mobile network security

JUNIPER SECURE MOBILE ACCESSOctober 20, 2010Amir Khan

2 Copyright © 2010 Juniper Networks, Inc. www.juniper.net

AGENDA

WHAT IS SECURE MOBILE ACCESS1

WHY IS SECURE MOBILE ACCESS IMPORTANT2

WHAT IS JUNOS PULSE3

SUMMARY4


AGENDA




SUMMARY4


MORE USERS, MORE NOTEBOOKS, NETBOOKS, AND SMARTPHONES…


…MEANS A MORE MOBILE WORKFORCE!

Any Device Any Location Any Resource

Intranet®


Smartphones Notebooks

Email, Calendar, Task Lists Corporate Data Oracle, Siebel Unified

Collaboration

Email Intranet/Portals ERP/CRM Working

SECURE, MOBILE ACCESS TO ENTERPRISE APPLICATIONS

Enterprise Apps

VPNs for Peer to Peer and Collaborative messaging utilities

VPNs for digital voice or video conferencing applications (e.g. Skype)

VPNs for Real-time data from warehouse floor

VPNs for Instant access to financial information

Enforcement of Mobile Device Policies before allowing access

Remote access to corporate intranet information and applications

For the Road Warrior who needs mobile access to email, calendaring, and contacts


AGENDA




SUMMARY4


MOBILITY IS EXPLODING!

World's mobile worker population to surpass 1B people in 2010 and grow to > 1/3 of world's workforce by 2013* 14% of information workers use smartphones

in 2010 to access data; expected to reach 30% by 2013**

By 2012, smartphone penetration to roughly double globally (~9% to 20%)*

*Forrester Research; ** IDC


PERSONAL DEVICES VS. CORPORATE DEVICES

Managed

Un-managed

Smartphones

About 1/4 of employees use smartphones that are not “corporate-standard” or managed*

*Forrester Research


SECURE MOBILE REMOTE ACCESS ANYTIME, ANYWHERE

BRANCH OFFICES

REMOTE LOCATIONS

REMOTE USERS / TELECOMMUTERS

HEADQUARTERS / CAMPUS

MOBILE USERS


CHALLENGES OF A MOBILE WORKFORCE

Enable secure corporate access for smartphones

Enforce the same existing authentication methods and security settings for corporate managed systems

Deliver secure, remote access for mobile devices, while enforcing granular access control

Adapt mobility and security policies to allow for personal mobile devices


AGENDA




SUMMARY4


24 of Fortune 25 are using one core Junos Pulse service:Juniper SA Series SSL VPN

Covers majority of all desktop,laptop, netbook, and smartphones worldwide

JUNOS PULSEBASED ON SUCCESSFUL, LEADING TECHNOLOGY

Over 25M people use Juniper client software to securely access corporate data

Only Converged

Solution

Secure application access for mobile and non-mobile devices

Support for many thousandsof users

Broadest Device

Coverage

Most Scalable

Only Standards-

based Solution


JUNOS PULSE (FOR WINDOWS)

Dynamically provisioned client for: Connectivity Security Acceleration

Support for notebooks, netbooks, and smartphones

Location aware and identity-enabled

Standards-based

Platform for select third party applications

Builds on Juniper’s market leading SA Series SSL VPN, UAC solution, and WXC Series technology!


JUNOS PULSE SECURE MOBILE REMOTE ACCESS

Covers range of application access requirements Web VPN Secure Email and Calendaring Full Layer 3 Tunnel

Unparalleled “Data in Transit” Security Leverages SSL VPN Multi-factor authentication Granular auditing and logging


JUNOS PULSE MOBILE CLIENTSENABLING SECURE AND EASY CORPORATE ACCESS

Complete enterprise-user application portal

Dynamic, role-based application menu— tightly integrated with user identity and device type

Centralizes links to email, web applications/intranet, etc.

