Network Access Control | News
Eastern Illinois U Cuts User Complaints with NAC Overhaul
- By Dian Schaffhauser
Eastern Illinois University has reported a 70 percent reduction in help desk calls a year after switching network access control applications. The Charleston-based institution moved off of a legacy edition of Cisco Clean Access and onto Impulse Point's Safe Connect to manage network access for 11,000 students and 9,000 network devices.
Prior to the switch, a survey of students showed a high level of frustration with some technical aspects of Clean Access, such as an inability to locate antivirus patches and then being forced off the network. Safe Connect grants students a "grace period" to install patches and correct infections on their machines before being kicked off.
"The big improvement we found was the interface," said Network Engineer Randy Ethridge. "The screens that students see when they go to quarantine will actually work, so the link that shows up on the screen to remediate a problem will actually send them to the place they need to go. Clean Access pretty much just told you that you were blocked."
Also, the prior program in use required students to reauthenticate their computers weekly. Students using gaming devices were required to log onto a Web page to register their hardware devices and wait to have their media access control identifier approved manually. Safe Connect recognizes hardware automatically, reducing wait times.
When a student does require technical support, the newer program allows the technician to see the screen of the computer in quarantine, simplifying the job of identifying what needs to be updated or repaired.
Recently, the university used Safe Connect to put in place a more secure procedure to provide wireless access to campus guests during conferences. University faculty and staff are required to download a Safe Connect key and then log in with their institutional username and password to obtain wireless network access. For guest access the IT staff provides a one-time login and password whose start and expiration coincides precisely with the beginning and ending of the event and that can be distributed to attendees by the conference organizer.
"This is a way to enable people to access wireless through Safe Connect if they are unable to install the Safe Connect key on their laptop," said Brian Murphy, ITS associate director of technical support/campus technology. "It is preferred that guests go through Safe Connect and self-register, but if they are unable to do so, this allows them temporary access."
Until the authentication procedure was implemented, Eastern's wireless network was wide open and accessible to any laptop user that could find it.
Dian Schaffhauser is a writer who covers technology and business for a number of publications. Contact her at email@example.com.