Eurodata Systems plc

Secure Access using IAG 2007Presented by: Brian Dunleavy - Healthcare Business Manager - EurodataSusanna Watson Pre Sales Technical Consultant - EurodataOliver Chandler Infrastructure Manager Bedford Hospital NHS Trust

1

AgendaEurodata Introduction Why use the Microsoft IAG 2007 Gateway?Benefits of the IAG 2007 solutionWhat Makes Microsofts Application Access and Security Technology Unique? Architecture of an IAG 2007 based solutionDemonstration of IAG in use at Bedford Hospital NHS TrustQ&A

Agenda or intro slide for your pitch2Core Infrastructure focus Better Health offeringExcellent understanding of NHS operational requirements40 NHS reference sites across UKN3 Code of Connection in place for supportEurodata introduced Whale Communications (Now IAG) into UK marketOver 100 IAG implementations across all sectorsMicrosofts Partner of the year 2008; Security Solutions Based upon Essex Rivers Healthcare solution success

Eurodata NHS Focus

Customers in NHS

Customers

These are customers from wide spectrum of industry sectors case studies are available on www.eurodatasystems.com under Case Studies4

Ensure the integrity and safety of network and application infrastructure by blocking malicious traffic and attacks

Comprehensive policy enforcement drives compliance with legal and business guidelines concerning access to sensitive dataThe IAG provides SSL-based application access and protection with endpoint security management, enabling granular access control and content inspection from a broad range of devices and locations to line-of-business, intranet, and client-server resources.

Control Access

Safeguard Information

Protect Assets

Secure, browser-based access to corporate applications and data from more locations and more devicesWhat is Intelligent Application Gateway?

Microsoft Forefront11/25/2008 11:59 AM2006 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.5Forefront Where does IAG 2007 fit?

Client and Server OSServer Applications

Edge

Trust could benefit from offering employees remote access to their applications and informationYour current systems are inflexible (IP SEC etc)You want to reduce remote access costs (CfH centrally funded IAG 2007 User CALs)Security is important to your organisationYou are creating or updating your organizations DR or BC plansYou have a Microsoft based infrastructure strategy and are looking further invest in this.....Why Trusts consider the Microsoft SSL VPN Gateway?

IAG Customers in NHS

Customers

These are customers from wide spectrum of industry sectors case studies are available on www.eurodatasystems.com under Case Studies8Security

Full endpoint security and rich client-side policy compliance enginePhysical disconnection between the Internet and internal networksProtection against network and operating system vulnerabilitiesReduction of reliance on patching to protect both the SSL VPN platform and internal servers from outside threatsIAG 2007 offers a comprehensive set of features, including:

How is security applied?

Flexibility

Granularity of access controls based on user & access device - even within applications. Native integration to RADIUS, LDAP, Microsoft Active Directory, Windows Networks, Novell Directory and File Shares, Client Certificate, RSA SecurID and Strong Authentication tools. Ability to support multiple virtual SSL VPNs on a single appliance. A remote access platform that can extend remote access beyond employees to vendors, partners, contractors, customers

Management and Control

The Microsoft IAG solution allows secure web-based monitoring from anywhere.

IAG 2007 offers a comprehensive set of features, including:

Application Intelligence

Out-of-the-box functionality in pre-configured modules that incorporate application-specific positive logic to protect back-end servers while allowing granular security policies based on client-machine state. Support for complex enterprise applications without requiring a component download to the client, or without opening a risky network-level connection. Highly granular endpoint compliance checks updated to mitigate the latest security threats. Technology to enforce client-side compliance policies within applications (e.g. "Can't wipe, can't download" or "No antivirus, no upload" or Run a specific application from company-owned machines only while allowing the rest of the respective applications to function normally). Microsofts technology offers a comprehensive set of features, including:

End-User Experience

Intuitive User Interface with familiar Windows-like feel. Internet Explorer taskbar for easy navigation; no random pop-up windows. Non-intrusive timeouts and periodic re-authentication (users will NOT lose work due to time outs). Single Sign On (SSO) enables collection of all credentials up-front and users are not re-prompted during the current session. SSO for NTLM, form-based, PKI, and Basic Authentication schemes is supported. Remote password management including both the ability to change passwords via the SSL VPN.Microsofts technology offers a comprehensive set of features, including:

IAG 2007 Topology

IAG works with more applications at the application level and offers stronger security than any other SSL VPNcan serve as an access platform even for partners who many not be accessing internal resources from trusted endpointsAttachment wiper to prevent residue on access deviceIAG offers a greater level of granularity and flexibilityas a result delivers access in many situations where, in order to enforce security, other SSL VPNs block accessAbility to access information not block it!Users prefer the Microsoft product over competing solutionssince the user experience can be fully customized to look and function the way they want it toOther SSL VPNs limit customization to colour preferences, bookmarks and the like, while IAG allows the entire user experience to be customizedSupport for NHS SmartcardsUsed to access Spine enables PACSIntegration with MOSS 2007IAG 2007 is customised to work seamlessly with MOSS 2007 platformCSIA claims tested markGovernment approved platformWhat Makes Microsofts Application Access and Security Technology Unique?

B - Background Information2,500 users130 serversAD 2008 Servers (Single Sign On with Terminal Server 2008)Exchange 2003SMS 2003ISA 2005 IAG 2007

Over 250 users ActiveSync usersAll with different requirements accessing the below services:-PACS (AGFA 6.2.1)General file accessEmail (web and full client)Support (for 3rd parties)Web based applications (National and Local)Roaming usersTerminal Services

- why and who uses it?

Next StepsBetter Health literatureCase StudyDemonstration

Brian DunleavyNHS Business Manager

t : 0207 549 3045e : brianD@eurodatasystems.comwww.eurodatasystems.com/healthcare