Let your employees work their own way, using multiple mobile devices in multiple locations, while you stay confident that your data is kept secure.
Your workers are no longer confined to their desktops or their offices. They expect to be able to work where and when it suits them, and on whatever devices they have available. While these devices are proving to be an effective way to keep employees engaged, responsive, and productive, they’re a growing management challenge for you. How do you securely introduce employee- and company-owned mobile devices into your network? How do you give your employees the freedom to work the way they want while reducing overall IT complexity? Most of all, how do you keep your data and network secure?
Cisco® Bring-Your-Own-Device (BYOD) solutions help you do all that and more. They simplify IT operations with end-to-end and network lifecycle management. This helps you keep data secure with unified policy and essential controls necessary to support this mobile work environment.
But Cisco BYOD solutions provide more than just secure mobile access. They also allow you to build a robust foundation on which to deploy a complete mobile workspace - where the whole digital work environment is mobile, not just the device. This means you can deliver a portable digital work environment on any device, helping ensure that your employees have access to all the applications, data, communications, and services they need to be productive.
More Mobility Means More Security Threats
Doctors call up patient records throughout hospitals and clinics via touch screens. Financial planners access confidential data from laptops in clients’ offices. Students log in to their records from a variety of devices in various buildings on campus. No matter the scenario, security remains a top concern when employees use mobile devices.
Securing corporate data, applications, and systems is essential to any employee mobility strategy. You need to help ensure a secure experience from both a device and network access perspective. As you develop an “any device, anywhere” strategy, you need to know who is on the network, the location of the person, and the type and status of the device.
● End users need a productive session that includes essential business and collaboration applications, and a consistent experience across multiple device types.
● IT organizations need to understand the operational impacts of enabling mobility and BYOD initiatives for employees, partners, and guests. You need solutions that can evolve with business trends and deliver sustainable business results.
How Cisco Delivers Secure Mobile Access for Your Workforce
Let’s say you have an employee with a new tablet she wants to use for work. A contractor who wants to use his own laptop in your office. Or a guest who simply needs Internet access. You want to provide all these services with an easy and exceptional user experience. At the same time, you want to make sure you’re keeping your employees, partners, and guests safe, your organization protected, and your IT team from becoming overburdened.
Cisco has two types of BYOD solutions to help you achieve those goals: A cloud-managed solution and a solution that is managed on your premises. The Cisco Meraki BYOD cloud-managed solution integrates all hardware and software technologies into an “out-of-the-box” solution that is easy to deploy and use. The on-premises-managed Cisco BYOD Solution combines Cisco and partner technologies to provide fully featured network and device policy management, plus enforcement capabilities for the most demanding deployments.
Both solutions offer benefits depending on your specific IT strategy and deployment priorities. Let’s take a closer look.
Cisco Meraki Cloud Managed Solution
The Cisco Meraki Cloud Managed Solution provides an efficient, effective user and IT experience when deploying managed mobile devices in centralized and distributed environments.
This cloud-managed solution delivers exceptional out-of-the-box visibility, security, and control over your entire mobility environment. An optimized feature set and easy-to-use dashboard help simplify and accelerate device deployment and management over the Internet. In addition, ongoing managed upgrades greatly reduce operational overhead.
The Cisco Meraki Cloud Managed Solution lets you:
Gain visibility: Get insights into the users, devices, and applications on your network by reviewing networkwide reports and trends and drilling down to the client level. Client devices are automatically classified by inspecting a wide array of attributes, letting you distinguish iPads from iPhones and Androids. Rich application classification uses Layer 7 deep packet inspection (DPI), extending far beyond host and port inspection to classify evasive and encrypted applications.
Increase security: Automatically apply policies by user and device type, which helps to secure LAN resources and protect against viruses. Customize authentication, firewall and traffic shaping rules, and bandwidth restrictions based on users’ identities. Implement device-specific policies to automatically restrict, quarantine, or throttle user-owned and untrusted devices. Provide Internet-only access to untrusted devices, isolating your network from viruses and blocking access to internal resources. Automatically scan PCs to ensure that they’re running antivirus software, blocking vulnerable devices from accessing the network.
Manage capacity and performance: Enable wireless performance under challenging conditions with cloud-based RF planning and application traffic shaping. Cloud-based analysis tunes the RF parameters of your access points in concert, optimizing performance and avoiding interference. Prioritize applications such as voice and video while throttling bandwidth-intensive recreational traffic. Set policies networkwide, by user group or by client.
