Security Sleuths
For three colleges, CDW·G is much more than a security products source-it's
an end-to-end solution partner.
Until recently, network security wasn't really a priority for technologists
at Barton County Community College (KS). Six years ago, the school didn't
even have its network behind a firewall. More recently than that, nearly half
of the school's computers lacked basic antivirus protections. However, as security
problems mounted, school officials got wiser and purchased a barebones, software-based
firewall from Sun Microsystems (www.sun.com).
Finally, in 2003, after technologists recognized the limitations of their first
firewall, they resolved to find something bigger, better, and bold enough to
stop threats cold.
The only problem was the Barton technologists needed to find another solution.
At first, Barton Systems Analyst Amy 'elke and Network Analyst Charles Perkins
thought about researching strategies on their own. Then they considered firing
off requests for proposals (RFPs) to a variety of vendors. Finally, they decided
to get some guidance from CDW·G (www.cdwg.com),
a wholly owned subsidiary of Vernon Hills, IL-based CDW Corp., specializing
in computing solutions to educational institutions and government agencies.
The company touts itself as offering expert advice, customer support, competitive
pricing, and a vast product list tailored to fit the unique needs of its constituents.
'elke and Perkins felt they should give the company a try.
It was a good call: Representatives from CDW·G's Chicago office flew out immediately
and interviewed 'elke and Perkins to determine the college's specific security
needs. Once the team determined that the school wanted to stick with a software-based
firewall, CDW·G set out to find the product that best matched Barton's needs.
"We were looking for someone who could help us navigate the complicated
industry," 'elke says. "What we liked about CDW·G was that we could
ask them, 'What are the products other schools are using?' and we knew we were
going to get an honest answer."
Eventually, in the summer of 2004, that answer was the VPN-1 Pro from Check
Point Software Technologies (www.checkpoint.com).
CDW·G representatives suggested the product because it would help Barton
technologists manage 14 physical and 31 virtual subnets from a single "dashboard."
CDW·G team members say the product further hardened the network by performing
stateful packet inspection at the network edge, scanning every bit and byte
of traffic for viruses and other security threats. These solid product recommendations
were more than enough for 'elke and Perkins who could then go to management
to confidently make their case for funding. Within weeks, the duo had secured
the funding to get their new security system into place.
Today, utilizing built-in application intelligence in the Check Point software,
'elke and Perkins can identify and block security threats in real time.
What's
more, the ability to look into each data packet to determine its validity provides
another layer of protection and gives Barton's IT team fine-grained control
over server requests. Finally, the solution's enhanced VPN and log-in capabilities
simplify remote network access, and the new system consumes far less processing
power than its predecessor. All in all, Perkins describes the new network as
"safer than ever" and credits CDW·G for guiding Barton through some
critical choices along the way.
"We are confident that our new security technologies will provide the
flexibility to expand our information defenses and address tomorrow's requirements,"
he says. "Our strategy to combine security products, policies, and vigilance
is integral to maintaining a safe and engaging online environment for the Barton
community."
Layering Up
At
Westminster College (MO), technologists are no strangers to CDW·G.
The school has turned to the solution provider quite a bit over the last few years
for purchases ranging from cables and supplies, to content management systems
and other aspects of network infrastructure. So earlier this summer, it made sense
when Network Administrator David Stock decided it was time to invest in better
ways of managing network security, he turned to CDW·G for help. Unlike Barton
administrators, who wanted a general security solution, Stock was looking for
a security tool to meet a particular demand--a tool that would help IT staffers
manage security updates across campus.
With no delay, CDW·G representatives came in and set up a pilot program
with CleanAccess software from Cisco (www.cisco.com).
The product helps customers detect, isolate, and clean infected or vulnerable
devices that attempt to access the network. At Westminster, the tool would be
used specifically to manage updates to Microsoft (www.microsoft.com)
operating systems and McAfee (www.mcafee.com/us)
Virus Scan antivirus products. Stock tried the product and loved it. The following
week, CDW·G lined up a series of conference calls between Westminster and the
vendor to make sure all the school's questions were answered.
