Bradford’s Network Security Platform helps Maryville University with compliance automation
Advanced network security solutions eliminate need for manual inspections, boost IT team’s productivity by 40 percent
When the Welchia virus hit the Maryville University campus in the summer of 2004, the University knew it had to take immediate and decisive action to eradicate the virus from its network and prevent a recurrence. But with the start of the fall semester just six weeks away, options were limited.
“We felt we’d be able to scrub the university-owned equipment before students returned,” recalls David Brawner, Manager of Network Services for Maryville, who was called back from holiday to deal with the crisis. “But we were concerned that students would immediately re-introduce the virus to our network when they returned to campus with their own devices.”
At the time, Maryville had no Network Access Control (NAC) solution in place at all. Its wired network included University-owned equipment such as its 600-plus lab computers and 350 desktops. The university also had to contend with equipment owned by students, staff and conference guests, ranging from laptops to smartphones to game consoles.
The university had one physical network across four campuses through LANs, divided by subnets, with wireless and guest VLANs comprising 5200 ports. It provided limited wireless access, and had a small-scale VPN implementation for staff requiring off-site campus desktop access.
Paper policies needed to be actively enforced
The entire wired and wireless network was governed only by paper security policies, with no automatic control or enforcement. But with the Welchia virus lurking, Brawner felt strongly that paper was no longer enough.
Initially, Brawner’s IT team considered manual inspections of all computing devices coming back on campus. “Basically, users would need to bring all personal devices to a help desk center and have IT staff manually check each one, potentially install anti-virus software and patches, and certify the device as compliant before it was allowed on the network,” Brawner explains. This option would require Maryville to beef up its budget with short-term outside contractors in order to handle the 3500-plus users that would need to be serviced in-person in a very short period of time. It would be challenging at best, and the University’s Student Life department was vehemently opposed to this approach.
So Brawner proposed an alternative: the university could rapidly implement a Network Access Control (NAC) solution that would plug into its existing LAN infrastructure to immediately identify all devices connecting to the network, scan them for threats and infections, ensure compliance to network security policies, and then provision access to the network only after a device was deemed compliant.
“We only have a staff of five in our network services group – re-deploying the two full-time staffers who used to be dedicated solely to network access issues has helped significantly improve our team’s productivity.”
Manager of Network Services