BYOD Smart Solution Overview

What You Will Learn

Whether you want to simply allow tablets on your network or transform business processes for mobile employees, you need a comprehensive approach to the bring-your-own-device (BYOD) opportunity. This overview is intended for business and IT leaders in any size organization and describes the Cisco® BYOD Smart Solution:

• A Cisco Validated Design provides the technologies you need to bring mobile devices onboard (personal or company provided), consistently enforce access policies for security, deliver collaboration applications to mobile users on their personal devices, provide an excellent user experience, and simplify support.

• You select the modules you need for the current business need, and later add modules to support new use cases.

• Cisco provides end-to-end support of the solution.

Challenge

According to a 2012 survey by Cisco Internet Business Solutions Group (IBSG) Horizons, 89 percent of IT companies support BYOD in some form. Taking a comprehensive approach to the BYOD trend helps improve productivity, enable new ways of doing business, reduce desktop costs, and mitigate risk. Giving employees the freedom to work their way can also increase employee satisfaction.

This trend affects your organization, whether you encourage, tolerate, or prohibit personal devices. You need a simple, effective solution to:

• Enforce corporate access policies on any device

• Know who and what devices are on the network

• Minimize the IT resources needed to bring new personal devices onto the network

• Deliver a user experience that is like the wired experience, especially with latency-sensitive applications such as voice and video

• Mitigate security and privacy risks such as malware and loss of intellectual property

Business Benefits: Beyond Allowing Tablets on the Network

The Cisco BYOD Smart Solution is designed to enable BYOD environments by combining best-in-class technology, a validated design, modular building blocks, third-party integration, professional services, and end-to-end support. Authorized users can securely access data, applications, systems, and an all-in-one collaboration application, using either a corporate-owned or personal device. Validated designs simplify deployment and reduce risk, and end-to-end support from your Cisco partner speeds troubleshooting to lower operating costs (Figure 1).

You likely have multiple use cases for the Cisco BYOD Smart Solution:

• Allow employees and guests to connect to the network using personal devices: This is the most basic use case.

• Adopt new business processes that increase agility: For example, instead of sending highly trained inspectors to the field, dispatch entry-level employees to capture video on tablets to share with the experts. Or allow manufacturing engineers in a central location to view video of assembly-line problems to accelerate remediation, minimizing lost time.

• Increase productivity: When employees know the wireless experience is equivalent to the wired experience in their office, they spend less time walking back and forth. For instance, mobile clinicians can respond more quickly if they can securely access medical records and test results from anywhere in the hospital, the restaurant down the block, or even home. You can help employees get answers and make decisions more quickly by providing Cisco collaboration tools such as the Cisco Jabber™ and Cisco WebEx® applications, which you can install on devices or access in the cloud.

• Attract and retain talent: In a 2012 survey of government employees by Forrester, 52 percent said that using their own devices for work increased job satisfaction. And 44 percent indicated they would be more likely to work for an employer that allowed them to bring their own device to work.

• Reduce costs: Many employees are willing to assume some or all of the hardware costs and service fees for personal devices in exchange for the freedom to work their way. After encouraging the BYOD trend for just one department, the state of Delaware reduced the expenses associated with smartphones by 45 percent-and reduced overall department wireless costs by 15 percent.

IT teams also benefit from the Cisco BYOD Smart Solution because it helps to:

• Simplify operations: Consolidating to one network, one policy, and one management environment-the Cisco Unified Access approach-decreases overhead and IT complexity. Automatic registration of new devices and integrated management tools minimize operational costs and accelerate troubleshooting.

• Mitigate risk: Validated designs and end-to-end service and support can help you introduce your BYOD program more quickly and avoid the time, costs, and risks of integration efforts.

• Foster innovation: A tested, end-to-end solution lets you focus on strategic programs instead of solving technology problems.

• Protect the network and information: Secure your data, applications, and systems by automating policy enforcement across the entire organization.

