SlideShare a Scribd company logo

Hypori Performance Webinar

Download as PPTX, PDF
Grafic.guru
Grafic.guru

The document discusses Hypori, a platform for hosting Android securely in the cloud and accessing it via remote client apps. It provides an overview of Hypori terminology, typical deployments, technologies used such as SEAndroid and KVM, the product roadmap, and architectures for securing the ACE virtual devices, clients, and servers.

Business
1 of 18
Slide 2 Host Android in the cloud, access via remote client apps: Hypori ACE Servers similar to VDI servers Hypori ACE Client from public app store or distributed by MAM What is Hypori?
Hypori Platform Terminology Slide 3
Hypori ACE System At Scale Slide 4
Typical ACE System Deployment Slide 5
Typical ACE System Deployment Slide 6
Slide 7 What is Hypori? DEMO
Slide 8 Cloud hosted Android for secure enterprise mobility
Slide 9Slide 9 From DroidCloud to Hypori
Slide 10 Sandbox AppsVMs / Containers MAM Don’t work on iOS, require ‘jail breaking’, limited market traction, not suitable for BYOD. Proprietary containers, typically just email, browser + MS office, few apps, no sensors. MDM Cannot protect enterprise apps and data on personal devices, DroidCloud VDM partner. Miscellaneous Thin Clients Various security approaches, typically a components of a broader solution. Windows 7 not suited to mobile devices, Win8 struggling Less intrusive than MDM for BYOD, but also less secure – low level of assurance. Hypori compliments VDI thin clients, and is partnering with companies in every other box. Enterprise Mobile Ecosystem
Slide 11 Mobile Teleworking Tactical CloudSenior Leader Comms A virtual smartphone for every soldier, running in DISA’s DECC (the DoD cloud) – analogous to BYOD. Forward deployed tactical clouds on land, sea and air platforms for special operations forces. Partners NGOs as part of international aid efforts, logistics providers, coalition partners. Classified mobile communications for senior leaders and other DoD personnel. What are the DoD use cases?
Slide 12 • BYOD or EOD • Securing MDM for sensitive data • Email, calendar and web • Transaction approvals • Salesforce / CRM • SAP / ERP • In-house Android apps • TripIt / travel management • Phone calls / VTC • BYOD published app mode • Extending MDM to third parties • Banking communications • Doc reviews / deal rooms • Viewing transaction activity • Transaction approvals • Treasury services • Market information services • Stock trading CustomerEmployee What are the banking use cases?
Slide 13 Hypori leverages SEAndroid as the ACE Virtual Device remote OS, as well as existing Android apps. Hypori leverages Linux with KVM as the backend baseline for its ACE Server. Hypori leverages the SPICE (Red Hat) protocol as a foundation for its communications / traffic between the ACE Server and ACE clients. Client Apps for Android, iOS, Windows 8, … Linux & KVM for vHost, OpenStack, SEAndroid/AOSP for vDevice, plus storage, user directory, AV, app store. What technologies do we use?
Slide 14 How do we change Android?
Slide 15 Product – Roadmap Hypori product progress and roadmap: • Version 3.0: Q3, 14 – MVP for Enterprise Deployments. Basic camera, server-side OpenGL / 3D, KitKat VD upgrade, SEAndroid, tuned X.264, status bar bypass, notifications, client certs, S/MIME, hardware crypto, high availability, geographical roaming, admin UI and APIs, LDAP/AD integration, SELinux, Splunk auditing integration. • Version 3.1: Q1, 15 – MVP for Multi-Tenant Private Cloud. Client for Win8, remote camera / VTC, client-side OpenGL, media bypass, keyboard bypass, more PKI auth options, app data/sensor access controls, improved VD management and administration, basic instrumentation data exposed to security partners. • Version 3.2: Q2, 15 – MVP for Multi-Tenant Public Cloud. Additional functionality TBD based on customer feedback, stability improvements, house keeping. • Version 4.0: Q3, 15 – MVP for Multi-Tenant Public Cloud. Support for Google CTS, improved sensor support, Official Play support, improved client-side OpenGL, more advanced security instrumentation integration.
Slide 16 ACE Virtual Device • SEAndroid providing: o Privileged daemon protection. o Application isolation. o Middleware controls. o Instrumentation & auditing. o App install protection. o Limit app access to sensors. • ‘Untrusted’ app sandboxing. • Read only core OS partition. • Centralized patching. • MDM / MAM controls. ACE Client • Remote two factor auth. • Remote signing and decryption. • TLS (and VPN) encryption for data in transit. • GPS-based access policies. • Attributes exposed for MDM integration. • Screenshot ‘prevention’. • Integration with client-side attestation technologies. • Eventually, integration with mobile device MTMs. ACE Server • Protocol aware firewall. • KVM hypervisor containment. • SELinux-based VD separation. • Server-side TPM attestation. • VPN service for apps in VDs. • Network proxy for traffic monitoring. • System-wide app management. • Behavioral and signature-based malware detection. • User behavioral biometrics. • VD instrumentation / auditing. Architecting for Defense in Depth
Slide 17 Hypori ACE Admin Authentication & Connection VPN (optional) ENTERPRISE INTERNET ACE Management Server Web Server (nginx) Enterprise Directory (LDAP / AD) mongoDB OpenStack System Present User Certificate (https / TLS v1.2) 1 Validate User Certificate Signing Chain 2 Proxy http 3 Verify Account Status + Password Return valid user data + LDAP parameters 4 Look up User by DN for Role 5 OpenStack API calls 6 REST API Calls (https / TLS v1.2) Splunk / Nagios / Monit / etc HTML + JSON 7 3rd Party Integration
Slide 18 Hypori ACE Client Authentication & Connection ENTERPRISE INTERNET VPN (optional) ACE Client ACE Management Server Web Server (nginx) Enterprise Directory (LDAP / AD) mongoDB OpenStack System Present User Certificate (TLS v1.2) + LDAP Password 1 Validate User Certificate Signing Chain 2 Proxy http 3 Verify Account Status + Password Return valid user data + LDAP parameters 4 Look up User by DN for Role 5 ACE Virtual Device Information 6 Deliver signed Token w/ Compute Node name + AVD TCP Port 7 Connect with signed token to ACE Virtual Device using the ACE Protocol over TLS v1.2 8 Splunk / Nagios / Monit / etc 3rd Party Integration

