Back-to-School Supplies for Secure Campus Networks
- By Jason Turcotte
- August 29, 2006
Each fall -- before ever stepping foot on campus -- students carry computers
infected with viruses or Trojans that act as a vehicle for spam-inflicting botnets.
While these attacks simply mire the networks, they also make schools vulnerable
to debilitating attacks. IT professionals at schools such as Wesleyan University,
LaSalle University, City University of New York (CUNY), Hofstra University,
Princeton University and Brown University are utilizing some relatively new
technologies to safeguard their networks.
Since the 2005-06 school year, use of Cisco Clean Access (a network admission
control product) has been a requirement of students using the network at Philadelphia's
LaSalle University. Once each student implements Clean Access, it examines the
computer and installs the most up-to-date security software. It punishes users
violating the school's security policies by blocking, isolating and repairing
"They're not allowed on the student network until all those requirements
are met," said Jeff Leisse, a software specialist at LaSalle.
The results are garnering some acclaim. Leisse says since the new software
measure was implemented, the University has had no serious virus problems and
the IT department has had to disconnect fewer student users from the network.
"We were experiencing a lot of network slowness throughout the school
year, so instead of buying a higher bandwidth, we went with Clean Access,"
Leisse said. "It had both to do with getting ahead of the game and alleviating
some of the downtime."
scans systems for anti-virus updates and provides critical patch updates to
Windows and registry settings. The software also allows the network to partially
or fully restrict access for a user, depending on the hazard level and the type
of security threats located within a computer.
Another cause for booting students from the network was viruses carried through
spam mail. The University had been using SpamJam, but Leisse said the software
brought a host of problems to the network, including issues with "false
positives" (legitimate e-mail deemed spam) through the software. E-mails
were often trapped under quarantine and it took students up to five minutes
to gain access to that box. Leisse also blames the software for the high number
of spam e-mails landing in inboxes.
Last year the school switched to Proofpoint
software, which Leisse says blocks spam more effectively, requires little configuration
and automates the anti-virus upgrade process. It also detects when a user sends
spam or viruses outside of the network, but Leisse says that has yet to happen
A third strategy, new this year at LaSalle, is a school laptop program. All
incoming and returning students are eligible to purchase a discounted laptop
from the school's IT department. These systems are specially configured
by IT staff to automate security updates, meaning students need only access
the security software once for their initial log-in.
Whichever solutions a school's IT department settles with, their days
of summer planning are numbered and students are just a few keyboard strokes
away from introducing some very real network threats.
Jason Turcotte is an assistant editor at Application Development Trends, online at ADTmag.com.