Security Sleuths

For three colleges, CDW·G is much more than a security products source-it's an end-to-end solution partner.

Until recently, network security wasn't really a priority for technologists at Barton County Community College (KS). Six years ago, the school didn't even have its network behind a firewall. More recently than that, nearly half of the school's computers lacked basic antivirus protections. However, as security problems mounted, school officials got wiser and purchased a barebones, software-based firewall from Sun Microsystems (www.sun.com). Finally, in 2003, after technologists recognized the limitations of their first firewall, they resolved to find something bigger, better, and bold enough to stop threats cold.

The only problem was the Barton technologists needed to find another solution. At first, Barton Systems Analyst Amy 'elke and Network Analyst Charles Perkins thought about researching strategies on their own. Then they considered firing off requests for proposals (RFPs) to a variety of vendors. Finally, they decided to get some guidance from CDW·G (www.cdwg.com), a wholly owned subsidiary of Vernon Hills, IL-based CDW Corp., specializing in computing solutions to educational institutions and government agencies. The company touts itself as offering expert advice, customer support, competitive pricing, and a vast product list tailored to fit the unique needs of its constituents. 'elke and Perkins felt they should give the company a try.

It was a good call: Representatives from CDW·G's Chicago office flew out immediately and interviewed 'elke and Perkins to determine the college's specific security needs. Once the team determined that the school wanted to stick with a software-based firewall, CDW·G set out to find the product that best matched Barton's needs.

"We were looking for someone who could help us navigate the complicated industry," 'elke says. "What we liked about CDW·G was that we could ask them, 'What are the products other schools are using?' and we knew we were going to get an honest answer."

Eventually, in the summer of 2004, that answer was the VPN-1 Pro from Check Point Software Technologies (www.checkpoint.com). CDW·G representatives suggested the product because it would help Barton technologists manage 14 physical and 31 virtual subnets from a single "dashboard." CDW·G team members say the product further hardened the network by performing stateful packet inspection at the network edge, scanning every bit and byte of traffic for viruses and other security threats. These solid product recommendations were more than enough for 'elke and Perkins who could then go to management to confidently make their case for funding. Within weeks, the duo had secured the funding to get their new security system into place.

Today, utilizing built-in application intelligence in the Check Point software, 'elke and Perkins can identify and block security threats in real time. What's more, the ability to look into each data packet to determine its validity provides another layer of protection and gives Barton's IT team fine-grained control over server requests. Finally, the solution's enhanced VPN and log-in capabilities simplify remote network access, and the new system consumes far less processing power than its predecessor. All in all, Perkins describes the new network as "safer than ever" and credits CDW·G for guiding Barton through some critical choices along the way.

"We are confident that our new security technologies will provide the flexibility to expand our information defenses and address tomorrow's requirements," he says. "Our strategy to combine security products, policies, and vigilance is integral to maintaining a safe and engaging online environment for the Barton community."

Layering Up
At Westminster College (MO), technologists are no strangers to CDW·G. The school has turned to the solution provider quite a bit over the last few years for purchases ranging from cables and supplies, to content management systems and other aspects of network infrastructure. So earlier this summer, it made sense when Network Administrator David Stock decided it was time to invest in better ways of managing network security, he turned to CDW·G for help. Unlike Barton administrators, who wanted a general security solution, Stock was looking for a security tool to meet a particular demand--a tool that would help IT staffers manage security updates across campus.

With no delay, CDW·G representatives came in and set up a pilot program with CleanAccess software from Cisco (www.cisco.com). The product helps customers detect, isolate, and clean infected or vulnerable devices that attempt to access the network. At Westminster, the tool would be used specifically to manage updates to Microsoft (www.microsoft.com) operating systems and McAfee (www.mcafee.com/us) Virus Scan antivirus products. Stock tried the product and loved it. The following week, CDW·G lined up a series of conference calls between Westminster and the vendor to make sure all the school's questions were answered.

