Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Peregrine Guard - An Enterprise Mobile Security Product by i7 Networks
1. “Peregrine Guard”
Enterprise Mobile Security
BYOD Auto Discovery • Access Control
2. BYOD – Bring Your Own Device/Disaster!
• By 2016….
o 900 million tablets in market
o 982 million smart phones shipping annually.
• WebRoot Survey, June, 2012
o 83% of respondents believe that mobile devices create a high security risk
within the corporate environment.
• Gartner – Shifting from Enterprise-owned to BYOD
o Warns business that there are three major hurdles that they have to
consider in their BYOD policy.
•The right of users to leverage the capabilities of their personal devices
Impact 1 conflicts with enterprise mobile security policies and increases the risk
of data leakage and the exploiting of vulnerabilities.
•User freedom of choice of device and the proliferation of devices with
Impact 2 inadequate security make it difficult to properly secure certain
devices, as well as keep track of vulnerabilities and updates.
•The user's ownership of device and data raises privacy concerns and
Impact 3
stands in the way of taking corrective action for compromised devices.
4. Harnessing the BYOD
phenomenon
• BYOD Concerns
o Network Security
o User and Device Visibility
o Network management complexity
o Network performance
o User experience
• Challenges In Implementing BYOD
o Employee Privacy
o Mobile device market diversity
o Finding the right approach to security
5. Current Solutions
Devices Locations Applications Users
Email, Sales Force
Employee Corporate Corporate Contacts, Automation
Owned Owned Location Calendar Privileged
Employees
or CRM Users
Task &
Managed by Office
Guest Branch Projects
Corporate
Mgmt Applications
Owned /MSP Offices Business and Contractors, B
Regulatory usiness
Consultants Partners
Line of
Devices used Home Business Web Browsing
from Home Offices Apps
Offices
Service
Guests
Personnel
Instant
Public Messaging
Social Media
Places
MDM
MAM / IAM
6. Peregrine Guard
i7 Networks enables enterprises to “say YES” to BYOD by
providing an agentless paradigm for discovery and access
control.
Our premier offering in this space enables an intelligent, non-
intrusive, clientless way of detecting all devices that are trying to
connect to the corporate network.
By the use of proprietary algorithms and sophisticated
fingerprinting techniques, we extract highly granular information
like device-type, device-class, OS, version, user of the
device, etc;
This information is used to provide device based differential
access to corporate assets and to make sure sensitive data is
provided right access to the right device type.
7.
8. PG: Granular Access
Control
o Device
o User
o Application
o Location (HQ/branch/ODC group)
o Time
o Intrusion Detection (if malware is detected, then access
could be disabled immediately)
o Endpoint security (preventing jailbroken/rooted devices
and below baseline)
o Resource
9. PG: Policy Control
• Admin can create policies like:
o Allow access to Patient Records Server, if;
• User is Authenticated
• Role is Physician
• Authentication is 802.1x (EAP-PEAP)
• Device is iPad
• Location is Hospital
10. PG: Policy Control
Corp User
High Trust
Registered Device
Medium Known User
Trust Device Compliance passed
Any Device
Low Trust Any User
Not Jailbroken
Any Device
No Trust
Any User
MDMDevice controlsDevice monitoringDevice configurationTelecom expensesActivation/deactivationMAMApp StoreApplication level securityRole-based accessSync ServerApp Admin ConsoleOther solutions (combine features of MAM+MDM)VDIContainerizationOur Product covers most of the boxes, except these:Public PlacesWired network connections
PG is a user-focused, network-based access control. Basic building blocks are:Developing security policies. You need one place to see where Corporate Users, Guests, and Contractors are allowed to go. - Centralized Policy Management.Monitoring posturesWhat is the required security posture for each user/device that uses the network?Are anti-virus, anti-spam and firewall tools up-to-date? What about operating system patches? Are users running any prohibited programs?Comparing postures to policiesTaking action:Either on initial access (pre-admission) or while connected (post-admission)?Is the user routed to a quarantined network space, or denied access entirely? Reporting/Analytics:what types of devices are being used on your wireless network or wired network? Where are they connecting from? You’ll need to spot usage statistics and device details to know what network and policy decisions to make in the future. Sample Network Access PolicyUser must be authenticated with Identity Management SystemEndpoint must be healthy.AV configured and running.Recent scan shows no malware.Patches up-to-date.Behavior must be acceptable.No port scanning, sending spam, No P2P Filesharing.