Saturday, February 26, 2011

Security - Network Access Control for Educational Institutions

Network Access Control for Educational Institutions

ForeScout CounterACT helps educational institutions ensure network security, compliance, and guest network access.

Challenges for Educational Institutions

Network security is difficult for any enterprise, but educational institutions face a unique set of challenges including:

  • Seasonal spikes in malware introduced by students returning from holiday break
  • Huge diversity of unmanaged devices connecting to the network - laptops, smart phones, etc.
  • Enabling free information flow while protecting students and faculty
  • Exposure to legal liabilities through P2P application abuse

ForeScout CounterACT Network Security for Educational Institutions

Today's students expect continuous connectivity to each other, to their teachers, and to the Internet. But security is rarely high on their priority list. ForeScout helps educational institutions address key concerns around network security:

Keep the network safe from unmanaged endpoints and rogue devices

When students arrive on campus, their laptops may be infected with malware and have risky applications like P2P already installed. They may totally lack antivirus software. Students can also bring networking gear from home - wireless access points and wiring hubs - and try to connect it to the campus network.

ForeScout CounterACT lets you enforce security requirements for student laptops, such as up-to-date security software. If the laptop has no anti-virus, CounterACT lets you install anti-virus to the student system.

After the student's laptop is connected to your network, CounterACT will continuously monitor the behavior of the laptop for signs of infection or malicious activity. If danger is detected, CounterACT gives you a wide range of controls to help deal with the situation.

CounterACT can also immediately detect and block any rogue devices such as wireless access points and unauthorized wiring hubs. CounterACT gives you detailed visibility into any equipment connecting to the network, including its physical location.

Enable free information flow while protecting student and faculty privacy

How do you protect private information such as student exam data or other personal records? Passwords will take you some of the way there, but many educational institutions are turning to ForeScout CounterACT for a simple network-based solution.

ForeScout CounterACT can separate students from faculty at the network level, while still allowing authorized communications between the two networks. A number of different technologies can be deployed to create and maintain these "Chinese walls" including VLANs, access control lists, and virtual firewalls. See more here.

Prevent illegal file sharing activities with visibility and control over P2P applications

Illegal file sharing and downloads of copyrighted material was officially criminalized under the 1998 Digital Millennium Copyright Act (DMCA) and later reinforced under the Higher Education Opportunity Act of 2008. Although liability limitations exist for network administrators, Section 512 of the DMCA indicates that if subpoenaed, they must disclose the identity of the offending subscriber. They must also terminate accounts of repeat offenders.

By preventing P2P applications on the campus network, educational institutions are able to protect themselves against legal action by digital content owners. Using industry-leading host interrogation technology, ForeScout Counter ACT can scan the end-user system for active P2P applications. CounterACT gives you a range of control options to deal with P2P such as:

  • Audit Mode: Monitor for P2P use across student population and identify potential problem areas
  • Notifications: Can be sent to users to remind them of their liability if illegally sharing copyrighted content. An auditable end-user acknowledgement enables tracking of non-compliance warnings to users.
  • Blocking: For repeat offenders or users suspected of engaging in illegal file sharing, these P2P applications can be blocked from running on their systems.

No comments:

Post a Comment