"It was amazing to me how quickly this whole thing came together,"
says Stock, who notes that the implementation began in earnest on Aug. 1 and
was complete by Aug. 5. "We needed it fast and CDW·G delivered."
Under the new system, all users must install a CleanAccess desktop client before
they are granted access to the public internet. With the help of two servers
on the back end, the technology automatically pushes updates to the client machines,
ensuring that no computers accessing the network present security risks of any
kind. Stock says the new protocol enables his IT team to enforce network-use
policies without having dedicated staff members monitoring student activities.
He adds that the setup is just about the only way he and Westminster technologists
could enforce campuswide security policies on computers they don't own.
In just a few short weeks, the new system already has paid huge dividends.
In years past, the first few weeks of school were harrowing for staffers on
the Westminster help desk; troubleshooters worked 12- and 14-hour days answering
questions from students about updates they missed during the summer months.
This year, however, Stock says the calls slowed to a trickle, with only five
calls for every 175 students. The initial rollout of CleanAccess has had such
an impact that Stock says he's already working with CDW·G representatives to
research what other kinds of policies the technology can administer.
"I had no idea this would work so well," he says. "The way I
see it, the possibilities for what happens next are endless."
Switching Gears
While Barton and Westminster already have wrapped up their security makeovers,
Houston Community College (TX) is just getting started. There, J'e DiFlavio,
information technology project coordinator, is overseeing a complete network redesign
that incorporates switches from Enterasys Networks (
www.enterasys.com)
to harden security. DiFlavio didn't engineer the project on his own; because the
switch market is crowded with so many players, he turned to CDW·G for guidance
on the most appropriate and cost-effective switches and on installation techniques
that would save time and money. In the end, the group chose Enterasys and worked
to phase in new switches while they phased out the old ones.
This all began in the summer of 2004. Houston had been hit with a number of
viruses that year, and board members recognized that they needed to address
security issues by improving the security of the network infrastructure itself.
The board called upon CDW·G for a primer on the switch market and quickly learned
that Enterasys switches would provide requisite security at a fraction of the
cost of some of the other products. Better still, CDW·G representatives convinced
DiFlavio and his colleagues that the switches from Enterasys could be used on
the front end of the network and could be painlessly incorporated with existing
Cisco routers.
"The ability for Cisco and Enterasys to work together was critical,"
DiFlavio says. "I'm not sure we would have even known it was possible without
the right kind of guidance."
At first, getting the devices from competing vendors to work together proved
to be difficult. Due to differences in the operating systems, the Cisco switches
weren't communicating with their Enterasys counterparts, slowing traffic to
a crawl. But, following the implementation, CDW·G team members stayed on campus
to help Houston technologists troubleshoot the situation. At one point, CDW·G
even called in an engineer from Enterasys to take a look. Finally, after days
of work, group members resolved the problem. Today, information flows smoothly
around the campus network, from Cisco switches to Enterasys switches and back
again.
Still, according to DiFlavio, the job of upgrading and redesigning the Houston
network is far from complete. With only 30 percent of the conversion finished,
CDW·G will return after Sept.
1 to help school technologists navigate other
projects. Because Houston Community College has more than 30 campuses spread
out over a 30-mile radius, the school has literally thousands of network nodes,
and DiFlavio is concerned that these specifications may create new and different
challenges down the road. No matter; DiFlavio feels he can always call upon
CDW·G for assistance, whether the job is implementing stronger switches or purchasing
printers and digital cameras.
"They're a true advocate," he says. "In the cutthroat environment
of today, we simply can't get any better than knowing that [CDW·G is] on our
side."
Perhaps this same sentiment is what keeps higher education customers across
the board interested in CDW·G. According to CDW·G Solutions Architect Imran
Abbas, "Each situation with higher education is different, and we see each
opportunity individually so that we can propose a solution based upon customer
requirements. We call ourselves 'technical advisors,'" he says, "and
I don't think anything could be closer to the truth."