Figure 1. Take a Comprehensive Approach to BYOD to Maximize Business Value

Cisco BYOD Smart Solution: A Flexible, Modular Approach

A modular framework for BYOD environments, the Cisco BYOD Smart Solution lets you start with the modules you need for today's business needs and then add new modules as your needs change (Table 1):

• Core infrastructure: Cisco wired and wireless network infrastructure reliably delivers the workspace to all devices, whether personal or corporate-owned. Employees enjoy the same experience using any device and connection method. And Cisco Prime™ Infrastructure management software accelerates troubleshooting by giving your IT team a single view into wired and wireless networks.

• Policy management: The Cisco Identity Services Engine (ISE) consistently applies your organization's access policies based on the employee's identity, and the device. It automatically registers personal devices the first time they attempt to connect, saving time for your IT team. And Cisco ISE provides system-wide visibility, showing who and what devices are on the wired, wireless, and VPN networks.

• Secure mobility: With the Cisco AnyConnect® Secure Mobility Solution and Cisco Adaptive Security Appliance (ASA), employees can securely access applications and data over 3G and 4G networks, Wi-Fi, and wired networks.

• Workspace management: The Cisco BYOD Smart Solution integrates with a variety of third-party tools for mobile device management (MDM) and mobile application management (MAM). Use these tools to establish policies such as encrypted storage or personal identification number (PIN)-lock requirements, track device location, remotely wipe devices, and disable features such as cameras and audio recorders.

• Workspace productivity applications: Enterprise-class applications such as the Cisco Jabber and Cisco WebEx applications on personal devices enable employees to collaborate from anywhere, helping accelerate decision making and increase productivity.

Table 1. Cisco BYOD Smart Solution Framework

Building Block	Purpose	Technology
Workspace productivity applications	Collaborate on any device	• Cisco WebEx Meetings • Cisco Jabber messaging integration platform • Cisco WebEx Social
Workspace management	Manage and secure device and workspace	• Mobile device management (MDM)
Secure mobility	Provide access from anywhere, smoothly handing off the connection	• Cisco AnyConnect Secure Mobility Client • Cisco ASA Adaptive Security Appliance
Policy management	Enforce policies to grant access to information based on who is asking, using which device	• Cisco Identity Services Engine (ISE)
Core infrastructure	Deliver the workspace to the device	• Cisco wired and wireless networks • Cisco Prime Infrastructure

Easily add new modules to introduce new business cases (Table 2).

Table 2. Flexible Deployment Model Supports Multiple Use Cases

Use Case	Cisco BYOD Smart Solution Building Blocks
Use Case	Core Infrastructure	Policy Management	Secure Mobility	Workspace Management	Productivity Applications
Guest and Internet access	X	X
On- and offsite mobility	X	X	X
Unified workspace	X	X	X	X	X

Comprehensive Services and Support

Your Cisco partner can provide complete lifecycle services for your BYOD solution, accelerating deployment, giving you the benefit of the partner's experience, and freeing your IT team to work on other projects. Services include:

• Architecture strategy workshop: Identify objectives, education requirements, and use cases to guide your strategy.

• Architecture assessment: Assess the strengths and weaknesses of your current architecture to support a unified workspace.

• Architecture design: Develop a detailed design, pilot, and implementation plan that addresses wireless, collaboration, security, network, and data center requirements.

• Optimization: Help ensure that authorized users can access applications from anywhere, on any device, by enhancing network availability, security, and operational efficiency.

• End-to-end support: Technical services provide solution support across all layers with Cisco SMARTnet® Service, and preempting potential problems, quickly resolving problems that do arise, and simplifying network management and support.

A Day in the Life of a Sales Manager

To illustrate the potential of a Cisco BYOD Smart Solution to increase business agility, consider the experience of a regional sales manager who uses a personal iPad or Android tablet or a smartphone for work.

The first time the manager connects with a personal tablet, the solution automatically brings the device on board by:

• Checking to make sure the tablet complies with his or her company policies and has not been altered in a way that could introduce security risks

• Provisioning collaboration applications

• Helping to prevent data loss if the device is lost and stolen: Techniques include setting up the device to lock if someone repeatedly enters an incorrect password; encrypting data stored on the device; and enabling the IT team to remotely wipe the device of all data.

After this one-time process, the solution provides secure connectivity.

