates • Available in 10-day denominationsand tiered sizes • Triggered by exceeding standard user licenses and may be utilized in consecutive or non-consecutive 24-hour increments • Any mix of mobile and remote users • AccessDirect, DesktopDirect or MotionPro
Morgan Stanley – Business continuity • World’s 7th largest bank • $31B in revenue • 53,000 employees • DesktopDirect solution • 25+ appliances in 8 countries with 5 major data centers • 10,000 standard DesktopDirectuser’s licenses • Peak capacity of 36,000 users via Business Continuity licenses • January 2011 • Massive snowstorm paralyzed the east coast • 12,000 users still were able to work using DesktopDirect • Prevented the loss of over $10M in productivity
AG Series product line 10,000 Concurrent Users VMware, XenServer, OpenXen AG1600 AG1500 128,000 ConcurrentUsers AG1200 72,000 ConcurrentUsers AG1150 25,000 ConcurrentUsers AG1000T AG1100 10,000 ConcurrentUsers AG1000 3000 ConcurrentUsers 600 ConcurrentUsers 300 Concurrent Users PHYSICAL & VIRTUAL APPLIANCES SCALING UP & OUT FOR
Superior security, scalability and flexibility • Unmatched scalability • Consolidate remote andmobile access for anentireworkforce • Absorb surge remote and mobile users • More secure • Minimize attack vectors • Simplify management to ensure consistent policies • Highly flexible • Integrated remote access, remote desktop and secure mobile access • Support multiple communities of interestincluding employees, partners and guests Up to 3 GbpsThroughput Up to 256Virtual Gateways Up to 128,000 Concurrent Users • AG SeriesSecure Access Gateways
Superior value of ownership and ROI 20% - 50% Less Expensive Superior Service & Support Array Competition
Array AG vs. the competition $ Array AG1200Up to 25,000concurrent users AG1500Up to 72,000concurrent users Array AG1100Up to 3000 concurrent users Juniper MAG4610 Array = 18% less expensive for 1000 users Juniper MAG6611Up to 40,000concurrent users Array = 31% less expensive Array = 32K more users Array supports almost twiceas many users as Juniper and is almost one third less expensive. Juniper MAG6610 Array = 25% less expensive for 2000 users Juniper MAG6610 Array = 27% less expensive for 11,000 users Juniper MAG6611 Array = 35% less expensive for 22,000 users
Key takeaways • Scalable, intuitive secure access for supporting remote and mobile users • Increase productivity • Mitigate business disruptions • Enable enterprise mobility and BYOD • Consolidated SSL VPN, remote desktopaccess and secure mobile access • Minimizes attack vectors • Simplifies management • Ensures consistent policies • Streamlines the end-user experience • Cost-effective solution for mobilizingany size workforce while preventing attacks and data leakage JUMP IN.THE MOBILE WATERSARE FINE.
Securely connecting users and applications from anywhere to anywhere in today’s global economy. Mobile Now™ for BYOD All your business applications. None of the business risk. AG series secure access gateways Jump in. The mobile waters are fine.