Mobile security is a hot topic, but although the buzz is about more and increasingly sophisticated mobile malware and malicious applications, the overriding challenge for enterprises today is about management and access control. With all the personally owned smart phones and tablets coming onto the corporate network, how do I manage them and enforce policy. How do I know and control who is coming onto my network and what device are they using? Enterasys Networks’ new Mobile IAM appliance addresses the latter question.
The emphasis on mobile devices is a natural progression for network access control (NAC), which for all the talk about fine-grained access control and role-based access control (RBAC) and so on, was for most organizations primarily about controlling, monitoring and reporting on guest access — visitors, contractors, auditors and so on.
The bring your own device (BYOD) phenomenon has altered that picture sharply. A few years ago, you only really had to be concerned about visitor laptops and their authentication, authorization and access, and whether your employees’ laptops had up-to-date AV, security patches, etc. NAC was supposed to become a red-hot space with emphasis on granular pre-connect and post-connect control and monitoring, but stand-alone NAC has had somewhat limited use cases and traction for all but the most mature organizations.
BYOD changes all that. As the BYOD trend was just starting to take off, I interviewed a healthcare organization that purchased a NAC product primarily to establish exactly who and what was connecting to their network. What they discovered astounded them. The number of devices connecting to the network was five times what they expected, with a wide range of smart phones, and at the time netbooks and a few tablets.
So, the emphasis on mobile identity and access control is a natural progression for Enterasys and the access control market overall. The ability to fingerprint the mobile device in fine detail and associating it with the identity of the user is is critical in this era of the smorgasbord of personally owned devices in the workplace. Mobile access control is tightly tied in to mobile device management (MDM) provided by a number of vendors, such as Good Technology, AirWatch, Mobile Iron, Sybase, Tangoe, Zenprise and Symantec, along with many others.
Accordingly, MDM integration is high on the menu of four new professional services Enterasys is wrapping around the new Mobile IAM appliance. The other services are Mobile IAM deployment; Fusion SDN Connect Integration Services (integrating Palo Alto NGFW, IF-Map, Student Onboarding Systems, SEN OpenScape, Polycom, Avaya, MS SCCM and others); and VDI Datacenter Integration Service for VMware and Citrix.