Recommended

Mykonos Media Presentation
Mykonos Media PresentationMykonos Media Presentation
Mykonos Media PresentationMykonos Software
 
Hitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Systems, Inc.
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationSylvain Maret
 
Gartner Catalyst: How to succeed with your IT Mobile Strategy
Gartner Catalyst: How to succeed with your IT Mobile StrategyGartner Catalyst: How to succeed with your IT Mobile Strategy
Gartner Catalyst: How to succeed with your IT Mobile StrategyLou Sacco
 
FIDO Authentication Opportunities in Healthcare
FIDO Authentication Opportunities in HealthcareFIDO Authentication Opportunities in Healthcare
FIDO Authentication Opportunities in HealthcareFIDO Alliance
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingOKsystem
 
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.ForgeRock
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Systems, Inc.
 

Recommended

Mykonos Media Presentation
Mykonos Media PresentationMykonos Media Presentation
Mykonos Media PresentationMykonos Software
 
Hitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Systems, Inc.
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationSylvain Maret
 
Gartner Catalyst: How to succeed with your IT Mobile Strategy
Gartner Catalyst: How to succeed with your IT Mobile StrategyGartner Catalyst: How to succeed with your IT Mobile Strategy
Gartner Catalyst: How to succeed with your IT Mobile StrategyLou Sacco
 
FIDO Authentication Opportunities in Healthcare
FIDO Authentication Opportunities in HealthcareFIDO Authentication Opportunities in Healthcare
FIDO Authentication Opportunities in HealthcareFIDO Alliance
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingOKsystem
 
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.ForgeRock
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Systems, Inc.
 
