SSL-VPN Remote Access & Mobility
Avirut Liangsiri Technology Director
Agenda Driver for Remote Access Evolution Challenges / Risk SSL VPN defined SSL VPN can – Detect – Protect – Connect
Usage Scenario Summary Page 2
Sonicwall Seminar 9th June 2011
1
Networking Drivers & Trends
Business Drivers
Technology Trends Access
Network Reduction in operating costs Focus on TCO Mobilization of the workforce Business expanding globally
Growth in real-time applications SaaS / Web 2.0
Ubiquity of broadband Proliferation of mobile devices
Virtualization of services Data Center consolidation
Rise in IP telephony End point interrogation / NAC
Compliance
Infrastructure Demands
Outsourcing growth
Growth in bandwidth; thirst for unimpeded traffic routing
Gaining competitive advantage
Integration concerns Handling latency sensitive traffic becomes challenging – voip, collab. De-perimeterization 3
3
Page 3
The Communications Landscape Is Rapidly Evolving Sonicwall Seminar 9th June 2011
Remote Access Evolution
Then
Now A must-have utility for all
A service for a select few Best effort performance and up-time Cost center
Productivity Lever
Carrier-based
Network independent
Anywhere there’s a phone line Static Passwords
Anywhere
One-Time Passwords
Dial-Back Modems
Page 4
Always up, high performing
Device Profiling
Sonicwall Seminar 9th June 2011
2
The Business Impact- The Perimeter Contracts While the Network Expands
2001: Network Perimeter
2011: Network Expansion VOIP Users
SaaS Saas, Web 2.0
User Real-Time Apps Unified Protection Communications Collaboration
Corporate Data Centers
Business Communication Protection
External Users
Perimeter / Internal Security
Access Control
WANs
Customers or Suppliers
Extranets Remote Employees
Remote Access
Traveling Users
5
Page 5
Productivity Controls
Partner Access
Access and Information Flows is Moving Increasingly Across Traditional Sonicwall Seminar 9 June 2011 Network Boundaries th
Expanding Solutions
New Challenges = New Risks
6
6
Page 6
CONFIDENTIAL – All Rights Reserved – May 25, 2007
Sonicwall Seminar 9th June 2011
3
Secure Remote Access Drivers
Remote Access
Give all employees remote access solution that is easy to use and deploy.
Extranet Access
Open access to partners to increase collaboration, yet do it in such a way that access control and security is not compromised.
Mobility Securing Wireless Networks Disaster Recovery
Working ‘Green’
7
Page 7
Mobile devices are increasingly functional for both data and voice, leading to a rise of IT managed (and non-managed) mobile devices. Many organizations treat users on the wireless network as remote users because of concerns over who has access to the wireless network. During a business disruption, demand for remote access could spike to include the majority of your workforce. Rising transportation costs and environmental concerns are leading towards increased flexibility regarding working from home.
Remote Access Drivers Impact ALL Employees, With Both IT Managed and NonSonicwall Seminar 9th June 2011 Managed Devices
The Need for Secure Remote Access
The Goal: Increase access and productivity for a diverse user population without increased costs and complexity for the organization, AND without compromising security The Requirements: To provide Remote Access Control, what do you need? Remote Access can be managed and secured if you answer these three questions
1. 2. 8
3.