Onboarding and Securing Network Access

As the manager connects, the BYOD Smart Solution uses standard authentication, authorization, and accounting (AAA) techniques combined with profiling and provisioning to determine which resources can be accessed, based on who is asking, with what device, the connection method, location, and time. This allows for automatic onboarding and consistent enforcement of access policies, regardless of connection method or device, strengthens your organization's security posture.

Workspace Delivery

When the device is authenticated, the sales manager can access applications and data and connect with team members. Behind the scenes, Cisco technologies work in concert to provide a high-quality experience with voice, video, and data applications. For example, Cisco CleanAir® technology automatically detects and works around wireless interference. Cisco ClientLink technology optimizes the performance of 802.11a/g clients by using advanced signal processing techniques and multiple transmit paths. And Cisco Application Visibility and Control (AVC), built into Cisco Wireless Controllers, recognizes traffic based on the application, enabling the IT team to assign priority to more critical applications. In addition, technologies such as AVC allow for quality of service (QoS), blocking, and rate limiting of applications to make sure the right applications get the right priority.

Secure Mobility Throughout the Day

While taking a taxi to the airport, the manager works over a 3G or 4G connection. Later, the connection smoothly transitions to the airport Wi-Fi network without requiring the manager to reauthenticate. Cisco AnyConnect Secure Mobility Client, installed on the tablet, automatically initiates a secure VPN tunnel. Using Cisco ISE, the IT department can control the documents that the manager can access from public networks. Arriving home, the manager connects over the home Wi-Fi network to review the day's sales results. The home-office router gives higher priority to connections from the tablet than to connections from other household devices, helping to provide a good quality of experience for voice and Cisco TelePresence® sessions even if a family member starts playing a video game.

Collaboration

If the organization provides the Cisco WebEx or Cisco Jabber applications, the manager can see co-workers' presence information and click to send an instant message, dial, start a web collaboration session, or start a Cisco TelePresence session. And as the manager moves from the customer conference room to a co-worker's office to the cafeteria, the connection does not drop, thanks to the secure mobility technology in Cisco wireless access points. The IT team can also enforce web content security and email security policies to help prevent malicious attacks on personal mobile devices.

End of Life

In case of termination, or lost or stolen devices, the Cisco solution can help wipe the device of any proprietary information and prohibit any further access to the corporate network or resources.

Why Cisco?

A Cisco BYOD Smart Solution helps to maximize the business value of your wireless investment by providing a high-quality user experience, information security, and ease of support. The solution stands apart from other approaches to BYOD enablement because of:

• Best-in-class technology in each layer: The comprehensive Cisco BYOD Smart Solution includes core infrastructure, policy management, secure mobility, workspace management, and workspace productivity applications. Gartner places each of these Cisco technologies in its Magic Quadrant, indicating leadership in both vision and execution.

• Comprehensive view of the workspace: With a Cisco solution, you can mix native applications, such as the Cisco WebEx Meetings or Cisco WebEx Social client software on the tablet, with virtual applications that live in the data center. Native and virtual applications can share solution components, lowering total cost of ownership (TCO) and protecting your investment as you continue virtualizing your application environment.

• Validated design with end-to-end support: All solution components have been validated to work together so that you can provide the high quality of experience that leads to high adoption. Validated designs reduce risk and accelerate deployment, and end-to-end support speeds time to resolution and avoids the inconvenience of calling multiple vendors.

• Third-party integration: Cisco validates third-party solutions included in the solution framework and provides end-to-end support.

• Comprehensive services: Your Cisco partner has the experience to plan, build, and manage the solution.

• Consistent experience with any connection method: Whether your users connect at work, from home, or when mobile, and over a wired, wireless, or VPN network, Cisco BYOD Smart Solution enforces the same policies. Consistent policy enforcement helps increase adoption and reduce security risk.

• Simplified IT: The Cisco BYOD Smart Solution simplifies IT by allowing you to consolidate to one network, one policy, and one management interface.

For More Information

To learn more about the Cisco BYOD Smart Solution, please visit www.cisco.com/go/byod.

Cisco Prime Network Control System Series Appliances

BYOD Smart Solution

Hierarchical Navigation

Downloads

Programs

Programs

Programs

Programs