NETWORK PROFILE
Wired and wireless access across four schools on a single campus; more than 3,000 students, 5,000 faculty
CHALLENGES
At the start of each school year, the IT team at Columbia University Medical Center (CUMC) confronted an increase in malicious code and spyware as new students attempted to access the network for the first time. The University needed to ensure security and control access while providing students with on-demand connectivity to the network.
“The first semester after implementing Bradford’s Network Sentry to authenticate and monitor users and their devices, our Help Desk calls related to initial network registration were reduced by two thirds—that alone was a significant benefit.” Dean De Beer, Information Security Manager
For Dean De Beer, information security manager for CUMC, it was clear this balance could be achieved with a Network Access Control (NAC) solution. Job number one, according to De Beer, was to make sure that all users accessing the network were authorized to do so, and that their devices met the medical center’s acceptable use policy. “We also looked at ease of registration as an important factor. There was a time, for example, when we manually assigned static IP addresses to devices for all users coming onto the network. At the beginning of each semester, that could mean a student waiting as long as 72 hours to get on the network and that was just unacceptable,” De Beer explains. “We needed a solution that would automate device registration and IP address assignment, as well as allow temporary access for guest users.”
- Automate network security to ensure authorized user access and compliance with CUMC’s acceptable use policy
- Eliminate network-based viruses, worms and other malware
- Reduce burden on help desk staff, who were required to assist students in remediation efforts
SOLUTION
Campus Manager Solution, with Network Sentry Foundation Access Manager and Endpoint Compliance.
“We wanted to demonstrate a meaningful return on investment in our environment before rolling NAC out on a broader scale. Network Sentry allows us the flexibility to start small and expand the solution gradually to meet our longer term needs.” Dean De Beer, Information Security Manager
RESULTS
CUMC recognized benefits from day one. As Network Sentry began enforcing registration and conducting policy checks, the number of calls to the help desk were sharply reduced, with virtually no calls related to a compromised or infected device. The ability for students to perform remote or pre-registration of their devices provided significant time savings at the start of the semester, another valuable benefit.
- Increased the speed with which initial registration, compliance checks, and remediation are completed; calls to the help desk were reduced by more than 60 percent.
- Improved user experience with greater flexibility and quicker access; students can perform pre-registration remotely for significant time savings at the start of the semester.
- Eliminated virus outbreaks and other network security threats across the infrastructure.
- •Enabled a phased implementation, which allowed CUMC to demonstrate a meaningful return on investment as its Network Sentry implementation was expanded.