Page 8
Who is the user? Proof as to who the user is without question, based on a strong authentication method
What’s happening on the end point? A clear understanding of what is happening on the user’s end point to make a policy decision, then classify that device accordingly
What are the resources the user is seeking? Knowledge of what applications the user wants access to, and then grant access according to policy Sonicwall Seminar 9 June 2011 th
4
SSL VPN Defined
Traditionally defined as browser based access that is independent of the network. SSL VPNs have evolved to authorize access to resources based on the trust established for the authenticated remote user as well as the identity/integrity of the device used for access. SSL VPN Advantages Broad Access- Access from any Internet browser for remote users Secure- Granular access control ensures users only see what they are entitled to and that access points are secure Easy to use- For both end users and administrators Remote Access SSL VPN • Sits between remote users The Corporate LAN IT Resources
Directories
Internal Users
Web Apps LDAP AD
File Shares
and corporate data center • Serves as policy controller for all remote users • Logical enforcement point for NAC security strategy for remote users
LDAP
Employee Using a Wireless Hotspot
Day Extender
Employee PDA User
Employee at a Kiosk
Client/Server Apps RADIUS
Traveling Employee
SSL VPN
Page 9
Extranet Access: Business Partner from any Browser Sonicwall Seminar 9th June 2011
Security vs. IPSec
Compared to traditional remote access via IPSec, SSL VPNs:
Are easier and less expensive to deploy and manage: no complex clients to provision or support
Enable employee and partner productivity: access to any application, from anywhere, via any device
Are more secure: granular access control and end point control Increasingly are replacing IPSec VPNs as the standard solution for all remote access use cases
Comparison
Result moving to SSL VPN from IPSec
Encryption
No change
Authentication
No change or Improved
Access Control
Improved
Perimeter Profile
Improved
Logging and Forensics
Improved
Web Security End-Point Security Page 10
Improved No Change or Improved Sonicwall Seminar 9th June 2011
5
The Shift to SSL VPNs Wireless LAN Users
Pocket PC Users
Day Extenders
Traveling Employees
Kiosk Users
Home Office Users
Corporate Network
Extranet Users
Enterprises are seeing a new kind of remote access: – Harder to manage: Access from devices outside of IT’s control – Demanded by more users: Broader employee access, partner access – New devices and access points: Wireless hotspots, airport kiosks, home PCs
Page 11
Sonicwall Seminar 9th June 2011
The SonicWALL Aventail Approach to Secure Remote Access SonicWALL Aventail provides best of breed Secure Remote Access that ensures the appropriate level of access for any remote access use case Detect
Detect
Detect what is running on the end point device
Protect
Protect
Protect applications with granular access control based on user identity and device integrity
Connect
Connect
Connect users securely and easily to applications on any device
Remote Access
Traveling Employee
Employee at a Kiosk
SonicWALL Aventail Secure Remote Access
Day Extender Employee Using a Wireless Hotspot
Corporate Data Center Directories
LDAP
Applications Web Apps Client/Server Apps
LDAP
Employee PDA User
AD RADIUS
File Shares Databases VoIP
Extranet Access Customer/Supplier Behind a Firewall
Internal Access
Business Partner from any Browser Page 12
Internal Users Sonicwall Seminar 9th June 2011
6
Easy to Use. Easy to Control.
The SonicWALL Aventail Remote Access Control Platform
Detect
End Point Control™ (EPC™): detects the identity and security state of the end device
Protect
Unified Policy™: is the enforcement engine, controlling device access so users only access applications they are authorized for
Connect
Smart Access™ and Smart Tunneling™: are the transport mechanisms, making it easy and secure for users to access all network resources
Page 13
Sonicwall Seminar 9th June 2011
Detect
End Point Control
SonicWALL Aventail’s End Point Control Interrogates managed and nonmanaged devices prior to connecting AND on a recurring schedule in order to identify the device and determine the overall trust level EPC Device Interrogation Interrogate by Device Profile IT Managed Windows Non-Managed Windows Mobile Macintosh Linux WorkPlace Access (Clientless Web Access)
For Device Identity Mapped Directory Windows Domain Membership Device Watermark/ Certificate Any Resident File Windows Device ID
And Device Integrity Anti-Virus Registry Key Windows O/S Level Personal Firewall Anti-Spyware
With Data Security Cache Control Secure Desktop
Corporate Network VoIP Applications File Shares
Page 14
Connect Access (Client-Installed Access) Sonicwall Seminar 9th June 2011
Traditional Client/Server Applications
7
Detect
Advanced EPC Aventail provides the most granularity of any SSL VPN for determining the trust level of end point devices
Detect Detect
Advanced EPC simplifies the setup and maintenance of device profiles for Windows, Macintosh and Linux devices Version specific checks for Anti-Virus, Personal Firewall and Anti-Spyware products Detailed integrity checks include specifying signature updates and file system scanning within a specific date range, as well as requiring A/V & Spyware agents to have realtime protection turned on
1 5
Page 15
Detect Detect
Sonicwall Seminar 9th June 2011
Grand Teton Windows DeviceInvestments Identification Note: for devices that do not have a hard drive serial number on file, organizations can allow limited access, and then export the hard drive serial number to AD/LDAP – The SonicWALL Aventail will be able to log the hard drive serial number to a ‘unregistered device’ log for easy export
Page 16
Sonicwall Seminar 9th June 2011
8
Protect
Unified Policy
SonicWALL Aventail’s object-based Unified Policy enables application control via easy to setup and manage access rules, covering all devices types and users.
