Access Control Portfolio - 2326 Words

Access Control Portfolio
(Level 3 / Technical Decision Influencerlevel Presentation)

The Markets We Serve
Ethernet
Switching

Wireless
Networking

Unified
Branch

Access
Control

Unified
Management

Branch
& Remote

Enterprise
Campus

Data Center
Continuing aggressive investment in the Portfolio
©2010 Avaya Inc. All rights reserved.

3

Delivering Valuable Differentiation
Progressive evolution of our existing differentiating Access Control technology

©2010 Avaya Inc. All rights reserved.

4

Comprehensive, not Complex, Security
 Improve security with fully granular

control

Integrated NAC

– Role-based control & network

User Access

compartmentalization

Corporate or Guest

Wired / Wireless / VPN

 Enhanced Regulatory compliance

Consistent & granular control

– Partitioning of access &

comprehensive reporting
 Simplicity
– Centralized policy decision,

Consolidates administration Centralised & integrated NAC

defined in plain language
 Reduced costs
– Supporting existing

infrastructure & identity stores, virtual appliance option

Enhances security
& compliance

Simplifies multiple
Directories & Databases

©2010 Avaya Inc. All rights reserved.

5

Network Access Control Portfolio
Benefits, features & characteristics, and positioning ©2010 Avaya Inc. All rights reserved.

6

Why NAC Is Needed
 Enforce corporate compliance policies
 Enforce regulatory compliance policies
 Protect network assets
 Mitigate zero-day attacks

©2010 Avaya Inc. All rights reserved.

7

Value Proposition
 Corporate Governance
–

Do world class companies do the bare minimum to meet customer expectations or do they try to surpass customer expectations?

–

Corporate governance defines how you want to run your business and includes many facets over and above regulatory obligations such as overall information protection, business continuity, guest access policies, employee access policies … Identity Engines allows you to enforce the corporate governance policies you define. Regulation or not, no company wants to be in the paper for not protecting their Intellectual Property or customer information.

 Regulatory Compliance
–

Do you have a legal/regulatory obligation to withhold (ex. HIPAA, SOX, PCI)?

–

Identity Engines allows you to enforce regulatory policies as part of compliance.

 Operations Cost Reduction
–

Do you have to choose between leaving your network wide open or investing excessively in network operations to deal with all the change requests? Damned if you do, damned if you don‟t.

–

Identity Engines can help you provide the safeguards needed AND reduce operational expenditures to manage the network.
©2010 Avaya Inc. All rights reserved.

8

Evolution of a Problem
Multiple
Access
Methods

Wireless

Multiple
Identity
Stores

MSFT AD

Wired

Remote/VPN

Sun, Novell, Oracle

RSA Token

Across multiple locations, buildings, for multiple users
Auxiliary
Science

Distance
Learning
Engineering

 Bookstore
 Food services
 Music

Library

Business
Health Center
Student Records

Housing

Hosted Events
 Concerts
 Athletics
 Summer programs

Community Access
 Library
 Fitness Center

Guest Users?
©2010 Avaya Inc. All rights reserved.

9

Consolidation & Access Policy Consistency
Disparate Silos

Common ID & Policy

©2010 Avaya Inc. All rights reserved.

10

The Authenticated Network Architecture
 Control who can use the

network to access which resources & when & where they may do so
 Centralized, Enterprise-

wide network access policies  Consistent & predictable

network access
 Enhanced security
 Facilitates regulatory

compliance
©2010 Avaya Inc. All rights reserved.

11

Making Authenticated Networks a Reality

Wired

Inline NAC

Administrative
Access
Control

RADIUS/TACACS+

Remote

Identity Engines
Ignition Server

Integration APIs
Guest Access
Posture Assessment

Identity Stores

Virtualization and Identity Routing

Wireless

RADIUS

Network
Access
Control

Policy Decision

Managerment and Session

Show More