w&m 2009 – hp procurve unified wireless and wired networks
TRANSCRIPT
© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
HP ProCurve Networking
How to Integrate Wired and Wireless LANs
Lars KoelendorfCategory Manager, WirelessHP Networking, EMEAEmail: [email protected]
3 April 12, 2023
Agenda
•Mobility Market Highlights•The challenges•WLAN Evolution•Unified wired and wireless
• Integration options• Improved user experience• Advanced security• Simplified management
• Conclusion
4 April 12, 2023
Mobility Market Highlights
Increasing number and diversity of clients
Persistent wireless coverage
Business critical applications via wired or wireless
Dramatic improvements in technology
Reduced cost
5
Collaboration of mobile workforce
Converged voice and data over WiFi
Secure guest access
Physical security
Asset tracking
Access from Anywhere
Business Needs Driving everywhere Wireless Access
Wireless
IMPROVED PRODUCTIVITY
6 April 12, 2023
The business challenge
Business • Reduce
costs• Improve
productivity• Manage risk
intelligently• Flexible
access
IT • Ensure
compliance• Limit disruptions• Protect existing
investments• Monitor network• Do more with
less staff
With access to the network coming from any device you need a centralized approach to wired and wireless management to streamline device configuration and enable network monitoring and response to wired and wireless network threats. Build an agile security aware network that support all types of users and devices – not barriers to entry
The Network Administrator ChallengeNeed a wireless solution that can be managed easily, and integrated with wired infrastructure and existing user policies – not another administrative burden
Wired network
management
Wireless network management
Single management solution
Policy coordination
The Security challenge• What is the activity inside the network ? • How to protect against internal threats ?• How to deal with an increasingly mobile and
fragmented workforce ?• How to meet new regulatory compliance
requirements ?• …….Within the (declining?) IT budget ?
© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
WLAN Evolution and unification
WLAN Evolution
10 April 12, 2023
1st Gen.• Standalone
Access Point Architecture
2nd Gen.• Centralized
WLAN Architecture
3rd Gen.• Optimized
WLAN Architecture
NextGenerationConverged
WLANArchitectur
eOpen Standard Connectivity
•Intelligent APs
Central Management
•“Switch” and “Thin” APs
•802.11 a/b/g support
Performance and Scalability
•Central appliance and intelligent APs
•Distributed forwarding option
•Non-blocking 802.11n performance
Wired/Wireless Convergence
•Consistent wired & wireless services
•Unified policy creation and enforcement
11
Network Management
• Unified policy creation
• Event correlation
• Diagnostics
• Client Management
Control Plane
• Unified policy enforcement
• Security at network “edge”
• Consistent user experience
• Improved ROI
Data Plane
• Consistent network services
• Line rate performance
• Reduced network elements
• “Green”
Wired & Wireless Integration Options
12 April 12, 2023
Key Components Development over time
Network Managemen
t
Multiple Applications:
Multiple Policies
Single Application:
Multiple Policies
Single Application:
Unified Policies
Control Plane
Overlay Integrated Switch Fabric
Data Plane Software Hardware Assist ASIC
Time
Unified network:Wired and wireless is just two was of accessing it
Ease of management: Single management platform with common tools, optimization
Increased productivity: Consistent user experience Seamless access to business applications
Security: One user identity, and system for access controlOne system for network threat management
Commandfrom the Center
Internet
EdgeNetwork
Servers
IntelligentSwitches
IntelligentSwitches
WirelessAccess Points
Clients
WirelessClients
Clients
WirelessClients
EdgePortal
IntelligentEDGE
InterconnectFabric
© 2009 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
Security policies
15 April 12, 2023
External and internal threats
Internal represents 80% of the threat
98% uses Firewall to protect the perimeter
Importance of factors when adding wireless to the network
2008
3,7
3,4
3,4
4,4
3,9
3,5
3,7
0 0,5 1 1,5 2 2,5 3 3,5 4 4,5 5
Cost of initial purchase
Ongoing mantenance/ supportcosts
Time required to deploy
Desire to use new technology tothe full
Management of security acrossnetwork
Ability to define single userbased network security policy
Need to meet increased mobilityrequirements
Ave score out of 5
17 April 12, 2023
Security is a process
Validation and Monitoring
Trusted NetworkInfrastructure
Policies
Users rights policy
Overlay strategy
What’s my policy?
What are the user’s rights?
Same security at any entry point:
• Same policies
• Same password
• Same rights
• Same security solutions
Different security solutions
Wireless
Unified strategy
Wired
Unified wired and wireless
19 April 12, 2023
Policy management – wired and wireless• Use a tool that allows network administrators to efficiently manage the users and devices connecting to their network
• A way to virtualize the network versus the user
Easy creation and management of user policy groups• Dynamically apply security, access and performance settings at port level based on policies
• Network Reports and Logs based on Users for Audit
VLAN BandwidthLimit
User/Group Location
QoS ACLs per user /Packet filtering FW
Device ID
ClientIntegrity Status
Set =>
Based on =>
I/O port
Time
Authenticating and Provisioning
How it works
Internet
Guest
Employee
Employeefinance
Access only to Internetat 2 Mbps
Access to
Internet and corp.
servers
Access to financial
information Finance server
Corporateserver
Accesspolicyserver
Conference room
Networkadministrator
1. Sets up role based access policy groups & assigns rules and access profiles:• Set rules
- Time - Location- Device ID
• To trigger each policy profile- ACL- VLAN- QoS- Bandwith limit
2. Put users in appropriate access policy group
Enterprise WLAN/LAN
20
Client integrity check - The joint solution
21 April 12, 2023
Network Access Protection and HP ProCurve
Policy-based solution that:• Validates whether computers meet
health policies
• Limits access for noncompliant computers
• Automatically remediates noncompliant computers
• Continuously updates compliant computers to maintain health state
• Dynamically allocates network resources
Solution Highlights• Standards-based
• Plug-and-play
• Works with most devices
• Supports multiple antivirus solutions
• based on policies you define
Customers
Partners
Remote Employees
Internet
Regulatory Compliance Assistance
• Central management and monitoring of security policies provides immediate visibility and assistance with regulatory compliance on the unified network
22
• Reports for HIPAA, PCI, Sarbanes-Oxley, Gramm-Leach-Bliley, and DoD Directive 1800.2
• Ability to custom define report content
• Device security history report
• Device access security report
• Port access security report
• Password policy compliance
• Current credentials report
• Security policy action report
• Security events history report
• Security heat map report
• Offenders tracking report
• User unsuccessful login report
• User session history
• User MAC address report
© 2009 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
Conclusion
One Network
Wired & Wireless
Unified and Secure
Reduced network management
administration costs
Real OPEX Savings
Consistent policies, applied once, removes error
Improved Security
Network follows the user from work site to work site
Improved End-User Experience
25 April 12, 2023
Conclusion
Unified Networking
Equals
10/11/54/100/ 300/ 450/ 600/ 1000/ Mbps10000With
Single management and consistent policy
Technology for better business outcomes