FINDING YOUR FLOW
Mobile devices are integral to businesses of any size today. As their role in the workplace has evolved, so has the manner in which they are secured and managed. While Network Access Control (NAC), MDM/EMM, and other solutions have come a long way in improving network security, they still don’t really work well together. Businesses instead have come to rely on a number of manual processes to achieve the level of integration needed to deliver a secure, intuitive mobile experience. However it doesn’t have to be this way.
MANY SYSTEMS, ONE GOAL: INTEGRATION
By integrating all the data you already collect from users, devices and locations with any of your third party tools, you can build automated workflows for everyday IT tasks that will enhance any environment.
This level of integration can be complex. However with ClearPass Exchange it becomes possible to leverage all the mobility intelligence of ClearPass (including context-aware data) and share it with your existing systems to deliver capabilities that weren’t available before – particularly around security and policy enforcement.
Let’s look at just a couple of examples.
ClearPass can centrally oversee interactions with:
EMM/MDM – ClearPass features rich, bidirectional integration with Tier 1 vendors, making it easy to automate configuration and enforce network policies across corporate-owned and personal devices. By polling these EMM/MDM systems to extract information around the device manufacturer and model, its encryption status, and whether it is jailbroken or running blacklisted apps, ClearPass can take corrective action, such as automatic quarantine or redirection to an authentication page, when policy violations are reported.
Figure 1 - Jailbreak Detection Workflow between ClearPass and Aruba Partners MobileIron and PagerDuty
FIREWALLS – Security at the network edge remains crucial, but firewalls today have to police inside the perimeter as well. ClearPass can extend your firewall capabilities beyond IP address and directory-based user protection, allowing policy enforcement based on user and device, guest network, and non-directory identity information. Given the volume and diversity of devices that are likely connecting to your networks, this degree of granularity ensures that enforcement rules are applied correctly.
Figure 2 Policy Enforcement/Firewall Workflow between ClearPass and Aruba Partner Palo Alto Networks
SECURITY INCIDENT EVENT MANAGEMENT (SIEM) – Attacks on your network can come from many sources, and are adept at disguising their activities. SIEM allows you aggregation of all security events to determine correlations, and assist in co-ordinated enforcement actions with other systems. Sharing Network Acess Control data with these systems is crucial when protecting the access layer, so ClearPass integrates with these systems to share session logs, audit events, and other syslog data. This contextual interaction enables SIEM systems to rapidly pinpoint potential security and policy violations.
Figure 3 -Security Workflow between Aruba Partner splunk showing ClearPass, EMM and firewall co-ordination
ClearPass can even extend its mobility context to cloud-based services. Integration with all such systems is made simple, with REST-based APIs allowing for rapid program builds that can hook ClearPass into virtually any web-based system, and allow your IT to customise their own workflows around your particular needs.
WHAT COULD CLEARPASS DO FOR YOU?
The wireless office has more “moving parts” than ever before. Not having the right level of integration between this abundance of tools and systems can present a technical nightmare for even the most experienced of IT teams.
Automated workflows from the edge of your networks – all the way to the helpdesk - can save you and your organisation a great deal of acronym-induced stress!
No more tedious manual configurations and reconfigurations. No more disparate dashboards. One single pane to provide visibility into all your networks, all completely customisable, and able to integrate seamlessly with all your current systems.