SOLUTION NOTE

©2013 Infoblox Inc. All Rights Reserved. infoblox-note-network-best-ally-BYOD-initiative-Dec2013

Your network is your best ally in your BYOD initiative.

1

Mobility – A staple of corporate strategy

Over the years successful enterprises have leveraged mobility, working through its evolutionary cycles, each step of the way making the best of the technologies the market had to offer. In today’s onslaught of anywhere, anytime connected tablets and smartphones, mobile computing is a vital strategic tool to enhance your company’s competitive position.

In the current environment corporations and their employees are teaming up to bring mobility into virtually all aspects of their jobs. With the bring-your-own-device (BYOD) revolution completely underway, enterprises are reaping the benefits of reduced capital expenditures and improved employee efficiency by allowing them to work with the devices they are most comfortable with.

Mitigating risk in the new mobile paradigm

As enterprises embrace their new mobile workforces, they have to ensure that such an anything-goes policy doesn’t expose the company to risks associated with lost or compromised corporate information and other threats knowingly or unwittingly brought into the company’s IT infrastructure.

In order to help mitigate the risks associated with BYOD, most companies are deploying some type of mobile device management system (MDM). These systems utilize a client on the managed devices that allows IT administrators to update and enforce policy over the air. In order for administrators to control the device, it must support the MDM client and be enrolled through some type of on-boarding process that installs the client and begins coordinating with the MDM server.

However, MDM is only part of the overall solution

Existing MDM solutions fall short of addressing a wide spectrum of mobile risks, which are dynamic in nature and cannot be addressed by static MDM policy settings. As a result, this approach still leaves the IT organization vulnerable.1

MDM solutions lack the ability to see what other devices are attached to the network. And the only smartphones and tablets MDM systems can see are those devices that have been enrolled.

Greater visibility, tighter control

A comprehensive solution for BYOD starts at the network layer. According to Gartner,2 network access policies can be used as key components in support of an overall solution—successfully creating an environment in which:

1. Employees can use personally owned devices in the workplace

2. The enterprise maintains the proper degree of control over those devices

Moving the detection and initial policy enforcement to the network layer makes sure that ALL devices, not just those managed by an MDM solution, can be dealt with in accordance with corporate policy.

Enforcing device policy at the network level

Comprehensive Device Detection

Corp. Device Policy

Game ConsolesPCs & Laptops TabletsWireless Routers SmartphonesPrinters POS Devices

BYOD

MDMStaging Area

Limited Access Area

AccessDenied

SOLUTION NOTE

©2013 Infoblox Inc. All Rights Reserved. infoblox-note-network-best-ally-BYOD-initiative-Dec2013

Your network is your best ally in your BYOD initiative.

2

Additional security including Malware protection

Mobile threats do exist. End users may access seemingly safe WLANs, which are actually rogue and malicious networks. End users may also be tricked into providing sensitive information using email phishing techniques. Mobile malware is also on the rise and poses a serious threat to the security posture of mobile devices.3

Standalone MDM solutions do not protect against malware introduced into the enterprise by personal devices.

• MalwareactivitycanbeidentifiedandremediatedwiththeInfobloxDNSFirewall.Withadynamicdatabaseofmaliciousentities of all kinds based on their IP address, domain, URL, name server, and more, your DNS server becomes a point of disruption in malware’s communication to its “home,” preventing additional downloads or the reception of further instructions.

• DHCPMACfilteringcanpreventdecommissioneddevicesfromreturningtothenetwork.

• MACfilteringalonecannothelppreventdevicesfromspoofingthenetwork.Loggingdevice-detectiondata(DHCPFingerprint)andpairingitwithMACdatapreventsanyattempttoconnectwithaspoofedMACaddressbecausetheattemptnolongermatchestheoriginalMAC/devicetypepairing.

Infoblox and enterprise mobility / BYOD initiative

Infoblox, a leader in network control, has the necessary appliances and software to support your organization’s mobility and BYODinitiatives.Infobloxprovidesindustrial-gradenetworksolutionsthatserveyourDNS,DHCP,andIPAMneedswhilesupporting BYOD with the following features:

• Automaticdevicedetectionandextendedvisibility:Detectpersonaldevicesandapplycorporatepoliciesasdevicesattemptto connect to your network.

• Enhancedsecurityandenforcementofcorporatepolicy:Blockunauthorizeddevicetypesfromthenetworkandimposelimits on authorized devices.

• Networkaccesscompliancereporting:ReportonALLendpointdevices—PCs,smartphones,tablets,POSdevices,printers,wireless routers, gaming consoles, etc.

• AutostagingforMDMenrollment:AutomaticallydirectunmanageddevicestoaBYODinstallationandon-boardingprocess.

• Guestregistration:UtilizeaguestnetworkforpersonalmobiledevicesandrestrictuseraccesstojusttheInternet.

• Malwareprotection:Blockthreats,automaticallyquarantineinfecteddevices,issuealerts,andreportpossiblesecurityrisks.

Summary

It’s critical that the technology you deploy for network control provides maximum protection and offers minimum attack surface.FromtheInfobloxhighlysecurehardwareformfactortoourhardenedoperatingsystemtothevarietyofsecurityfeatures in our applications—no other network control vendor focuses more on security than Infoblox. So from the core of your data center to your most remote sales rep, Infoblox technology for network control does the many things it always has done, and now supports your mobility initiatives as well.

NOTES:

1MarbleSecurity;MobileSecurityWhitePaper|BYOD&MDM:WhyYou’reStillatRisk—andWhatYouCanDoAboutIt;Published19March20132Gartner;SecuringBYODWithNetworkAccessControl,aCaseStudy;Published:29August20123IDC;ArchitectingaFlexibleStrategyforSecuringEnterpriseBringYourOwnDevice(BYOD);PublishedJune2012

About Infoblox

Infoblox (NYSE:BLOX) helps customers control their networks. Infoblox solutions help businesses automate complex network control functionstoreducecostsandincreasesecurityanduptime.Ourtechnologyenablesautomaticdiscovery,real-timeconfigurationandchangemanagementandcompliancefornetworkinfrastructure,aswellascriticalnetworkcontrolfunctionssuchasDNS,DHCP,andIPAddressManagement(IPAM)forapplicationsandendpointdevices.Infobloxsolutionshelpover6,900enterprisesandserviceproviders in 25 countries control their networks.

Corporate Headquarters: +1.408.986.4000 1.866.463.6256 (toll-free, U.S. and Canada) info@infoblox.com www.infoblox.com