How to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyHow to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyVASCO Data Security
 
2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety2FA, Inc.
 
DIGIPASS for Apps
DIGIPASS for AppsDIGIPASS for Apps
DIGIPASS for AppsVASCO Data Security
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CloudIDSummit
 
Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsOlivier Potonniée
 
New Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendNew Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendArrow ECS UK
 
WSO2 Enterprise Mobility Manager - Product Overview
WSO2 Enterprise Mobility Manager - Product OverviewWSO2 Enterprise Mobility Manager - Product Overview
WSO2 Enterprise Mobility Manager - Product OverviewWSO2
 
IdentiD Biometric Reader
IdentiD Biometric ReaderIdentiD Biometric Reader
IdentiD Biometric ReaderPete Taylor
 
ACDI IdentID Overview
ACDI IdentID OverviewACDI IdentID Overview
ACDI IdentID OverviewACDI
 
Access management
Access managementAccess management
Access managementkmehul
 
Securing a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web AuthenticationSecuring a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web AuthenticationFIDO Alliance
 
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzen
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzenPraxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzen
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzenThomas Dehler
 
TrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer
 
The Galaxy S6 edge+ and Note 5. Ready for Business.
The Galaxy S6 edge+ and Note 5. Ready for Business. The Galaxy S6 edge+ and Note 5. Ready for Business.
The Galaxy S6 edge+ and Note 5. Ready for Business. Samsung Biz Mobile
 
Patterns and Practices in Mobile SSO
Patterns and Practices in Mobile SSOPatterns and Practices in Mobile SSO
Patterns and Practices in Mobile SSOWSO2
 
Hexnode Android Management solution
Hexnode Android Management solutionHexnode Android Management solution
Hexnode Android Management solutionHexnode
 
Identity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael DowlingIdentity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael DowlingForgeRock
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesPing Identity
 
Kiosk appdevtips
Kiosk appdevtipsKiosk appdevtips
Kiosk appdevtipsKioWare Kiosk Software
 
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.Sierraware
 
H. pylori
H. pyloriH. pylori
H. pyloriFernandoRueda12
 
Android in the Cloud
Android in the CloudAndroid in the Cloud
Android in the CloudJoel Isaacson
 

More Related Content

What's hot

How to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyHow to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyVASCO Data Security
 
2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety2FA, Inc.
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CloudIDSummit
 
Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsOlivier Potonniée
 
New Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendNew Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendArrow ECS UK
 
WSO2 Enterprise Mobility Manager - Product Overview
WSO2 Enterprise Mobility Manager - Product OverviewWSO2 Enterprise Mobility Manager - Product Overview
WSO2 Enterprise Mobility Manager - Product OverviewWSO2
 
IdentiD Biometric Reader
IdentiD Biometric ReaderIdentiD Biometric Reader
IdentiD Biometric ReaderPete Taylor
 
ACDI IdentID Overview
ACDI IdentID OverviewACDI IdentID Overview
ACDI IdentID OverviewACDI
 
Access management
Access managementAccess management
Access managementkmehul
 
Securing a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web AuthenticationSecuring a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web AuthenticationFIDO Alliance
 
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzen
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzenPraxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzen
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzenThomas Dehler
 
TrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer
 
The Galaxy S6 edge+ and Note 5. Ready for Business.
The Galaxy S6 edge+ and Note 5. Ready for Business. The Galaxy S6 edge+ and Note 5. Ready for Business.
The Galaxy S6 edge+ and Note 5. Ready for Business. Samsung Biz Mobile
 
Patterns and Practices in Mobile SSO
Patterns and Practices in Mobile SSOPatterns and Practices in Mobile SSO
Patterns and Practices in Mobile SSOWSO2
 
Hexnode Android Management solution
Hexnode Android Management solutionHexnode Android Management solution
Hexnode Android Management solutionHexnode
 
