In 2003, the University of Rhode Island started the origins of a network access control solution when they installed an open-source network registration effort on their residential network. It did basic device registration and authentication, but viruses were continuing to cause major network outages—taking down the system with relative ease.
URI found that most commercial NAC products were very limited and could not handle the large network requirements of the university which has more than 5,000 devices in the residential network alone. They also discovered that solutions came with a price—namely, overhead and manpower costs for installation and massive integration.
Network problems continued to occur and URI felt obligated to act, installing Bradford Campus Manager NAC solution in its dorms in 2005. “It was too challenging to accomplish the simplest of tasks,” says Alan White, Information Security Architect at URI. “It was taking so much more of everything—more energy, more effort, and more time— to accomplish NAC. We needed a simpler solution for our complex environment. That product only works well in smaller environments that are homogenous and less complex.”
Further research and a comprehensive decision matrix led URI to Impulse Point’s SafeConnect NAC.
The University developed a comprehensive decision matrix to compare NAC solutions, prioritizing features and weighting factors to gather the empirical data that would result in a technical and business decision.
“We considered everything we could,” continues White. “Ease of implementation was extremely important due to a lack of available technical resources and manpower. The solution also had to be able to handle our high performance network. While cost was important, it was not the highest priority.”
The University of Rhode Island considered multiple network access control products, including the “big names”, in their search for a better way to NAC. As part of the due diligence of selecting a NAC solution, the University went through the sales pitch process with other vendors. “After seeing Impulse and SafeConnect, the other products left something to be desired. The product demonstrations reinforced the fact that we wanted SafeConnect,” says White. “We wanted to work smarter, not harder.”
“SafeConnect provided the ease of installation we were looking for – everything was pre-loaded and it only took about an hour to install. SafeConnect also comes with a Managed Service program – we don’t have to worry about upgrades or troubleshooting. It’s all taken care of without having to dedicate resources to it.”
The University of Rhode Island NAC implementation includes SafeConnect in both their residential and administrative areas, with the capability to manage 20,000 devices simultaneously.
“With SafeConnect in place, we are finally able to do something we’ve been trying to do for years,” says Alan White. “We now have the option to take ‘at risk’ machines off the network with the click of a button or to allow the system to do it automatically. It used to take 10 to 15 minutes for each machine, multiple times a day, all day, all week. We’re saving hours each week with just this simple task, which frees up resources to focus on other projects.”
“SafeConnect is making life easier. We’re now able to view real-time and historical policy status data of what’s on our network at any given time. Previously, it was a guessing game.”
SafeConnect™ is supported by the NAC industry’s only proactive maintenance support offering. Impulse Point provides continuous proactive monitoring and support that includes hardware server and software problem determination and resolution, as well as upgrade protection to future software functional releases. Impulse Point prides itself on the quick, efficient, and accurate implementation of the SafeConnect NAC Solution and is available to provide personalized advice and support throughout project planning, installation, and deployment. All necessary Policy Appliance hardware, software licenses, and the following support services are included in the initial first year price of the SafeConnect solution:
The ability to maintain up-to-date support for the most current anti-virus, anti-spyware, operating system, and other endpoint security software is a major benefit of Impulse Point’s Managed Services Offering. Impulse Point owns the responsibility of identifying, supporting, and updating customers within 48 hours as a standard component of its managed support service.
The endpoint policy management capabilities shown to the right are included:
The SafeConnect solution performs both pre- and post-admission security checks in real time without any network traffic degradation. SafeConnect functions out-of-line and provides continuous security assessment and enforcement across wired, wireless, and VPN networks with no performance bottlenecks, maintenance-driven network outages, or as a single point of failure.
SafeConnect features a Single Sign-On (SSO) authentication capability that allows existing Active Directory-managed users to maintain their existing login process user experience.
The SafeConnect NAC solution helps drive a substantial reduction in help desk calls because it is intuitive and user friendly for both the end users and IT support management teams. Users not in compliance receive individualized policy notifications regarding the reason for non-compliance (e.g. out of date anti-virus protection) and are guided through the remediation process with instructions and a link to an internal or external source where the appropriate software or virus definition can be downloaded. Because the remediation process is simple and straight-forward, users follow through to regain compliance and access to the network. This results in fewer instances of non-compliance and ultimately fewer Help Desk calls.
School campuses need to quickly notify students and faculty in the event of an emergency situation. SafeConnect has the ability to broadcast an information or emergency message on-demand to everyone whose computer is authorized to access the campus network. SafeConnect can also send messages to specific devices, specific user groups (staff, faculty, students, etc.), or individual users. Notification can be made quickly and administrators can track the acknowledgements of receipt for compliance purposes.
Policy Administrators can define and change endpoint computing policies and enforcement rules by network segment or directory services policy group from a centralized policy management interface despite the number of remote or distributed locations. The solution also delivers real-time and historical policy status reporting that provides valuable insight into group or individual policy compliance to Policy Administrators and Help Desk personnel.
The following SafeConnect Endpoint Policy Management capabilities can be deployed in a phased-in approach (by IP address/range, subnet, VLAN) across wired, wireless, and VPN infrastructures.
Chartered in 1888, the University of Rhode Island offers 12,000 undergraduate and 3,000 graduate students a strong core of traditional academic disciplines with a multidisciplinary emphasis on research that affects people in their daily lives. With nationally and internationally known faculty engaged in a broad range of teaching, research and outreach activities, URI is renowned in many areas, including biotechnology; oceanography; marine and environmental sciences; engineering; and public health promotion. Outreach is at the core of the University’s role as a land grant, sea grant, and urban grant university. For more information, visit www.uri.edu
6810 New Tampa Highway, Suite 400 Lakeland, Florida 33815
Copyright , Impulse Point. All Rights Reserved.