customer insight cso s perspective what edge n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Customer Insight: CSO's Perspective – What Edge? PowerPoint Presentation
Download Presentation
Customer Insight: CSO's Perspective – What Edge?

Loading in 2 Seconds...

play fullscreen
1 / 10

Customer Insight: CSO's Perspective – What Edge? - PowerPoint PPT Presentation


  • 72 Views
  • Uploaded on

Customer Insight: CSO's Perspective – What Edge?. Microsoft Research EdgeNet, June 2006 Mark Ashida General Manager Windows Enterprise Networking. The Evolution of Our Thinking. Industry Trends Consolidation of functionality vs. appliances

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Customer Insight: CSO's Perspective – What Edge?' - roger


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
customer insight cso s perspective what edge

Customer Insight: CSO's Perspective – What Edge?

Microsoft Research EdgeNet, June 2006

Mark Ashida

General Manager

Windows Enterprise Networking

the evolution of our thinking
The Evolution of Our Thinking
  • Industry Trends
    • Consolidation of functionality vs. appliances
    • Mobility driving more devices, roaming users, policies
    • Trust boundaries are vague - hard to define & control
  • Network Access Protection (NAP)
    • Defined initial requirements with customers
    • Early & consistent review with Microsoft IT dept
    • Refined functionality with feedback from pilot programs
      • Technology Adoption Program (TAP), Vista Beta Customers
what edge

Internet

Restricted Zone

New PC

Logical CorpNet

ProvisioningServers

Internet

DHCP, DNS, AAA

X

Employee, Partner, Guest PC

IPSec Security

Seamless Network Gateways

Non-domain joined, Non-IPSec Devices

What Edge?
  • VLAN’s, IPsec, internal firewalls, NAC appliances
  • Jericho Forum
  • Logical L3+ vs. L2
thinking evolution
Thinking Evolution
  • Network Access Protection Abstraction

Health

State

Network

Infrastructure

Policy store

RADIUS

Quarantine

Agent

Enforcement

802.1x, IPsec

thinking evolution1
Thinking Evolution
  • Network Access Protection Abstraction

Health

State

Policy store

RADIUS

Quarantine

Agent

Enforcement

802.1x, IPsec

Control Plane

Enforcement/

Network

Assets

Network

Infrastructure

thinking evolution2

Enforcement/

Network

Assets

Network

Infrastructure

Thinking Evolution

Single

Dashboard

Reporting

MOM

MOM

Pak

MOM

Pak

MOM

Pak

Health

State

UI

Diag

Policy store

RADIUS

Quarantine

Agent

Enforcement

802.1x, IPsec

Control Plane

thinking evolution3
Thinking Evolution

NAP

Configuration

Help

Desk

Security

Provisioning

Performance

Network State

Database (in MOM)

Policy store

RADIUS

DHCP

Clients

WINS

VM/TPM

DNS

Network

Infrastructure

what cso s want
What CSO’s want.
  • Want it soon – they want PAC not NAC
  • Fined grained admission per resource based upon
  • Fined grained based upon rich information such as:
    • Identity (permanent and temporary)
    • Machine state (health)
    • Application
    • Entry point
    • Time of day, etc.
  • Interoperability with current infrastructure/desktops
    • Multi-vendor solution
    • Federated trust would be nice
  • Manageability
what cso s don t want
What CSO’s don’t want
  • Don’t make it uneconomical for us to deploy
      • Help desk
      • Management
      • Multiple solutions
  • Don’t break Provisioning/Logon/SSO
  • Is 802.1x the right enforcement method?
    • Practical deployment issues – beaconing, provisioning, multimac on single port, VM’s,
unashamed vista lhs plug
Unashamed Vista/LHS Plug
  • Network Diagnostics – why can’t you connect and repair
  • NAP Agent – why you can’t connect/Help desk
  • MOM Desktop NAP Agent – events/alarms from desktop, expanding to all networking elements on desktop (QoS, etc.)
  • IPsec – giving you virtual logical groups anywhere in the world (240k desktops at MS) with much reduced deployment costs
  • Adaptive NEW IP Stack – much better throughput, up to 80+Mbs on a 100Mbs port vs. 20 previously
  • IP Offload – 10Ge announced now
  • IPv6 – on by default