Identity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael DowlingIdentity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael DowlingForgeRock
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesPing Identity
 

What's hot (19)

How to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyHow to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategy
 
2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety
 
DIGIPASS for Apps
DIGIPASS for AppsDIGIPASS for Apps
DIGIPASS for Apps
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
 
Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applications
 
New Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendNew Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - Trend
 
WSO2 Enterprise Mobility Manager - Product Overview
WSO2 Enterprise Mobility Manager - Product OverviewWSO2 Enterprise Mobility Manager - Product Overview
WSO2 Enterprise Mobility Manager - Product Overview
 
IdentiD Biometric Reader
IdentiD Biometric ReaderIdentiD Biometric Reader
IdentiD Biometric Reader
 
ACDI IdentID Overview
ACDI IdentID OverviewACDI IdentID Overview
ACDI IdentID Overview
 
Access management
Access managementAccess management
Access management
 
Securing a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web AuthenticationSecuring a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web Authentication
 
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzen
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzenPraxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzen
Praxistipp workat home orchestrierung von räumlich verteilten arbeitsplätzen
 
TrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong Authentication
 
The Galaxy S6 edge+ and Note 5. Ready for Business.
The Galaxy S6 edge+ and Note 5. Ready for Business. The Galaxy S6 edge+ and Note 5. Ready for Business.
The Galaxy S6 edge+ and Note 5. Ready for Business.
 
Patterns and Practices in Mobile SSO
Patterns and Practices in Mobile SSOPatterns and Practices in Mobile SSO
Patterns and Practices in Mobile SSO
 
Hexnode Android Management solution
Hexnode Android Management solutionHexnode Android Management solution
Hexnode Android Management solution
 
Identity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael DowlingIdentity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael Dowling
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
 
Kiosk appdevtips
Kiosk appdevtipsKiosk appdevtips
Kiosk appdevtips
 

Viewers also liked

SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.Sierraware
 
Android in the Cloud
Android in the CloudAndroid in the Cloud
Android in the CloudJoel Isaacson
 
Remote Android Rendering
Remote Android RenderingRemote Android Rendering
Remote Android RenderingJoel Isaacson
 
Emulador Android Genymotion
Emulador Android GenymotionEmulador Android Genymotion
Emulador Android GenymotionAlfredito Aguayo
 
Android OpenGL ES remote rendering 蕭從恩
Android OpenGL ES remote rendering 蕭從恩Android OpenGL ES remote rendering 蕭從恩
Android OpenGL ES remote rendering 蕭從恩Tsung-en Hsiao
 
Remote Android Rendering
Remote Android RenderingRemote Android Rendering
Remote Android RenderingJoel Isaacson
 

Viewers also liked (7)

SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
 
H. pylori
H. pyloriH. pylori
H. pylori
 
Android in the Cloud
Android in the CloudAndroid in the Cloud
Android in the Cloud
 
Remote Android Rendering
Remote Android RenderingRemote Android Rendering
Remote Android Rendering
 
Emulador Android Genymotion
Emulador Android GenymotionEmulador Android Genymotion
Emulador Android Genymotion
 
Android OpenGL ES remote rendering 蕭從恩
Android OpenGL ES remote rendering 蕭從恩Android OpenGL ES remote rendering 蕭從恩
Android OpenGL ES remote rendering 蕭從恩
 
Remote Android Rendering
Remote Android RenderingRemote Android Rendering
Remote Android Rendering
 

Similar to Hypori Performance Webinar

HTML5 Mobile Web Framework - High Level Design
HTML5 Mobile Web Framework - High Level DesignHTML5 Mobile Web Framework - High Level Design
HTML5 Mobile Web Framework - High Level DesignThanh Nguyen
 
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...Miriade Spa
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015Sreeni Pamidala
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksSantosh Satam
 
Mobile App Virtualization 101
Mobile App Virtualization 101Mobile App Virtualization 101
Mobile App Virtualization 101Sierraware
 
