University Takes Control of Its Network SecurityBy Samuel Greengard | Posted 2014-11-05 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Saint Martin's University, a private liberal arts school, takes a focused approach to network control and security, making the IT department more productive.
There's no disputing the threats to today's computer networks. Managing devices and reducing the risk of malware and other problems is a daunting challenge.
At Saint Martin's University, a Lacey, Wash., co-educational private school with about 1,600 students, the focus on security is more than academic: "It's critical that we provide a safe environment for students, faculty and others," says Neal Bullinger, systems administrator for the university.
In the past, the school faced no shortage of security challenges. "There is a lot of malware that goes after personal devices and attempts to steal information," Bullinger says. "Unfortunately, the network access control systems we had in place in the past never provided the level of protection we required. They also didn't keep up with the risks of today's computing environment."
In a world where computer viruses constantly mutate and malware is far more nefarious and dangerous than ever, Saint Martin's University recognized a need to take a more sophisticated approach to network security. "Instead of relying on NACs (network access controls) that have traditionally focused on blocking viruses from infecting computers and keeping the devices safe on the network, we opted to take a different approach," he explains. "We are now focusing on who is on the network and what they are able to do there."
The university turned to a network management and security solution called BICS (Business Infrastructure Control Solution) from Auconet. It enables the school to manage the network and detect devices across routers, switches and endpoints, while providing network administrators a view of the entire infrastructure in real time.
"We realized that we didn't need to be overly concerned about securing devices because the threats do not cross over into our network," Bullinger says. "It's more important to know who is on our network, where they are at and what they are doing."
The Auconet solution has introduced powerful capabilities, according to Sandi Snow, the university's network administrator. The first time a student logs in through the LDAP (Lightweight Directory Access Protocol) server, the system recognizes the MAC (Media Access Control) address and port. The person answers several questions about the device, and the system establishes privileges.
"We don't have to configure switches, we don't have to worry about the unauthorized use of ports," Snow explains. "Everything takes place automatically." The challenges are magnified by foreign students that "plug in all sorts of devices we are not familiar with or know anything about."
In addition, the clientless system detects rogue devices on the network and identifies any anomalies. Network administrators at Saint Martin's University can view granular details about how a device has been used and what port it has accessed at any point in the past. Moreover, the network management system has helped the IT department become more efficient and productive.
"It allows us to conduct detailed troubleshooting without leaving our desk," Snow says. "We now have a switch management system that does NAC remarkably well."
Photo courtesy of Saint Martin's University: Neal Bullinger, systems administrator