NETWORK PROFILE
More than 22,600 registered system users including wired/wireless laptop, mobile, and PC and Macintosh; 20,000 full-time, part-time, and distance-learning students; 4,000 employees on the main campus.
CHALLENGES
When the Blaster and Nachi viruses struck nearby Michigan State University in August of 2003, the IT team at Central Michigan University (CMU) proactively shut down their own residence hall network, burned more than 1,600 CDs containing all the latest Windows patches and the campus’ site-licensed anti-virus package, and used an army of student technicians to distribute information about cleaning and patching systems to students across campus.
Once 75 percent of residence hall rooms had been visited, the network was turned back on, but the number of unregistered and unpatched systems was still overwhelming; in less than three days CMU’s IT team had more than 6,000 residence hall users, most with unpatched systems and out-of-date anti-virus software, connect to the campus network.
“This fall went smoothly; the process is almost trivial. This is in direct counterpoint to the days of the Blaster and Nachi viruses when we were scrambling for more than a semester, and we weren’t able to focus on anything but the viruses. Network Sentry allowed us to get our lives back.” – Mark Strandskov, Associate Director – Networks
- Automate network security to identify users whose virus protection is not current; automate device updates to ensure systems are cleaned and patched prior to network authentication.
- Eliminate network-based viruses, worms, and other malware.
- Reduce burden on IT staff, who spent hours on switch port deactivation/reactivation and virus remediation efforts.
SOLUTION
Campus Manager Solution, with Network Sentry Foundation Access Manager and Endpoint Compliance
“Network Sentry is utterly seamless. The solution is able to authenticate and remediate a machine, and after it’s done, it gets out of the way. It is not a traditional inline appliance that you have to worry about being a choke point or a single point of failure.”
RESULTS
Improved user experience, more effective use of IT resources.
- Enabled IT staff to monitor, identify, and cull unregistered users individually rather than shutting down entire systems or residence halls.
- Reduced the process of network authentication from hours to minutes.
- Limited and quarantined users to dedicated VLANs, facilitating authentication as well as updating virus and software patches.
- Leveraged the network’s existing IDS system and Trend Network Virus Walls to detect patterns of viral activity.
- Enhanced help desk visibility into user OS, patch level, anti-virus package, traffic usage and current status, reinforcing both user registration and policy continuity.