Provision and manage devices: Allow self-service setup for new users and ensure that they’re managed when they log on to the network. Centrally manage network settings such as wireless connectivity, security settings, and VPN configurations across all devices. Preconfigure exchange server and credentials with Enterprise Active Sync. Locate and track laptops and mobile devices, both on and off your network. Secure data by locking devices, setting passcode complexity requirements, and establishing a maximum number of failed attempts. Remotely lock or erase devices that have gone missing, and even selectively wipe confidential data from users’ devices.
The solution supports the growing number of client devices on your network with Cisco Meraki wireless access points and manages them all with the built-in mobile device management (MDM) toolset. Cisco Meraki System Manager provides BYOD support for user-owned and company-issued mobile devices.
If you have distributed sites, lean IT resources, or would like to move your mobility management into the cloud, the Cisco Meraki solution is for you (Figure 1). You get centralized cloud management of your content and applications, rapid provisioning, application deployment, and integration directly with the Cisco Identity Services Engine (ISE) for centralized policy management.
Figure 1. The Cisco Meraki Cloud Managed Solution Provides a Great IT and User Experience with Exceptional Out-of-the Box Visibility, Security, and Control over Your Mobility Environment.
Cisco BYOD Solution: On-Premises Management
The Cisco BYOD Solution, with on-premises management, delivers a fully featured, integrated solution that includes partner technologies to provide the flexibility and security needed to support the broadest set of mobility requirements (Figure 2).
Using an architectural approach, this solution incorporates pretested network designs and comprehensive services to allow you to focus on innovation rather than implementation. It provides the foundation for delivering a complete mobile workspace solution that increases workforce productivity with high-quality collaboration - on any device, from anywhere.
The Cisco BYOD Solution offers three important benefits:
● Provides secure access with a unified policy: A single policy secures data, applications, and systems across your entire organization. It provides guest, posture, device profiling, on- and off-premises network access, and MDM from leading partners such as MobileIron, Citrix, IBM, and AirWatch. Innovations in the Cisco Identity Services Engine (ISE) include new zero-touch on-boarding and central policy integration via open APIs with MDM solutions. In fact, you can now set an MDM wipe policy or network access policy based on MDM posture. Cisco ISE is the only solution to provide both network-based and endpoint-based scanning. We also provide data security in the network (on and off premises) to help ensure that your intellectual property is protected.
● Delivers an uncompromised experience: We increase end-user productivity with simplified on-boarding, leading application visibility and control, and mission-critical wireless access. Cisco solutions let you meet both user and IT experience expectations, on and off the corporate network. When using our high-performance, intelligent 802.11ac wireless network with Cisco’s advanced High Density Experience (HDX) capabilities, you’ll have the performance and reliability needed to support the growing high density of mobile devices - especially when they’re running high-bandwidth applications such as voice, video, and virtual applications on a variety of device client types.
● Simplifies operations and investment protection: Our services, along with those from our partners, help simplify deployment and troubleshooting, drive the business benefits of mobile devices, and lower operating costs. This holistic approach delivers an end-to-end solution that works across the enterprise and helps solve cross-silo issues, including compliance. Cisco Professional and Technical Support Services help accelerate planning, deployment, and management across the entire solution - not just on individual products. Cisco Validated Designs speed the deployment of mobile device and BYOD initiatives while reducing risk as your infrastructure evolves to meet current and future needs. By providing a foundation for a more complete mobile workspace solution, Cisco’s BYOD Solution provides a perfect starting point for your enterprisewide strategy.
The Cisco BYOD Solution Difference
● Highest-performance wireless infrastructure - up to 30 percent faster than the competition for the best user experience
● Single source of policy for your entire organization: wired, wireless, remote networks, physical, or virtual devices
● Broadest mobile OS support in Cisco AnyConnect® VPN Client software, including iOS, Android, and Windows Mobile
● Flexible support for traditional SSL/IPsec VPN and per-application VPN remote access
● Deepest, broadest, and most accurate device and application knowledge
● Unified management across wired, wireless, and policy
Figure 2. The Cisco BYOD Solution, for On-Premises Management, Provides Fully Featured Network and Device Policy Management, with the Flexibility and Security You Need to Support the Broadest Set of Mobility Requirements.
Providing a work-your-way solution for diverse users with multiple devices. Anywhere, anytime.
Figure 3. BYOD Use Cases
With the “One Network, One Policy, One Management” strategy for access networks, Cisco is the only solution provider to have all the components to efficiently create a secure and seamless user experience across all scenarios. Cisco empowers you to provide greater business freedom with high-performance, context-aware network solutions that go beyond BYOD to fully address many types of users with different device, security, and business requirements.
For more information about successful real-world examples of the Cisco BYOD solution, visit http://www.cisco.com/go/byod.