"It was amazing to me how quickly this whole thing came together," says Stock, who notes that the implementation began in earnest on Aug. 1 and was complete by Aug. 5. "We needed it fast and CDW·G delivered."

Under the new system, all users must install a CleanAccess desktop client before they are granted access to the public internet. With the help of two servers on the back end, the technology automatically pushes updates to the client machines, ensuring that no computers accessing the network present security risks of any kind. Stock says the new protocol enables his IT team to enforce network-use policies without having dedicated staff members monitoring student activities. He adds that the setup is just about the only way he and Westminster technologists could enforce campuswide security policies on computers they don't own.

In just a few short weeks, the new system already has paid huge dividends. In years past, the first few weeks of school were harrowing for staffers on the Westminster help desk; troubleshooters worked 12- and 14-hour days answering questions from students about updates they missed during the summer months. This year, however, Stock says the calls slowed to a trickle, with only five calls for every 175 students. The initial rollout of CleanAccess has had such an impact that Stock says he's already working with CDW·G representatives to research what other kinds of policies the technology can administer.

"I had no idea this would work so well," he says. "The way I see it, the possibilities for what happens next are endless."

Switching Gears
While Barton and Westminster already have wrapped up their security makeovers, Houston Community College (TX) is just getting started. There, J'e DiFlavio, information technology project coordinator, is overseeing a complete network redesign that incorporates switches from Enterasys Networks (www.enterasys.com) to harden security. DiFlavio didn't engineer the project on his own; because the switch market is crowded with so many players, he turned to CDW·G for guidance on the most appropriate and cost-effective switches and on installation techniques that would save time and money. In the end, the group chose Enterasys and worked to phase in new switches while they phased out the old ones.

This all began in the summer of 2004. Houston had been hit with a number of viruses that year, and board members recognized that they needed to address security issues by improving the security of the network infrastructure itself. The board called upon CDW·G for a primer on the switch market and quickly learned that Enterasys switches would provide requisite security at a fraction of the cost of some of the other products. Better still, CDW·G representatives convinced DiFlavio and his colleagues that the switches from Enterasys could be used on the front end of the network and could be painlessly incorporated with existing Cisco routers.

"The ability for Cisco and Enterasys to work together was critical," DiFlavio says. "I'm not sure we would have even known it was possible without the right kind of guidance."

At first, getting the devices from competing vendors to work together proved to be difficult. Due to differences in the operating systems, the Cisco switches weren't communicating with their Enterasys counterparts, slowing traffic to a crawl. But, following the implementation, CDW·G team members stayed on campus to help Houston technologists troubleshoot the situation. At one point, CDW·G even called in an engineer from Enterasys to take a look. Finally, after days of work, group members resolved the problem. Today, information flows smoothly around the campus network, from Cisco switches to Enterasys switches and back again.

Still, according to DiFlavio, the job of upgrading and redesigning the Houston network is far from complete. With only 30 percent of the conversion finished, CDW·G will return after Sept. 1 to help school technologists navigate other projects. Because Houston Community College has more than 30 campuses spread out over a 30-mile radius, the school has literally thousands of network nodes, and DiFlavio is concerned that these specifications may create new and different challenges down the road. No matter; DiFlavio feels he can always call upon CDW·G for assistance, whether the job is implementing stronger switches or purchasing printers and digital cameras.

"They're a true advocate," he says. "In the cutthroat environment of today, we simply can't get any better than knowing that [CDW·G is] on our side."

Perhaps this same sentiment is what keeps higher education customers across the board interested in CDW·G. According to CDW·G Solutions Architect Imran Abbas, "Each situation with higher education is different, and we see each opportunity individually so that we can propose a solution based upon customer requirements. We call ourselves 'technical advisors,'" he says, "and I don't think anything could be closer to the truth."

comments powered by Disqus

Campus Technology News

Sign up for our newsletter.

I agree to this site's Privacy Policy.