Sierraware browser isolation
Sierraware browser isolationSierraware browser isolation
Sierraware browser isolationSierraware
 
Kura M2M IoT Gateway
Kura M2M IoT GatewayKura M2M IoT Gateway
Kura M2M IoT GatewayEurotech
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application PlatformNugroho Gito
 
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...CA API Management
 
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...VMworld
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectivePragati Rai
 
BYOD for your business with WSO2 Enterprise Mobility Manager
BYOD for your business with WSO2 Enterprise Mobility ManagerBYOD for your business with WSO2 Enterprise Mobility Manager
BYOD for your business with WSO2 Enterprise Mobility ManagerWSO2
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
 
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMICut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMISierraware
 
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...IBM Danmark
 
Business Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéBusiness Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéMarketingArrowECS_CZ
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Ping Identity
 
Peuker, Neu: Enterprise Android for the Win
Peuker, Neu: Enterprise Android for the WinPeuker, Neu: Enterprise Android for the Win
Peuker, Neu: Enterprise Android for the WinDroidcon Berlin
 

Similar to Hypori Performance Webinar (20)

HTML5 Mobile Web Framework - High Level Design
HTML5 Mobile Web Framework - High Level DesignHTML5 Mobile Web Framework - High Level Design
HTML5 Mobile Web Framework - High Level Design
 
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 Risks
 
Mobile App Virtualization 101
Mobile App Virtualization 101Mobile App Virtualization 101
Mobile App Virtualization 101
 
Sierraware browser isolation
Sierraware browser isolationSierraware browser isolation
Sierraware browser isolation
 
Kura M2M IoT Gateway
Kura M2M IoT GatewayKura M2M IoT Gateway
Kura M2M IoT Gateway
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application Platform
 
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
 
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security Perspective
 
VMware Workspace One
VMware Workspace OneVMware Workspace One
VMware Workspace One
 
BYOD for your business with WSO2 Enterprise Mobility Manager
BYOD for your business with WSO2 Enterprise Mobility ManagerBYOD for your business with WSO2 Enterprise Mobility Manager
BYOD for your business with WSO2 Enterprise Mobility Manager
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMICut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI
 
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
 
Certgate
CertgateCertgate
Certgate
 
Business Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéBusiness Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možné
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
 
Peuker, Neu: Enterprise Android for the Win
Peuker, Neu: Enterprise Android for the WinPeuker, Neu: Enterprise Android for the Win
Peuker, Neu: Enterprise Android for the Win
 

More from Grafic.guru

Drone presentation
Drone presentationDrone presentation
Drone presentationGrafic.guru
 
All inclusive social
All inclusive socialAll inclusive social
All inclusive socialGrafic.guru
 
Startup series module10 - v02
Startup series module10 - v02Startup series module10 - v02
Startup series module10 - v02Grafic.guru
 
Drone presentation (1)
Drone presentation (1)Drone presentation (1)
Drone presentation (1)Grafic.guru
 
The three chain links
The three chain linksThe three chain links
The three chain linksGrafic.guru
 
Security digital
Security digitalSecurity digital
Security digitalGrafic.guru
 
Santa monica community day
Santa monica community daySanta monica community day
Santa monica community dayGrafic.guru
 
Sacred Oak Medical center
Sacred Oak Medical centerSacred Oak Medical center
Sacred Oak Medical centerGrafic.guru
 
S3M business overview
S3M business overviewS3M business overview
S3M business overviewGrafic.guru
 

More from Grafic.guru (20)

Drone presentation
Drone presentationDrone presentation
Drone presentation
 
All inclusive social
All inclusive socialAll inclusive social
All inclusive social
 
Startup series module10 - v02
Startup series module10 - v02Startup series module10 - v02
Startup series module10 - v02
 
Drone presentation (1)
Drone presentation (1)Drone presentation (1)
Drone presentation (1)
 
