Скачать презентацию Customer Insight CSO s Perspective What Edge Microsoft Скачать презентацию Customer Insight CSO s Perspective What Edge Microsoft

300f9b965cc203b94d384f2f9f4da89f.ppt

  • Количество слайдов: 10

Customer Insight: CSO's Perspective – What Edge? Microsoft Research Edge. Net, June 2006 Mark Customer Insight: CSO's Perspective – What Edge? Microsoft Research Edge. Net, June 2006 Mark Ashida General Manager Windows Enterprise Networking

The Evolution of Our Thinking • Industry Trends • • • Consolidation of functionality The Evolution of Our Thinking • Industry Trends • • • Consolidation of functionality vs. appliances Mobility driving more devices, roaming users, policies Trust boundaries are vague - hard to define & control • Network Access Protection (NAP) • • • Defined initial requirements with customers Early & consistent review with Microsoft IT dept Refined functionality with feedback from pilot programs • Technology Adoption Program (TAP), Vista Beta Customers

What Edge? • VLAN’s, IPsec, internal firewalls, NAC appliances • Jericho Forum • Logical What Edge? • VLAN’s, IPsec, internal firewalls, NAC appliances • Jericho Forum • Logical L 3+ vs. L 2 Internet Restricted Zone New PC Provisioning Servers Internet Logical Corp. Net DHCP, DNS, AAA Employee, Partner, Guest PC X IPSec Security Seamless Network Gateways Non-domain joined, Non. IPSec Devices

Thinking Evolution • Network Access Protection Abstraction Health State Quarantine Agent Enforcement 802. 1 Thinking Evolution • Network Access Protection Abstraction Health State Quarantine Agent Enforcement 802. 1 x, IPsec Network Infrastructure RADIUS Policy store

Thinking Evolution • Network Access Protection Abstraction Health State Quarantine Agent Enforcement 802. 1 Thinking Evolution • Network Access Protection Abstraction Health State Quarantine Agent Enforcement 802. 1 x, IPsec Policy store RADIUS Control Plane Enforcement/ Network Infrastructure Assets

Thinking Evolution Single Dashboard Reporting Health State Quarantine Agent Enforcement 802. 1 x, IPsec Thinking Evolution Single Dashboard Reporting Health State Quarantine Agent Enforcement 802. 1 x, IPsec MOM Pak MOM UI Diag MOM Pak Policy store RADIUS Control Plane Enforcement/ Network Infrastructure Assets

Thinking Evolution NAP Configuration Help Desk Security Provisioning Performance Network State Database (in MOM) Thinking Evolution NAP Configuration Help Desk Security Provisioning Performance Network State Database (in MOM) Clients DHCP WINS VM/TPM DNS Network Infrastructure RADIUS Policy store

What CSO’s want. • • • Want it soon – they want PAC not What CSO’s want. • • • Want it soon – they want PAC not NAC Fined grained admission per resource based upon Fined grained based upon rich information such as: • • • Interoperability with current infrastructure/desktops • • • Identity (permanent and temporary) Machine state (health) Application Entry point Time of day, etc. Multi-vendor solution Federated trust would be nice Manageability

What CSO’s don’t want • Don’t make it uneconomical for us to deploy • What CSO’s don’t want • Don’t make it uneconomical for us to deploy • • • Help desk Management Multiple solutions • Don’t break Provisioning/Logon/SSO • Is 802. 1 x the right enforcement method? • Practical deployment issues – beaconing, provisioning, multimac on single port, VM’s,

Unashamed Vista/LHS Plug • • Network Diagnostics – why can’t you connect and repair Unashamed Vista/LHS Plug • • Network Diagnostics – why can’t you connect and repair NAP Agent – why you can’t connect/Help desk MOM Desktop NAP Agent – events/alarms from desktop, expanding to all networking elements on desktop (Qo. S, etc. ) IPsec – giving you virtual logical groups anywhere in the world (240 k desktops at MS) with much reduced deployment costs Adaptive NEW IP Stack – much better throughput, up to 80+Mbs on a 100 Mbs port vs. 20 previously IP Offload – 10 Ge announced now IPv 6 – on by default