Taking Command of the Campus Network

In an attempt to protect its computer network, Dominican University spent years looking for the right security solution. The Illinois university's new approach, spurred by a virus outbreak originating in the residence halls, validates all computers attempting to connect to the network and requires students to view an approve the school's computer security policy.

Dominican University's IT security woes started about seven years ago, when a virus outbreak compromised its computer network. In the throes of student move-in that year, several viruses breached the River Forest, IL university's firewall via infected equipment that was brought on campus by students.

"Everything was fine until move-in weekend, when several residents physically 'walked around' our firewall and introduced viruses to the network," said Jill Albin-Hill, CIO. "At the time, we had no networking protection in place for non-university-owned equipment." Students were allowed to plug into the network in their dorms, obtain an IP address, and begin using their computers.

The IT team's first response to the outbreak involved updating individual machines with any missing software patches and running the repair tools for the specific viruses. "It was a significant effort," said Albin-Hill. "In fact, it's hard to think about how long we spent that semester fixing machines and teaching students how to update their own computers against the newest viruses."

Once the virus outbreak was under control, the university's IT team began thinking ahead to the upcoming move-in date, hoping to ward off another infiltration of the university's computer network. The solution it came up with was not only time-consuming, but also ineffective over the long term.

"We thought we could get in front of it by having students check their machines in with our department as they moved in," said Albin-Hill. "We had this brilliant idea to work through move-in weekend--and at other times--to verify every one of those machines to make sure they were updated and protected." Once those checks were performed satisfactorily, the students' in-room network connections were enabled.

Albin-Hill said eight IT team members worked overtime on move-in weekend, only to have the strategy fail on them about two weeks later when new viruses were introduced to the machines. "We were having problems by the middle of the semester," she recalled. "Even with all the checking in the world at the start of the school year, the students weren't keeping their machines up to date."

Back at square one, Dominican University's IT team sought out a better way to protect its network, while still allowing students the freedom to use their own computers and devices in the residence halls. After shopping around, it selected Cisco's Clean Access Agent to provide the networking authentication that the school required.

"We spent quite a bit of money on that solution, and on training for our technicians, but it was still just a stopgap for us," said Albin-Hill. "It fixing the machines upon the students themselves; we soon realized that the exercise was pretty complicated for them."

Those complications inevitably ended up on the shoulders of the IT department, which from 2005-2008 spent much time working on individual laptops and computers, both at the beginning of each semester and throughout the school year. On a positive note, the automated system helped the IT department reduce the number of hours spent working on such issues from 320 per month to 150 every month.

When it came time to upgrade the authentication system in 2008, Albin-Hill decided to look for an alternative. Three options were evaluated by her IT team, which chose the Safe Connect network access control system for what would hopefully end the school's 7-year-long struggle with network security.

The inline device was installed on the school's network, which includes defined, "public" areas and the WiFi that's available in its residence halls. To access the network with non-university-owned equipment requires authentication by the access control system, which intercepts and monitors all traffic. "You either get an IP address, or a message saying your computer needs to be checked," said Albin-Hill.

The first time a student attempts to connect to the network, the system spends several minutes checking the machine to ensure that its antivirus software is up to date, signature files are updated, and Windows updates are installed. Students then view and approve a copy of the school's IT security policy, and obtain an IP address to access the network. To avoid delays during the initial checks, the system can also issue "temporary" IP addresses, which expire after a certain period of time.

As an added measure, the university's student handbook and IT policy were updated to reflect the fact that students must have the appropriate antivirus software and updates installed on their equipment. "It's now part of our student code of conduct," said Albin-Hill. "We have judicial procedures to follow if someone is in violation."

So far, the network security solution is working well for Dominican University, whose IT team spent just 60 total hours working with residents to set up their computers on campus (compared to 320 per month in 2005). Drop-in appointments average about five to 10 minutes each (compared with 20 minutes or higher in prior years), with much of the work handled in a self-service lab set up in the IT department.

"Students have become more responsible overall for their own machines, which further reiterates the educational component," said Albin-Hill, "and helps everyone be good computer users."

About the Author

Bridget McCrea is a business and technology writer in Clearwater, FL. She can be reached at [email protected].

Featured

  • open laptop in a college classroom with holographic AI icons like a brain and data charts rising from the screen

    4 Ways Universities Are Using Google AI Tools for Learning and Administration

    In a recent blog post, Google shared an array of education customer stories, showcasing ways institutions are using AI tools like Gemini and NotebookLM to transform both learning and administrative tasks.

  • illustration of a human head with a glowing neural network in the brain, connected to tech icons on a cool blue-gray background

    Meta Launches Stand-Alone AI App

    Meta Platforms has introduced a stand-alone artificial intelligence app built on its proprietary Llama 4 model, intensifying the competitive race in generative AI alongside OpenAI, Google, Anthropic, and xAI.

  • three main icons—a cloud, a user profile, and a padlock—connected by circuit lines on a blue abstract background

    Report: Identity Has Become a Critical Security Perimeter for Cloud Services

    A new threat landscape report points to new cloud vulnerabilities. According to the 2025 Global Threat Landscape Report from Fortinet, while misconfigured cloud storage buckets were once a prime vector for cybersecurity exploits, other cloud missteps are gaining focus.

  • Stylized illustration showing cybersecurity elements like shields, padlocks, and secure cloud icons on a neutral, minimalist digital background

    Microsoft Announces Security Advancements

    Microsoft has announced major security advancements across its product portfolio and practices. The work is part of its Secure Future Initiative (SFI), a multiyear cybersecurity transformation the company calls the largest engineering project in company history.