Sqeeqee
SqeeqeeSqeeqee
Sqeeqee
 
W gym
W gymW gym
W gym
 
Vorlage
VorlageVorlage
Vorlage
 
Virtual
VirtualVirtual
Virtual
 
Urban promise
Urban promiseUrban promise
Urban promise
 
Title
TitleTitle
Title
 
Tinyhr
TinyhrTinyhr
Tinyhr
 
The three chain links
The three chain linksThe three chain links
The three chain links
 
The advanced
The advancedThe advanced
The advanced
 
Students
StudentsStudents
Students
 
Sqeeqee
SqeeqeeSqeeqee
Sqeeqee
 
Sku
SkuSku
Sku
 
Security digital
Security digitalSecurity digital
Security digital
 
Santa monica community day
Santa monica community daySanta monica community day
Santa monica community day
 
Sacred Oak Medical center
Sacred Oak Medical centerSacred Oak Medical center
Sacred Oak Medical center
 
S3M business overview
S3M business overviewS3M business overview
S3M business overview
 

Recently uploaded

Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaShree Krishna Exports
 
Cash Payment 9602870969 Escort Service in Udaipur Call Girls
Cash Payment 9602870969 Escort Service in Udaipur Call GirlsCash Payment 9602870969 Escort Service in Udaipur Call Girls
Cash Payment 9602870969 Escort Service in Udaipur Call GirlsApsara Of India
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Tina Ji
 
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsMichael W. Hawkins
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in managementchhavia330
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...Any kyc Account
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 

Recently uploaded (20)

Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in India
 
Cash Payment 9602870969 Escort Service in Udaipur Call Girls
Cash Payment 9602870969 Escort Service in Udaipur Call GirlsCash Payment 9602870969 Escort Service in Udaipur Call Girls
Cash Payment 9602870969 Escort Service in Udaipur Call Girls
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
 
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in management
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 

