Cisco Cisco AnyConnect Secure Mobility Client v3.x 白皮書
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 5 of 16
Potential Any Device Risks
Organizations should plan to address the following
Any Device risks:
Any Device risks:
●
Loss of control over corporate data stored on the
device, including regulatory or customer data
device, including regulatory or customer data
●
Loss of control over the device posture:
◦ Less control of overall device security may
◦ Less control of overall device security may
increase the risk of exploitation and create an
attack vector to infrastructure and services
attack vector to infrastructure and services
◦ Devices may not conform to policy and
operational models, potentially damaging
business relationships, affecting legal or
regulatory requirements, and driving up support
costs
business relationships, affecting legal or
regulatory requirements, and driving up support
costs
●
Less visibility into the devices connected to the
network (where they are and who owns and
operates them) leads to challenges for security,
licensing, regulatory and legal assurance, and
audits
network (where they are and who owns and
operates them) leads to challenges for security,
licensing, regulatory and legal assurance, and
audits
Together, these developments signaled the need for a new corporate device strategy that answered a fundamental
yet imperative question: As we see new business models related to mobility, cloud, the IoT, and IoE continue to
expand, how can we provide people with safe access to corporate resources from any device, and from anywhere?
Not every worker requires the same level or type of access to
the corporate infrastructure. Some need only email and
calendaring services on their smartphones, whereas others
may require greater levels of access. For example, Cisco sales
professionals can access ordering tools from their
smartphones, increasing their ability to close a sale. This
situation created tiers of network access depending on the
sensitivity and location of the data being accessed, as shown
in Figure 3. As a baseline, workers need to use “trusted
applications” for business activities. As workers require deeper
access to the core network, they must use “trusted devices.”
in Figure 3. As a baseline, workers need to use “trusted
applications” for business activities. As workers require deeper
access to the core network, they must use “trusted devices.”
Protection measures on the device must increase from simple
device registration, password and screen-lock enforcement,
and remote content wiping to compliance with security policies
enforced by the Cisco
®
Identity Services Engine (ISE).
Figure 3. Differentiated Network Access
Stage 4: Any Service, Any Device, Anywhere
Cisco currently allows users to access corporate resources housed on premises and in the cloud. Transparent
connectivity, trusted-device standards, a single mobile app store, a threat-centric security model, and a dynamic
self-support model are foundational elements that continue to support the business in its Any Device journey.
Business productivity, one of the primary reasons behind the Any Device vision, is increasing significantly along
with employee satisfaction.