Customer Insight: CSO's Perspective - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

Customer Insight: CSO's Perspective

Description:

Infrastructure. RADIUS. Policy store. Thinking Evolution. Network Access ... Interoperability with current infrastructure/desktops. Multi-vendor solution ... – PowerPoint PPT presentation

Number of Views:26
Avg rating:3.0/5.0
Slides: 11
Provided by: ResearchM53
Category:

less

Transcript and Presenter's Notes

Title: Customer Insight: CSO's Perspective


1
Customer Insight CSO's Perspective What Edge?
  • Microsoft Research EdgeNet, June 2006
  • Mark Ashida
  • General Manager
  • Windows Enterprise Networking

2
The Evolution of Our Thinking
  • Industry Trends
  • Consolidation of functionality vs. appliances
  • Mobility driving more devices, roaming users,
    policies
  • Trust boundaries are vague - hard to define
    control
  • Network Access Protection (NAP)
  • Defined initial requirements with customers
  • Early consistent review with Microsoft IT dept
  • Refined functionality with feedback from pilot
    programs
  • Technology Adoption Program (TAP), Vista Beta
    Customers

3
What Edge?
  • VLANs, IPsec, internal firewalls, NAC appliances
  • Jericho Forum
  • Logical L3 vs. L2

4
Thinking Evolution
  • Network Access Protection Abstraction

Health State
Network Infrastructure
Policy store
RADIUS
Quarantine Agent
Enforcement 802.1x, IPsec
5
Thinking Evolution
  • Network Access Protection Abstraction

Health State
Policy store
RADIUS
Quarantine Agent
Enforcement 802.1x, IPsec
Control Plane
Enforcement/ Network
Assets
Network Infrastructure
6
Thinking Evolution
Single Dashboard
Reporting
MOM
MOM Pak
MOM Pak
MOM Pak
Health State
UI Diag
Policy store
RADIUS
Quarantine Agent
Enforcement 802.1x, IPsec
Control Plane
7
Thinking Evolution
NAP
Configuration
Help Desk
Security
Performance
Provisioning
Network State Database (in MOM)
Policy store
RADIUS
DHCP
Clients
WINS
VM/TPM
DNS
Network Infrastructure
8
What CSOs want.
  • Want it soon they want PAC not NAC
  • Fined grained admission per resource based upon
  • Fined grained based upon rich information such
    as
  • Identity (permanent and temporary)
  • Machine state (health)
  • Application
  • Entry point
  • Time of day, etc.
  • Interoperability with current infrastructure/deskt
    ops
  • Multi-vendor solution
  • Federated trust would be nice
  • Manageability

9
What CSOs dont want
  • Dont make it uneconomical for us to deploy
  • Help desk
  • Management
  • Multiple solutions
  • Dont break Provisioning/Logon/SSO
  • Is 802.1x the right enforcement method?
  • Practical deployment issues beaconing,
    provisioning, multimac on single port, VMs,

10
Unashamed Vista/LHS Plug
  • Network Diagnostics why cant you connect and
    repair
  • NAP Agent why you cant connect/Help desk
  • MOM Desktop NAP Agent events/alarms from
    desktop, expanding to all networking elements on
    desktop (QoS, etc.)
  • IPsec giving you virtual logical groups
    anywhere in the world (240k desktops at MS) with
    much reduced deployment costs
  • Adaptive NEW IP Stack much better throughput,
    up to 80Mbs on a 100Mbs port vs. 20 previously
  • IP Offload 10Ge announced now
  • IPv6 on by default
Write a Comment
User Comments (0)
About PowerShow.com