Provisioned via respective Application Stores

Designed for minimal user interaction

Autoboot upon device restart


SMART LOCATION BASED VPN AND LAN ACCESSFor notebooks and netbooks: Location Awareness – Seamless access as the user moves from remote access to

LAN access Pulse Client auto discovers High Speed/Low Latency connections Seamless session migration – No need to re-authenticate

WXC SeriesSA Series

IC Series (UAC)

REMOTE LOCATIONS

REMOTE USERS / TELECOMMUTERS BRANCH OFFICES MOBILE USERS

SRX Series


DATA CENTER

2

JUNOS PULSEMOBILE WORKFORCE SECURITY MADE SIMPLE

REMOTE EMPLOYEE

SA Series SSL VPN dynamically installs Junos Pulse. Pulse includes anti-spyware/anti-malware for Windows enabled endpoints and removes threat before access is granted

Imagine you have a remote doctor accessing medical records via SA Series SSL VPN using an infected endpoint

INTERNET

1

5

STRM Series and Junos Space report that this doctor’s endpoint has been infected 5 times in two months, alerting IT

Junos Pulse also includes dynamic provisioning of application acceleration client (WXC Series) based on user’s role and encrypts traffic (Windows devices only)

User enjoys secure access with faster file transfer times

3 4

LAN

6

As user moves from remote location to LAN Junos Pulse provisions seamless connectivity with no additional sign-ons

SRX Series

SA SSL VPN

VPN

UAC

WXC Series


LAN

Data Center NY

EngineeringServer

Finance Server

SSL VPNUAC

SRX

Data Center Tokyo

EngineeringServer

Finance ServerCorporate

Network

SSL VPNUAC

SRX

IF-MAP IF-MAP

User: AdamRole: Finance

Head Quarters

User: AdamRole: Finance

Remote Site

SSL VPNREMOTE

GLOBAL IDENTITY AWARE NETWORKING

Adam in Finance attempts to access the Engineering Servers in the NY data center from his wired desktop at HQ, but access is denied. Adam is only allowed access to the Finance Server based on his credentials and access policies.

Adam is now remote in Asia and attempts to access the Tokyo data center remotely from his mobile device. The same access policies applied to Adam when at HQ follow him anywhere and anytime he attempts network access.


AGENDA




SUMMARY4


SECURE, SCALABLE MOBILITY Comprehensive mobile, remote access

Enable secure, mobile remote access for mobile devices

Leverage existing authentication methods and security setting

Granular access controls

Adapt mobility and security policies

Scalable VPN infrastructure

Broad range of mobile platform support covering all leading mobile platforms


Junos Pulse As An integration Platform

Junos Pulse Gateways

APP

1

APP

2

APP

3

APP

4

APP

1

APP

2

APP

3

APP

4

Junos Pulse

Platform

Base OS

Junos Pulse

Applications

NOTE: Applications different per OS

Junos Pulse is also an integration platform for select third party applications and services

Applications SSL VPN NAC Application

Acceleration EES and more

Junos Pulse Client


Applications(of any type)

JUNOS PULSE ARCHITECTURE

Junos Pulse Gateways

Junos Pulse Client

Junos Pulse Client

Juniper Extensive “Clientless”/ Browser

Support

SA Series SSL VPN (also available as virtual appliance)

IC Series UAC

WXC SeriesApplication Acceleration


JUNIPER AND JUNOS PULSE LEADING THE WAY

Over 25M people use Juniper client software to securely access corporate data

Industry’s 1st standards-based, dynamically provisioned multi-service client enabling connectivity, security and acceleration

Addresses 76% of all smartphones in use world-wide

Only Converged Multi-Application Access Solution for Mobile and Non-Mobile devices

Industry’s most scalable SSL VPN mobile solution – supports many thousands of concurrent users

mobile network security

Technology

secure mobile access2why

personal mobile devices

nonmobile devices

skyperemote access

instant access

junos pulse3summary4

junos pulsebased

corporate devicesabout