Admission Control
Your Company
Define Trust Level for Users
Access Control
Define Trust Level for Devices
Employee Community
Partner Community
Groups: Sales, Marketing, Executive
Groups: Partners
Allow
Allow
Quarantine
Quarantine
Deny
Deny
Access Control List
Define What Applications Users/Devices can Access
Page 17
Protect
Application: CRM App User Trust:
Sales, Executive
OWA
Order Entry
All in Empl. Community
Sales, Partners
Device Trust:
Create allow, deny and quarantine rules easily that govern access for all users and devices based on device identity and device integrity
Just one rule set enforces access to all resources across all access methods based on who the user is and the trust level for the device
Sonicwall Seminar 9th June 2011
User Trust
Easily allows administrators to determine which users can access the SSL VPN and how they should authenticate in order to gain access
Directory Browsing: Easily browse to external repositories to determine which users/groups can have access to the SSL VPN
Dynamic Groups: Dynamically populates group memberships based on LDAP/AD queries
Dual/Stacked Authentication: Allows consecutive authentications (e.g. SecureID Tokens + Username/Password) capturing credentials for SingleSign-On (SSO) to downstream applications
Forms-Based Authentication: Administrators can directly configure SSO for forms-based Web applications
Virtual Keyboard: Allows authentication credentials to be entered via a virtual keyboard in untrusted environments
Password Management: Allows users to change password via the WorkPlace Portal at will or when prompted
One Time Password: Generate one-time passwords when an easy-to-distribute, second factor authentication is required when accessing the SSL VPN Page 18
Sonicwall Seminar 9th June 2011
9
Protect
Device Trust: Allow Zone Determines conditions for when devices can be used to gain access to the SSL VPN as well as setting specific conditions for application access Device profiles set criteria by device type (Windows, Macintosh, Linux & Windows Mobile), with multiple device profiles permitted within a single allow zone Data protection options allow Cache Control or Secure Desktop options to be deployed on a per zone basis Multiple zones supported, allowing different allow zones based on different trust levelscreating dynamic application level policies (e.g. home users have less access than IT managed devices)
Page 19
Protect
Sonicwall Seminar 9th June 2011
Device Trust: Deny Zone
Provides granular access control by allowing administrators to specify requirements for ‘denying’ access
Deny zones set conditions for when access to the SSL VPN should immediately be denied – Customizable greeting text provides detailed information to the user on why access was denied – Multiple deny zones can be created, combining attributes from one or more device profiles
Rapid threat prevention- administrators can quickly and easily set conditions for when access should be denied
Page 20
Sonicwall Seminar 9th June 2011
10
Protect
Device Trust: Quarantine Zone Simplifies end point control set-up while providing greater control over what end users see in the event their device does not meet required standards for access Quarantine zones provide a landing zone for users/devices who do not match the necessary end point prerequisites for access Customizable content per community of users provides specific information to users on why access was denied (easily distinguishable from allow zones) Remediation links allow users to update components on their device in order to change their zone classification
Page 21
Sonicwall Seminar 9th June 2011
Protect
Access Control
Granular application access control from a single ‘Unified’ management interface
Single unified policy interface to manage all access across all types of applications and access methods
Granular application access control based on who the user is and the trust level for the device
–
Block attachments in Webmail
–
Leverage user variables to provide direct access to user specific file shares and remote desktops
Bidirectional access control for added security with remote helpdesk and VoIP
Page 22
Sonicwall Seminar 9th June 2011
11
Protect
Easy to Manage
SonicWALL Aventail provides the most granular control options while being the easiest to manage of any SSL VPN provider
Page 23
Protect Technician
Admission policy and Access control policy easily laid out visually and centrally
Real time user monitoring tracks user activity, making it easy to monitor, troubleshoot and terminate user connections
Policy synchronization makes it simple to manage policy across multiple SonicWALL Aventail appliances
Roles based administration ensures that management tasks can be delegated to specific administrators
Sonicwall Seminar 9th June 2011
Virtual Assist Remote Employees
SonicWALL Virtual Assist provides organizations with an easy to use remote support tool Virtual Assist is a remote support tool that enables a technician to assume control of a customer’s PC or laptop for the purpose of providing remote technical assistance
How it Works: 1. Technician Logs launches lightweight client to monitor queue or invite a specific customer via e-mail 2. Customer logs on to portal and requests help or accepts the e-mail invitation 3. Meanwhile, a lightweight client is pushed seamlessly through the browser to the Customer 4. Technician sees Customer in queue and requests access to Pagecomputer 24 Seminar 9th June 2011 5. Customer gives permission and remoteSonicwall support session begins.
