Universities in Texas and the UK Protect Networks with Mirage NAC

• By Dian Schaffhauser
• 11/24/08

Two universities, the 29,000-student Texas State University-San Marcos and the 26,000-student University of Birmingham in the United Kingdom, have recently deployed network access control appliances from Mirage Networks to secure portions of their networks.

Texas State implemented the system in its residential network to provide remediation for noncompliant devices and decrease the help desk work load. The university plans to extend deployment to the entire campus in 2009.

"College students bring a wide range of devices into the dorms, posing many threats to the network and creating many IT help desk requests," said Jim Hull, IT assistance center director at Texas State. "However, the Mirage's policy engine allows us to manage traffic of all endpoints and keep them compliant with self-remediation capabilities. This has relieved congestion at our IT help desk and allowed us to keep our residence hall networks running smoothly."

Birmingham selected Mirage's NAC solution to gain control of its growing wireless network, which has 800 access points. Like many academic institutions, the university has seen exponential growth in the demand for wireless services across a multitude of wireless device types. As a result, the university deployed Mirage's agentless NAC solution to address the increasing security risks and lack of visibility associated with activity on its wireless network. The school used the services of Pervasive Networks, a UK-based integrator, to run a proof of concept to identify and analyze its wireless security exposure, which led to the deployment.

"The biggest risk is we don't own student devices and therefore we cannot control the software and services available," said John Turnbull, head of networks for IS. "Within the first few minutes of deploying Mirage we were able to inventory all wireless endpoints and identify both out-of-policy devices and unauthorized endpoint behavior. Gaining the ability to monitor and set thresholds against device compliance and behavior has enabled us to move forward with our long term wireless strategy without jeopardizing our enterprise security."

Both universities purchased Mirage's endpoint control system, which consists of a management server appliance, the M-10; a compliance server appliance, the A-500; and a sensor appliance, the X-2500. The system performs identity-based access control, endpoint compliance checks, threat detection and mitigation, automated policy enforcement, and automated remediation.