Android BYOD Security based on Trusted Network Connect » History » Version 8
Version 7 (Andreas Steffen, 21.02.2013 21:45) → Version 8/32 (Andreas Steffen, 21.02.2013 21:46)
h1. Android BYOD Security based on Trusted Network Connect
An experimental "BYOD version":http://www.strongswan.org/byod/strongswan-byod-1.2.0.apk of the popular "strongSwan Android VPN Client":https://play.google.com/store/apps/details?id=org.strongswan.android allows the collection of integrity measurements on Android 4.x devices. A special Android BYOD IMC written in Java communicates via the TNC IF-M 1.0 Measurement protocol with an Operating System IMV and a Port Scanner IMV. The strongSwan Android VPN Client transports the IF-M messages in IF-TNCCS 2.0 Client/Server protocol batches via the IF-T for Tunneled EAP Methods 1.1 Transport protocol protected by IKEv2 EAP-TTLS.
* "Android VPN client configuration":http://www.strongswan.org/byod/strongswan-config.png
h2. Unrestricted Access (TNC recommendation allow)
* "Successful connection":http://www.strongswan.org/byod/screenshot-01-connected.png
h2. Restricted Access (TNC recommendation isolate)
* "Non-Market-Apps Security Setting":http://www.strongswan.org/byod/screenshot-09-non-market-apps-setting.png Setting":http://www.strongswan.org/byod/screenshot-09-non-market-app-setting.png
* "Install Web Server App":http://www.strongswan.org/byod/screenshot-10-kws-webserver.png
* "Restricted connection":http://www.strongswan.org/byod/screenshot-02-restricted.png
* "Remediation instructions":http://www.strongswan.org/byod/screenshot-03-restricted-remediation.png
* "Detailed remediation instructions":http://www.strongswan.org/byod/screenshot-04-restricted-remediation-details.png
h2. Blocked Access (TNC recommendation block)
* "Start Android Web Server":http://www.strongswan.org/byod/screenshot-08-webserver-active.png
* "Failed connection":http://www.strongswan.org/byod/screenshot-05-failure.png
* "Remediation instructions":http://www.strongswan.org/byod/screenshot-06-failure-remediation.png
* "Detailed remediation instructions":http://www.strongswan.org/byod/screenshot-07-failure-remediation-details.png
An experimental "BYOD version":http://www.strongswan.org/byod/strongswan-byod-1.2.0.apk of the popular "strongSwan Android VPN Client":https://play.google.com/store/apps/details?id=org.strongswan.android allows the collection of integrity measurements on Android 4.x devices. A special Android BYOD IMC written in Java communicates via the TNC IF-M 1.0 Measurement protocol with an Operating System IMV and a Port Scanner IMV. The strongSwan Android VPN Client transports the IF-M messages in IF-TNCCS 2.0 Client/Server protocol batches via the IF-T for Tunneled EAP Methods 1.1 Transport protocol protected by IKEv2 EAP-TTLS.
* "Android VPN client configuration":http://www.strongswan.org/byod/strongswan-config.png
h2. Unrestricted Access (TNC recommendation allow)
* "Successful connection":http://www.strongswan.org/byod/screenshot-01-connected.png
h2. Restricted Access (TNC recommendation isolate)
* "Non-Market-Apps Security Setting":http://www.strongswan.org/byod/screenshot-09-non-market-apps-setting.png Setting":http://www.strongswan.org/byod/screenshot-09-non-market-app-setting.png
* "Install Web Server App":http://www.strongswan.org/byod/screenshot-10-kws-webserver.png
* "Restricted connection":http://www.strongswan.org/byod/screenshot-02-restricted.png
* "Remediation instructions":http://www.strongswan.org/byod/screenshot-03-restricted-remediation.png
* "Detailed remediation instructions":http://www.strongswan.org/byod/screenshot-04-restricted-remediation-details.png
h2. Blocked Access (TNC recommendation block)
* "Start Android Web Server":http://www.strongswan.org/byod/screenshot-08-webserver-active.png
* "Failed connection":http://www.strongswan.org/byod/screenshot-05-failure.png
* "Remediation instructions":http://www.strongswan.org/byod/screenshot-06-failure-remediation.png
* "Detailed remediation instructions":http://www.strongswan.org/byod/screenshot-07-failure-remediation-details.png