12
Connect
Smart Access to Unmanaged Devices
WorkPlace Access: Access to Web-based and client/server applications from virtually any device
https://myhomepage.mycompany.com
Welcome to the myCompany Remote Access Portal
25
Page 25
Connect
Sonicwall Seminar 9th June 2011
WorkPlace Portal
The Workplace Portal provides transparent access for Web applications, client/server applications, and file shares Customizable Web portal displays only links to resources permitted for the user and the device used for access
Personal Bookmarks allow users to add their own shortcuts
WorkPlace sites allows multiple branded portals for different user communities
Smart Access ensures that the optimal method of
access is provisioned to the user based on browser type and device type- without the user having to do anything OnDemand Tunnel is integrated as part of the WorkPlace portal, allowing complete application access (including VoIP) through a browser interface
Native Access Modules provide access to Citrix and Windows
Terminal Services applications directly via the WorkPlace Portal
WorkPlace Mobile provides personalized and policy driven Web portal that is optimized for virtually any mobile device browser
Page 26
Sonicwall Seminar 9th June 2011
13
Connect
Mobile ActiveSync Support Mobile ActiveSync support allows access to email, calendar and contacts from iPhones and Symbian devices through the SonicWALL Aventail SSL VPN
27
Page 27
Connect
Apple iPhone, iPad, Google Android & Symbian support
Clientless Email, Calendar and Contact access through the SonicWALL Aventail SSL VPN- eliminating the need to provide direct access from remote devices to your exchange server
Device ID Checking provides the ability to uniquely tie the mobile device to a user by checking and comparing device attributes to the user’s authentication credentials
Sonicwall Seminar 9th June 2011
Smart Access to Managed Devices
Connect Access: Easy to provision and manage, with complete application access for Windows, Macintosh, Linux and Windows Mobile devices, and an ‘in-office’ user experience
Web-Based Applications
File Shares
Thin Client/ Server Applications
Traditional Client/Server Applications
Page 28
Sonicwall Seminar 9th June 2011
14
Connect
Connect Tunnel
Provides secure policy controlled network access from a Web deployed/delivered Windows, Macintosh or Linux client, providing a complete “in office” experience.
Easy provisioning via the WorkPlace portal or through standard software distribution processes End Point Control to interrogate the device before allowing access and during the connection
Split tunneling control for added security, with ‘redirect all’ and ‘redirect all with local network access’ options
Auto updating ensures the agent is always in sync with the SSL VPN appliance
NAT Mode allows simple configuration for broad user based (no address pools required)
Unified policy provides same access control options as the WorkPlace portal, including support for Allow, Quarantine and Deny Zones
Page 29
Sonicwall Seminar 9th June 2011
Connect
Connect Client for Android Status: Technology Preview Port mapped client provides access to network
resources using Citrix, IMAP, HTTP, HTTPS, SMTP, SSH, Telnet, RDP, etc8
Downloads pre-defined web bookmarks defined in the Workplace portal
Does not require the Android phone to be rooted Downloadable from the Android market place “Now”
HTTP
HTTPS
SMTP
Citrix
Telnet
RDP
Page 30
Benefits: Provides web, mail, RDP, Citrix and other access from any Android based Smart Phone or Tablet.
