The Advanced Mobility Academic Research Center (AMARC) hosted a Citrix Technical Exchange on July 18 at The Hamilton in Washington, D.C. Faisal Faisal Iqbal, Director of Systems Engineering, U.S. Public Sector for Citrix spoke at the event, which featured a Digital Government Strategy panel with Anil Karmel (NNSA), Brad Nix (USDA FNS) and Dan Mintz (AMARC).
1. Director – Systems Engineering, US Public Sector
Faisal.Iqbal@citrix.com
@virtfaisal
Future of Fed Mobility
Enabling productivity through
Mobility, Telework, BYOD and DCC
Faisal Iqbal
2. State of Federal Mobility
BYO
55%
Employees
Basic Security
1/3
Employees
Unsecured Data
42%
Employees
Productivity
28B
Source: MWE Digital Dilemma 2013 Report
3. Driving towards Federal Mobility
DOD Mobility Strategy and Implementation Plan
“Establish a mobile device management service”
“Promote the Development and use of DOD Mobile and
Web-enabled Applications”
“Provide an enterprise mobile application environment”
DGS Milestone 9.1
Develop government-wide mobile and wireless security baseline
(includes security reference architectures.)
DHS/DoD/NIST
4. OPM 2012 Telework Status Report
http://www.telework.gov
• All 87 agencies participating in the
Data Call had established telework
policies
• Approximately 32 percent of all
federal employees deemed eligible
• 27 percent of teleworkers worked
remotely three or more days per
week
“Not all managers are comfortable directing employees who telework”
5. Fed CIO Council’s BYOD Toolkit
http://www.whitehouse.gov/digitalgov/bring-your-own-device
“…guidance based on lessons learned from successful BYOD programs launched
at forward-leaning agencies. ”
7. App + Desktop Virtualization
Delivering hosted Windows Apps and Desktops
SSL 011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101 SSL SSL 1011011010 SSL
APPS
DATA
USER PROFILE
OS
Any networkUniversal
client
Any Datacenter
or Cloud
FIPS 140-2
SSL DMZ Proxy
8. People-centric and use case driven
Mobilizing
Windows
Apps
GIS and
3D
workloads
BYO
laptop and
device
Remote
Access
Thin/Zero
Client
Computing
11. Remote PC Access
Secure Remote access to your work computer
SSL 011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101 SSL 1011011010 SSL 101101101
Any networkUniversal
client
Any Thick PCFIPS 140-2
SSL DMZ Proxy
12. • Platform unification
• HDX Mobile
• Integrated Monitoring
• Unified App Store
• Fully PIV-compatible
13. 2 purpose-built consoles
Studio
• Automated workload
provisioning
• Automatic app publishing
• Custom delegated
administration
Director
• Real-time assessment
• Site health and performance
• EdgeSightTM User Experience
Analytics
14. High definition experience on any device
Efficient bandwidth utilization
Advanced quality of service
Cross-continent latency tolerance
Industry leading peripheral support
Real-time voice and multimedia
optimization
Point to point unified communications
15. Virtualized 3D workstation
GPU accelerated 3D graphics
15
• Industry First vGPU solution
• Full OpenGL and DirectX Support
• Fluid experience with full screen
3D apps
• 50% reduction in bandwidth
requirements
18. How Federal Mobility Feels Today
IA Perspective
Mobile makes security and
compliance harder. Too many
tools are required to manage it.
User Perspective
Mobile can do so much for
my life, why can’t it do more
for my agency?
19. Federal Mobile Security
• "Specifically, the Army CIO did not
appropriately track CMDs and was
unaware of more than 14,000 CMDs
used throughout the Army”
• ”Army also failed to ensure its
commands properly configured
devices to store protected
information and to use a mobile
device management application to
do so.”
20. • Balance security with mobility access
• Government data leakage
• Delivery to multiple mobile platforms
• Secure authentication (smartcard, two-factor)
• BYOD, GOPE…security, compliance, mgmt
• Dual Persona
Federal Mobility Challenges
21. A complete stack for
managing and
securing apps, data,
and devices
App Management
Device Management
Data Management
23. MDX
App Vault
Secure container
that enables app and
data containment,
wipe and lock
MDX
Access
Secure access to
Intranet resources
via Micro-VPN
MDX
InterApp
Trusted application
communication
fabric
Container-Based Mobile App Management
24. • Secure mobile browser
• Internal web app access
• URL black/whitelists
• Mail, calendar, contacts
• Enterprise class security
• Beautiful native-like experience
• Secure file sharing & sync
• Mobile content editing
• SharePoint & network files
Sandboxed email, browser and document
sharing apps
25. Enterprise-enable any mobile app with the
Worx App SDK
• Simple and powerful SDK
• Enabled through a single line of code
• Apps can be wrapped post-development
• Controls like:
ᵒData encryption
ᵒAuthentication
ᵒSecure lock and wipe
ᵒInter-app policies
ᵒMicro VPNs
Any app can be a Worx app
28. Data Center Consolidation Case Study
Server Virtualization
• Reduced Power consumption by 83%
• $472k annual operational savings
• Improved capacity and performance
by 300%
“The primary TTB BYOD lesson learned is to avoid allowing data to touch the personal device. Having all data, settings and processing in a central location and using the BYOD device simply as a viewer significantly simplifies the legal and policy implications”