Overview:
Armed with state of the art consumer mobile devices, employees today demand that IT allow them to select their own laptops, smartphones and tablets and support them whether they are working in the office or remotely. Some organizations are even providing platform allowances for employees to purchase their own devices. This Bring Your Own Device (BYOD) movement has been fueled by the dramatic growth and adoption of mobile platforms such as Apple iOS and Google Android, which have become a critical component of business infrastructure. While increasing flexibility and productivity, this BYOD trend introduces a host of new security challenges for IT.
SonicWall Mobility solutions allow IT to embrace the BYOD trend instead of banning the use of popular devices. Solutions such as SonicWall Secure Remote Access (SRA), E-Class SRA, SonicWall® Mobile Connect™ and Clean VPN™ offer a powerful and simple-to-use security and policy compliance approach that enhances the security management of mobile device networks.
Secure mobile devices.
SonicWall Mobility solutions deliver policy-enforced remote access to network resources from a multitude of mobile device platforms, including Apple Mac OS®, iOS, Google Android® and Windows Mobile devices. The SonicWall® Mobile Connect™ unified client app for iOS provides Apple iPad®, iPhone®, and iPod touch® users full network-level access to corporate, academic or other organizational resources over encrypted SSL VPN connections to provide confidentiality and data integrity for users outside of the corporate network when they are traveling and using hot spots.
Secure laptops.
SonicWall Mobility solutions provide flexible and secure remote access for laptops. SonicWall Aventail Connect delivers “in-office” experience, enabling full access to network resources from laptops running Windows, MacOS and Linux operating systems. SonicWall Aventail® WorkPlace is well suited for unmanaged laptops, offering clientless, portal-based access, as well as authentication, encryption and authorization. SonicWall Aventail Advanced End Point Control™ (EPC™) adds endpoint interrogation, cache control, and an encrypted virtual desktop environment.
Keep remote access simple.
Simple, fast, easy-to-use VPN connectivity is essential to ensure secure and private communications when connecting through uncontrolled WiFi hot spots. SonicWall Mobility solutions enhance productivity and business continuity with full-featured, easy-to-manage, clientless or thin-client “in-office” connectivity to network resources over WiFi and 3G/4G.
Mobile application intelligence and control.
Mobile devices can be conduits for malware to enter networks either inadvertently or intentionally. They can also consume volumes of bandwidth through the use of social media, YouTube®, Netflix® streaming and other bandwidth-intensive applications. Administrators need to be able to control any application used on their network, regardless of device type, when the user is connected to the corporate office.
SonicWall Clean VPN.
SonicWall is the only provider that solves the challenges of access, security and control with one integrated solution that combines SonicWall Clean VPN™ and Application Intelligence and Control. When SonicWall SSL VPN solutions are deployed with a SonicWall firewall, SonicWall Clean VPN scans tunneled traffic to block malware from the mobile communications as a conduit into the network. SonicWall Application Intelligence and Control can allow increased bandwidth for critical applications, while limiting bandwidth for unimportant or unacceptable traffic. SonicWall Clean VPN™ delivers the critical dual protection of SSL VPN and high-performance Next-Generation Firewall necessary to secure both VPN access and traffic. The multi-layered protection of Clean VPN enables organizations to decrypt and scan for malware on all authorized SSL VPN traffic before it enters the network environment.
SonicWall Clean Wireless.
SonicWall Clean Wireless delivers secure, simple and cost-effective distributed wireless networking by integrating universal 802.11 a/b/g/n wireless features with a SonicWall firewall for deep packet inspection, application control and content filtering. SonicWall Clean 3G/4G delivers the same level of protection over cellular wireless networks. When users connect over the internal WiFi network.
Best Practices:
Mobility best practices demand that IT define, document and communicate mobile device use policy, and couple that policy with the deployment of corresponding enforcement solutions. The following best practices include approaches for both policy and technology.
1. Establish SSL VPN access to corporate resources.
An SSL VPN portal can authenticate and encrypt web-based remote access regardless of the mobile device operating system, and can integrate with a Next-Generation Firewall to form a Clean VPN.
2. Vary access levels based on device interrogation.
A mobility solution should assign and enforce various access levels based on the mobile device’s security posture, including device type, mobile applications and device ownership.
3. Require lost or stolen phones be reported immediately.
Use device identification technology to block access to corporate resources and, if needed, remotely disable the device and erase sensitive data.
4. Comprehensively scan all mobile device traffic.
Deploy a Next-Generation Firewall that can conduct deep packet inspection of all traffic to and from mobile devices connected to the network over WiFi and SSL VPN.
5. Control data-in-flight.
To prevent data leakage, malware and botnet attacks, implement a Next-Generation Firewall that can inspect even encrypted outbound traffic from mobile devices connected to the network.