Sonicwall Seminar 9th June 2011
15
Connect
SPIKE Licenses
SPIKE Licenses – SPIKE Licenses allow you to purchase temporary capacity increases to be used in the case of an emergency • EX6000: ‘Spike’ to 250 concurrent users • EX7000: ‘Spike’ to 5,000 concurrent users – SPIKE Licenses available for increasing from any user count, including 5user Lab appliances – SPIKE Licenses available in 10-Day and 30-Day increments • SPIKE Licenses support start & stop, allowing for flexibility in how the license is applied (requires firmware version 10.5.0 or greater)
Page 31
Connect
Sonicwall Seminar 9th June 2011
Smart Tunneling vs. Other Solutions SonicWALL Aventail
Competitive SSL VPN
IPSec VPN
Complete application access
X
X
X
Layer 3 tunnel with layers 4 – 7 policy control, allowing universal application reach with complete security
X
O
O
Client mode (client installed access for an in office experience)
X
X
X
Web mode (portal access)
X
X
O
Adaptive Routing - No need to define routes manually and routes based on named resources and used only when resource is accessed (minimizing routing conflicts)
X
O
O
Adaptive Addressing- Avoids address conflicts and provides dynamic proxy traversal
X
O
O
Full bidirectional policy with granular control down to per group, per user and per resource level (not global)
X
O
O
Closed security model, with tunnel opened only with direct secure communication between user and application
X
O
O
Back-connect access and bidirectional control for remote helpdesk applications, VoIP, and others
X
O
O
X
O
O
Feature / Function Smart Tunneling
Single Solution for All Access
Adaptive Access
Bidirectional Tunnel Control
Integrated with Unified Policy Page 32 one access control rule list for all resources and access methods Providing Sonicwall Seminar 9th June 2011
(tunneling and proxy based)
16
One Secure Gateway for Secure Remote Access Needs
Unmanaged Devices
SonicWALL Aventail provides the only SSL VPN that provides one solution with centralized management for all devices, applications, and users, delivering manageability, security, and productivity Aventail® WorkPlace™
Web-Based Applications
Clientless browser access for Web apps, client/server apps and file shares
Kiosk Users
Business Partners
Teleworkers PDA/Smartphone Users
File Shares
Aventail® Connect™
Managed Devices
A Web-delivered client, for complete network access and unmatched ease-of-use
Internal Users
Wireless LANs
IT-Managed Devices
Service Edition: Application-toApplication
SonicWALL Aventail Secure Remote Access
Thin Client/ Server Applications
Traditional Client/Server Applications
Aventail® Connect Mobile™ Mobile PDA & Smartphone Users Page 33
Sonicwall Seminar 9th June 2011
SonicWALL SSL VPNs: Remote Access for Any Organization
Dedicated SSL VPN Solutions
Use Case: IT Managed Devices • Layer 3 SSL VPN Agent (Web provisioned) • Windows, Macintosh, Linux & Windows Mobile support NSA E-Class UTM
Use Case: IT Managed Devices & Non Managed Devices • Web based (portal) access for non managed devices • Layer 3 SSL VPN agent for IT managed devices • End Point Control (NAC) options (Aventail) • Scales to thousands of concurrent users • Remote helpdesk options SonicWALL Aventail SRA EX7000
SonicWALL Aventail SRA EX6000
Mid Tier
Enterprise
Integrated Solutions UTM + SSL VPN
NSA UTM
SMB
SonicWALL SRA 4200
TZ UTM
EASY ACCESS 34
Page 34
• Web based (portal) access for non managed devices • Layer 3 SSL VPN agent • Remote helpdesk options • Web Application Firewall • Priced attractively for SMB
SonicWALL SRA 1200
Emphasis of Customer Need
ACCESS CONTROL (GRANULAR POLICY)
Sonicwall Seminar 9th June 2011
17
SSL-VPN USAGE SCENARIO
Page 35
Sonicwall Seminar 9th June 2011
Teleworking Allowing employees to work from home and different remote locations, leveraging both IT managed devices and non-managed devices
Challenges with IT Managed devices Hard to manage and distribute clients Access complexities- NAT Traversal, address conflicts, limited ability to move from network to network Limited control- user has a direct connection to your network Power users- Mobile sales professionals and executives who demand constant access while constantly on the go
Challenges with devices NOT managed by IT Can’t easily distribute clients Access ranges across different device types and operating systems Productivity argument- let people work from home, from hotels, from wireless devices that they have purchased Security- Granular control to specific resources plus end point security is required to protect your network Corporate Data Center
Remote Access
Traveling Employee
Employee at a Kiosk
Directories Day Extender
LDAP
Employee Using a Wireless Hotspot
LDAP
Employee PDA User
RADIUS
Applications Web Apps Client/Server Apps
AD
File Shares Databases VoIP
50% of telecommuters will sometimes use personal computers and PDAs for corporate access- 2008 Ernst & Page 36 Young Study on Telecommuting Trends Sonicwall Seminar 9th June 2011
18
Extranet Access Organizations of all size are extending their business supply chains outwards, whether through contracted outsourcing or business partnerships
