Have you noticed all those iPads around the factory? All around the production areas, the office areas and the warehouse? These mobile connected devices and applications are quickly changing business and organizational models.
They are also changing employee habits and the way we work, as more and more users depend on tablets, such as the Apple iPad, for a variety of daily personal and professional tasks.
It’s not just Apple, though they’re the most common. All those other tablets too. Some of the others are capable of a drop or two, or more onto hard concrete!
The most prevalent use case that IT departments need to solve for is the one where an employee brings their own personal device into the company and seeks to gain network access. This is happening a lot these days. Funny, but companies are finding this is one of the ways they are attracting and keeping talent, especially young talent, so listen up!
Figure 1 illustrates the Cisco solution…
Here is how it works:
Employee brings both a corporate issued laptop and a personal tablet into the office.
The employee connects both devices to the network using a single service set identifier (SSID).
The network uses 802.1x Extensible Authentication Protocol (EAP) authentication.
The Cisco ISE uses a number of device fingerprinting variables to accurately identify the device as a corporate or personal asset.
An appropriate policy is determined using a combination of criteria such as who the user is, what device is being used, the location and time, and so on.
The Cisco ISE then enforces the policy by placing each device on an appropriate VLAN while the device remains connected on the same SSID.
The Cisco Wireless LAN Controller grants access to resources as appropriate based on policy.
In the example shown in Figure 1, the corporate asset (laptop) gets unrestricted access to corporate resources, whereas the tablet is given restricted access as well as limited Internet access.
And there you have it. Is it really that simple? Well, the answer is ‘yes’ for the example I gave. Of course it relies on a Cisco infrastructure to be effective, but customers are doing this now. This is one of the simplest examples. Cisco solutions can deal with the most complex examples, given the right services and support.
This is just one example of how to cope with BYOD (Bring Your Own Device), and in my next blog I’ll talk about the sea-change that is happening in companies today, when I talk about the newly published cover story ‘ Mobile Industrial Worker’ I authored in Control engineering Magazine -- but that’s another blog!