Hypori Performance Webinar

  • 1.
  • 2. Slide 2 Host Android in the cloud, access via remote client apps: Hypori ACE Servers similar to VDI servers Hypori ACE Client from public app store or distributed by MAM What is Hypori?
  • 4. Hypori ACE System At Scale Slide 4
  • 5. Typical ACE System Deployment Slide 5
  • 6. Typical ACE System Deployment Slide 6
  • 7. Slide 7 What is Hypori? DEMO
  • 8. Slide 8 Cloud hosted Android for secure enterprise mobility
  • 9. Slide 9Slide 9 From DroidCloud to Hypori
  • 10. Slide 10 Sandbox AppsVMs / Containers MAM Don’t work on iOS, require ‘jail breaking’, limited market traction, not suitable for BYOD. Proprietary containers, typically just email, browser + MS office, few apps, no sensors. MDM Cannot protect enterprise apps and data on personal devices, DroidCloud VDM partner. Miscellaneous Thin Clients Various security approaches, typically a components of a broader solution. Windows 7 not suited to mobile devices, Win8 struggling Less intrusive than MDM for BYOD, but also less secure – low level of assurance. Hypori compliments VDI thin clients, and is partnering with companies in every other box. Enterprise Mobile Ecosystem
  • 11. Slide 11 Mobile Teleworking Tactical CloudSenior Leader Comms A virtual smartphone for every soldier, running in DISA’s DECC (the DoD cloud) – analogous to BYOD. Forward deployed tactical clouds on land, sea and air platforms for special operations forces. Partners NGOs as part of international aid efforts, logistics providers, coalition partners. Classified mobile communications for senior leaders and other DoD personnel. What are the DoD use cases?
  • 12. Slide 12 • BYOD or EOD • Securing MDM for sensitive data • Email, calendar and web • Transaction approvals • Salesforce / CRM • SAP / ERP • In-house Android apps • TripIt / travel management • Phone calls / VTC • BYOD published app mode • Extending MDM to third parties • Banking communications • Doc reviews / deal rooms • Viewing transaction activity • Transaction approvals • Treasury services • Market information services • Stock trading CustomerEmployee What are the banking use cases?
  • 13. Slide 13 Hypori leverages SEAndroid as the ACE Virtual Device remote OS, as well as existing Android apps. Hypori leverages Linux with KVM as the backend baseline for its ACE Server. Hypori leverages the SPICE (Red Hat) protocol as a foundation for its communications / traffic between the ACE Server and ACE clients. Client Apps for Android, iOS, Windows 8, … Linux & KVM for vHost, OpenStack, SEAndroid/AOSP for vDevice, plus storage, user directory, AV, app store. What technologies do we use?
  • 14. Slide 14 How do we change Android?
  • 15. Slide 15 Product – Roadmap Hypori product progress and roadmap: • Version 3.0: Q3, 14 – MVP for Enterprise Deployments. Basic camera, server-side OpenGL / 3D, KitKat VD upgrade, SEAndroid, tuned X.264, status bar bypass, notifications, client certs, S/MIME, hardware crypto, high availability, geographical roaming, admin UI and APIs, LDAP/AD integration, SELinux, Splunk auditing integration. • Version 3.1: Q1, 15 – MVP for Multi-Tenant Private Cloud. Client for Win8, remote camera / VTC, client-side OpenGL, media bypass, keyboard bypass, more PKI auth options, app data/sensor access controls, improved VD management and administration, basic instrumentation data exposed to security partners. • Version 3.2: Q2, 15 – MVP for Multi-Tenant Public Cloud. Additional functionality TBD based on customer feedback, stability improvements, house keeping. • Version 4.0: Q3, 15 – MVP for Multi-Tenant Public Cloud. Support for Google CTS, improved sensor support, Official Play support, improved client-side OpenGL, more advanced security instrumentation integration.
  • 16. Slide 16 ACE Virtual Device • SEAndroid providing: o Privileged daemon protection. o Application isolation. o Middleware controls. o Instrumentation & auditing. o App install protection. o Limit app access to sensors. • ‘Untrusted’ app sandboxing. • Read only core OS partition. • Centralized patching. • MDM / MAM controls. ACE Client • Remote two factor auth. • Remote signing and decryption. • TLS (and VPN) encryption for data in transit. • GPS-based access policies. • Attributes exposed for MDM integration. • Screenshot ‘prevention’. • Integration with client-side attestation technologies. • Eventually, integration with mobile device MTMs. ACE Server • Protocol aware firewall. • KVM hypervisor containment. • SELinux-based VD separation. • Server-side TPM attestation. • VPN service for apps in VDs. • Network proxy for traffic monitoring. • System-wide app management. • Behavioral and signature-based malware detection. • User behavioral biometrics. • VD instrumentation / auditing. Architecting for Defense in Depth
  • 17. Slide 17 Hypori ACE Admin Authentication & Connection VPN (optional) ENTERPRISE INTERNET ACE Management Server Web Server (nginx) Enterprise Directory (LDAP / AD) mongoDB OpenStack System Present User Certificate (https / TLS v1.2) 1 Validate User Certificate Signing Chain 2 Proxy http 3 Verify Account Status + Password Return valid user data + LDAP parameters 4 Look up User by DN for Role 5 OpenStack API calls 6 REST API Calls (https / TLS v1.2) Splunk / Nagios / Monit / etc HTML + JSON 7 3rd Party Integration
  • 18. Slide 18 Hypori ACE Client Authentication & Connection ENTERPRISE INTERNET VPN (optional) ACE Client ACE Management Server Web Server (nginx) Enterprise Directory (LDAP / AD) mongoDB OpenStack System Present User Certificate (TLS v1.2) + LDAP Password 1 Validate User Certificate Signing Chain 2 Proxy http 3 Verify Account Status + Password Return valid user data + LDAP parameters 4 Look up User by DN for Role 5 ACE Virtual Device Information 6 Deliver signed Token w/ Compute Node name + AVD TCP Port 7 Connect with signed token to ACE Virtual Device using the ACE Protocol over TLS v1.2 8 Splunk / Nagios / Monit / etc 3rd Party Integration