Hi all,

Let's discuss more about BYOD.. it is not BYOB or MYOB..

It is Bring Your Own Device. http://ning.it/I0tMfJ

.

Last 5 years ago.. Work place are bound to office only.

Thanks to Personal Computer and smart devices ( iphone, ipad etc)..

You can work any where, any time with any devices..

.

At the same time, Administrator will face more difficult issue to control the devices, especially mobile related devices..

.

We will discuss more about good and bad of BYOD..

.

HTH

John

Views: 299

Comment

You need to be a member of MyanmarITPro - A Social Network for Myanmar IT Professionals to add comments!

Join MyanmarITPro - A Social Network for Myanmar IT Professionals

Comment by SoeThi on February 19, 2013 at 10:54pm

good point, I just wake up, thanks Ko Gyi Moe :)

Comment by Jake on April 21, 2012 at 8:41am

I sell the NAC called Forescout, now one of the leaders in Gartner magic quadrant together with Cisco and Juniper.

I think MAB approach is very tedious and not practical. Imagine you have many unmanaged devices in your network, you need to maintain all MAC addresses for authentication. Moreover, devices brought by employees or guests will be problem for MAB because you cannot add all MAC addresses for those devices. Actually 802.1x approach is already very difficult for BYOD. Why? Because BYOD is all about how to safely allow external devices in corporate network. Those devices are mostly smart phones, tablets and notebooks and they won't have 802.1x supplicant for the corporate.

Yea Dynamic VLAN and ACL or similar ideas are used to do access restriction and segregating but that's only the action. We need to know the condition before we apply action. I mean how do you decide when to apply DVLAN? You need to scan and see who are the devices first, right? For that matter, I prefer agentless approach. Most vendors use 802.1x agent based approach. Each approach has pros and cons though.

Comment by John Moe on April 13, 2012 at 4:29pm

>> I have been selling NAC for device and access control in the network particularly having too many guests and non-corporate devices coming in and out of the network

bro, which one you are selling, Cisco ?

Now Cisco have new device called ISE Identity Service Engine.

>> to correctly identify which devices are owned by corporate that administrator can control

Do you used MAB or Profiling on the fly?

>> agentless type control for segregating non-corporate devices into different access network

I thought DVlan and DACL to segregating. What do you mean for Agentless? Web Nac agent?

Thanks,

John

Comment by Jake on April 7, 2012 at 10:51pm

BYOD has become hot topic in recent years with the rise of tablets and smart phones usage in all sizes of enterprises. The top executives who are willing to use mobile devices and tablets for their day to day job mandate the use of own device in office but that gives network administrators a new challenge. The challenge of identifying which devices they own and which devices they don't. I have been selling NAC for device and access control in the network particularly having too many guests and non-corporate devices coming in and out of the network and I found that most companies are willing to allow employees to bring their own device to corporate network but having difficulty to identify and control non-corporate devices.

I think the first step for BYOD policy is to correctly identify which devices are owned by corporate that administrator can control and which devices are that of employees and guests. And also there must be a way to identify mobile devices such as iOS devices, android smart phones and tablets and other handheld devices. Another requirement is agentless type control for segregating non-corporate devices into different access network so that those external devices are not able to access internal only resources.

© 2014   Created by Ko Chit.

Badges  |  Report an Issue  |  Terms of Service