2006 Campus Technology Innovators: Security

2006 Campus Technology Innovators

TECHNOLOGY AREA: SECURITY
Innovator: Sinclair Community College

 


 

Challenge Met

Every college and university faces the challenge of balancing the need for an open, collaborative campus network with the need for security. Most networks, including wireless ones, allow the user unrestricted access once the connection is made. That’s a growing challenge for campuses, where students, faculty, and staff often share parts of the network with visitors and the public. At Sinclair Community College in Dayton, OH, the IT Services team addressed the network security issue by developing a unique, sophisticated strategy for a secure LAN.

In a twist that lowered costs, Scott McCollum, director of information technology services, also arranged a partnership with a Dayton-area free wireless services provider, HarborLink Network. The setup allows Harborlink’s network to access the college’s secure wireless access over the same equipment. This benefits both the college and the wireless partner: Sinclair can offer additional wireless services and coverage areas at no cost, using its secure LAN system; Harborlink, in turn, gains additional exposure and customers. Harborlink also paid for all of the access points and controllers for expanding the wireless network. The end result: “Every person that uses the college’s network, including students, faculty, and staff, as well as attendees of seminars and workshops hosted in the corporate and community training facility, is a beneficiary of the secure computing environment,” McCollum says.

How They Did It

Sinclair’s secure LAN strategy works by building intelligence into network devices themselves, allowing the devices to limit the type of communication they will forward. Limitations can vary based on device type and user, putting the control of network security firmly into the hands of the college, rather than leaving the network at the mercy of any device that connects to the network.

The secure network provides three levels of access, depending on both user type and device. Level 1 access, the highest, requires that the user log in with a Sinclair user name and password, through a college-owned laptop or tablet PC with the Sinclair administrative image on it. Level 2 is web-only access, for users with a Sinclair user name and password, but another type of device, such as a PDA, smart phone, or personal laptop. Level 3 grants web-only access to guests; no login is required, and any type of device can be used. By restricting access based on both user credentials and device type, Sinclair can make its network available to a range of users,while still enforcing tight network security.

Sinclair developed the secure LAN strategy with security system integrator Blue Spruce Technologies.The college chose Blue Spruce because many Blue Spruce staff members were former employees of Enterasys Networks, a network company that had provided much of Sinclair’s existing infrastructure and tools.

Existing technologies Sinclair used that helped the college meet its project goals included:

  • Enterasys Matrix E7/N7 Switches, XPedition 8600 Routers, Dragon IDS, and NetSight Atlas Management Suite (consisting of Atlas Console, Inventory Manager and Policy Manger)
  • McAfee VirusScan and ePolicy Orchestrator
  • Altiris Client Management Suite
  • Microsoft Windows Server Update Services Additional technologies implemented to meet the plan requirements included:
  • Enterasys NetSight Automated Security Manager
  • Microsoft Internet Authentication Server
  • Cisco Systems Clean Access Server, 4400 Series Wireless LAN Controllers, and lightweight wireless access points

Next Steps

All 20 campus buildings are protected by the secure network strategy so far, and the college is in the process of rolling out an authentication process. The IT group has implemented the full plan on network switches that support five of the college’s buildings, including a newly opened learning center.

Advice

McCollum recommends implementing the network infrastructure changes in phases, in order to test each change in turn. At Sinclair, the result has been an increasingly secure network that protects all users at every level from network-borne threats.

Featured

  • glowing blue nodes connected by thin lines in an abstract network on a dark gray to black gradient background

    Report: Generative AI Taking Over SD-WAN Management

    In a few years, nearly three quarters of network operators will use generative AI for SD-WAN management, according to a new report from research firm Gartner.

  • abstract pattern with interconnected blue nodes and lines forming neural network shapes, overlaid with semi-transparent bars and circular data points

    Data, AI Lead Educause Top 10 List for 2025

    Educause recently released its annual Top 10 list of the most important technology issues facing colleges and universities in the coming year, with a familiar trio leading the bunch: data, analytics, and AI. But the report presents these critical technologies through a new lens: restoring trust in higher education.

  • abstract image representing AI tools for reading and writing

    McGraw Hill Introduces 2 Gen AI Learning Tools

    Global education company McGraw Hill has added two new generative AI tools to help personalize learning experiences for both K–12 and higher ed students, according to a news release.

  • abstract image of fragmented, floating geometric shapes with holographic lock icons and encrypted code, set against a dark, glitchy background with intersecting circuits and swirling light trails

    Education Sector a Top Target for Mobile Malware Attacks

    Mobile and IoT/OT cyber threats continue to grow in number and complexity, becoming more targeted and sophisticated, according to a new report from Zscaler.