6. Maximize firewall throughput to eliminate latency.
Minimize latency for latency-sensitive mobile applications such as videoconferencing and VoIP with reassembly-free deep packet inspection and a high-speed multi-core processor architecture.
7. Establish controls over mobile application traffic.
To identify, categorize, control and report on web-enabled mobile applications such as social media and streaming video, deploy a Next-Generation Firewall with application intelligence and control.
8. Establish mobile device wireless access security.
Deploy a Next-Generation Firewall with WPA2, intrusion prevention, anti-virus, anti-spyware, and application intelligence and control to scrub mobile traffic over WiFi.
9. Manage mobile traffic bandwidth.
Application-intelligent bandwidth management technology can dedicate both throughput to latency-sensitive mobile applications (e.g. VoIP), and limit bandwidth-consuming traffic such as YouTube and online gaming.
10. Visualize bandwidth activity.
Implement visualization tools to view traffic and enable network adjustments that restrict or block bandwidth-consuming traffic based upon real-time critical observations.
SonicWall mobility solutions.
SonicWall Mobility solutions can help organizations implement best practices to secure mobile device use within corporate network environments and outside corporate reach. Integrating the powerful capabilities of SonicWall Next-Generation Firewalls running application intelligence and control with SonicWall Secure Remote Access (SRA) solutions creates Clean VPN™ that delivers the critical dual protection of SSL VPN and high-performance Next-Generation Firewall necessary to secure both VPN access and traffic. The multi-layered protection of Clean VPN enables organizations to decrypt and scan for malware on all authorized SSL VPN traffic before it enters the network environment.
SonicWall Secure Remote Access solutions, including the SonicWall Secure Remote Access (SRA) Series and SonicWall Aventail E-Class SRA Series provide clientless, full network-level access for Windows®, Windows Mobile, Apple® MacOS®, iOS, Linux®, and Google Android® devices plus optional Web Application Firewall and multi-platform remote support.
The SonicWall SRA Series offers small- to medium-sized businesses granular unified policy, two-factor authentication, load balancing and high availability.
The SonicWall E-Class SRA Series delivers full-featured, easy-to-manage, clientless or thin-client in-office connectivity for up to 20,000 concurrent mobile-enterprise users from a single appliance. Built on the powerful SonicWall Aventail SSL VPN platform, E-Class SRA using granular endpoint control interrogation connects only authorized users to approved resources. When integrated with SonicWall Next-Generation Firewall as a Clean VPN™, SonicWall SSL VPN solutions deliver centralized access control, malware protection, application control and content filtering over the internal wireless network.
Evaluate:
Get answers to the tough questions.
When evaluating mobile security solutions, consider the following questions:
- Do you need to provide remote access to email, client/server and host-based/server-based applications, file shares, printing or Virtual Desktop Infrastructure (VDI) solutions?
- Do you support road warriors and other remote users on Windows®, Macintosh®, or Linux® mobile devices?
- Do you want to reduce costs and overhead by simplifying remote access deployment and management costs for employees, business partners and contractors?
- Are you concerned about viruses, malware and other attacks to your network if you were to provide remote access to your partners and your employees?
SonicWall Secure Remote Access solutions.
SonicWall® Secure Remote Access (SRA) offers client less network-level access for Windows, Windows Mobile, Apple® MacOS®, iOS, Linux, and Google Android®, plus optional Web Application Firewall and multi-platform remote support. SonicWall® Aventail® E-Class SRA delivers full-featured, easy-to-manage, client less or thin-client in-office connectivity for up to 20,000 concurrent mobile-enterprise users from a single appliance. SonicWall Clean VPN™ delivers the critical dual protection of high-performance Next-Generation Firewall and SSL VPN necessary to secure both VPN access and traffic.
Why Upgrade:
The proliferation of mobile device technology has fueled the Consumerization of IT. Upgrading to the latest SonicWall mobility solution gives employers the flexibility to provide employees, business partners and contractors secure remote access to corporate resources from a wide variety of device types. The solution is easy to deploy and manage and lowers the overall cost of providing secure access.
Ease-of-deployment.
Access is clientless or through lightweight web-delivered clients, easing deployment, eliminating administrative overhead and minimizing support calls. The SonicWall® Mobile Connect™ unified client app for iOS is easily downloaded by end users from the App Store℠.
Flexible OS support.
SonicWall mobility solutions provide policy-enforced remote access to network resources from mobile device platforms such as iOS, Google Android® and Windows® Mobile, as well as traditional laptop platforms, including Mac OS®, Windows and Linux®.
Lower TCO.
SonicWall Mobility solutions lower IT costs by centralizing management to a single gateway that extends secure remote access via SSL VPN for both internal and mobile users across multiple mobile device platforms to all network resources including web-based, client/server, host-based and Virtual Desktop Infrastructure (VDI) solutions.