Challenges with Extranets/Business Partner Access
No access to partner devices by your IT staff No responsibility for the user gaining access Productivity argument- Let your partners collaborate with your employees Security argument- Need to control access to specific applications and nothing else Corporate Data Center Directories
Extranet Access
LDAP
Applications Web Apps Client/Server Apps
Customer/Supplier Behind a Firewall
LDAP AD
Business Partner from any Browser
RADIUS
File Shares Databases VoIP
Roughly half of the respondents said they are currently counting on partners for R&D, manufacturing, marketing, logistics, distribution, customer service, human resources or other corporate functions – and two-thirds expect to be reliant on third parties for these functions to some extent by 2011- BusinessWeek Page 37 Research Services July 2008 Survey Sonicwall Seminar 9th June 2011
Secure Intranet Access Secure application INSIDE!!! – Web application firewall : Internal application protection • Protect application & data from unauthorized and uncontrollable access • Protect web based intrusion & attacks – Protect data from direct access either by privilege user without monitoring – Granular access control – Protect data theft & usage of spyware, suspicious & illegal software (preauthentication scan) – Monitor performance & availability of applications Web-Based Applications
LAN/WAN Access Employee Out-source/ Vendor
File Shares
Page 38
Sonicwall Seminar 9th June 2011
19
The Impact of Mobile Devices Mobile Devices no longer just a personal productivity tool but an extension of the enterprise and the network Organizations are looking to provide access to more than just email from a mobile device Many enterprises are choosing to issue PDAs and smart phones for more than just email access to mobile workers, such as sales or service personnel, to increase productivity and security IT organizations view Microsoft Windows Mobile as an extension of their current security policies for IT managed devices Individual users are purchasing Smart Phones and are asking IT for access to corporate email
“82% of smartphone owners said they use their devices to read business e-mail, 80% surfed corporate Web sites, and 61% accessed enterprise data� Information Week Feb 2008 Page 39
Sonicwall Seminar 9th June 2011
SonicWALL Mobile Platform Support (SRA, E-Class SRA, UTM)
Agent Type
Appliance
Mode
Windows Mobile 6.X
Windows Phone 7
Apple IOS
GoogleA ndroid
Symbian
RIM BB
Web Translation
X
X
X
X
X
X
Virtual Host
X
X
X
X
X
X
Web Translation
X
X
X
X
X
X
Application Offloading
X
X
X
X
X
X
EPC
X
-
X*
X*
X*
-
Native ActiveSync
-
-
X
X
X
-
Native ActiveSync (App Offloading)
X
X
X
X****
X
-
Connect Mobile
X
-
-
-
-
-
OnDemand Tunnel
-
-
-
X**
-
-
Connect Tunnel
-
-
-
-
-
-
NetExtender
X
-
-
X***
-
-
NetExtender
X
-
-
X***
-
-
GVC
-
-
-
-
-
-
L2TP
X
-
X
X
-
-
E-Class SRA Web Only (no agent required)
Lightweight Browser Plug-in/ Native ActiveSync Proxy Agent
SMB SRA
E-Class SRA
SMB SRA E-Class SRA
E-Class SRA Layer 3 Tunnel
Page 40
SMB SRA Next Generation Firewall
Sonicwall Seminar 9th June 2011
20
Remote Access and Business Continuity Data Center: New York IT Resources Client/ Server Apps
File Shares
Web Apps
Remote access allows employees to work productively in
the event that a central office is not accessible- providing secure access from anywhere Disasters can be large scale or more common infrastructure disruptions Remote Access
Directories LDAP
AD
Traveling Employee
RADIUS
Global Load Balancer
Employee Using a Wireless Hotspot
Day Extender
Employee PDA User
Employee at a Kiosk
Directories LDAP
AD
Extranet Access: Business Partner from any Browser
RADIUS
IT Resources Client/ Server Apps
File Shares
Web Apps
Data Center: Chicago Page 41
Business continuity and remote access go hand in hand, as typical business disruptions result in employees and other users staying away from the office and the local area network (LAN).– Tim Clark, Fact Point Group Sonicwall Seminar 9th June 2011
The Importance of Disaster Recovery Planning
Business Continuity and Disaster Recovery planning is important to any organization – Any unplanned event that is disruptive to the business can prevent employees from getting to what they need – A properly defined Business Continuity plan is often can keep the business operational – It is not just about data center redundancy- it is also about ensuring that employees can keep working from anywhere when the need arises
Page 42
Sonicwall Seminar 9th June 2011
21
The Impact of Not Having a Plan
Productivity
Affected employees will be isolated resulting in reduced productivity
Business Downtime
For major disasters, business may be forced to close as personnel may not be able to reach the workplace
Loss of Confidence
Customers and partners may be unforgiving if their needs are unmet due to business disruptions caused by business downtime
Damage to Reputation
Business downtime and lost confidence by customers/partners may ultimately cause a long term damage or your business reputation
Loss of Revenue!!! Page 43
Sonicwall Seminar 9th June 2011
22