Lockdown Network Access Control — Education Solutions
Educational institutions face a variety of challenges to network security, and to comply with the Digital Millennium Copyright Act (DMCA).
From the "back to school" crush of new computers joining the network, and the inevitable resulting flood of malware, to keeping devices compliant to policy throughout the academic year, to handling registration of game devices and other systems, institutions need automation of policies like never before.
Overview
Colleges, Universities, and even High Schools, must ensure faculty and students have access to information essential to the process of pedagogy, and in the case of residence halls, student lifestyles.
Unfortunately, the majority of devices that connect to the network are not school–owned, so IT administrators have little direct control over them.
Many institutions require students and faculty to use anti–virus and spyware protection and to maintain operating systems and firewall, but enforcement of this has been virtually impossible, even when security software is made available at no charge. Further, many schools wish to register devices to assoicate them with specific users.
And as P2P has grown, so has the need to support Digital Millennium Copyright Act (DMCA) laws.
The Lockdown network access control (NAC) rich policy engine is ideally suited to the complex needs of the Highr Education market.
How It Works
Lockdown Networks' application in education environment is ideal because it works with the existing infrastructure to automate device registration, and to assess devices on the network for policy compliance.
- Lockdown can present a gateway page to users allowing them to register all their web–based devices. Policy checks can validate that a given device has been registered, and if not, it can be kept offline until registration is complete. For schools wishing to associate users to devices, this is a significant time–saving step, avoiding costly start–of–term manual device registration processes by IT staff.
- Lockdown Agents™ – persistent or dissolving – perform assessments that compare device status and health against policy. Devices that fail compliance may in many cases be auto–remediated, or if not, may be quarantined in VLANs for user remediations. If quarantined, users see a webpage that prompts them through required updates. Upon completion and compliance, users are redirected to their authorized production network.
- P2P applications and networks can be detected though the use of the Lockdown Agent. If policy dictates, users with P2P software can be quarantined until the software is removed, or simply notified that they are using software that is not allowed on the network and may be in violation of federal copyright laws.
- Lockdown network access control allows IT administrators to create sophisticated rule sets to white-list devices such as servers, and either audit them via notification instead of enforcement, or bypass them completely.
- The Lockdown network access control Precision Policy Engine can apply policies specific to each user group. So for a given compliance lapse, professors would receive email notification and remediation directions, while administrative staff can be quarantined for user–based remediation.
- Non–authenticated users, such as guests, or vendors, can be automatically put in a guest network for their convenience, without compromising security.
For network integration, Lockdown network access control is particularly well–suited to education environments because:
- Lockdown Enforcer works with multi–vendor switching, wireless, and routing infrastructure, enforcing access decisions using VLANs on key network control points, moving enforcement as close–to–the–edge as possible.
- Lockdown network access control assures a seamless and fast roaming experience for mobile users.
Why Lockdown Network Access Control
Institutions choose Lockdown network access control for many reasons including but not limited to cost effectiveness, Precision Policy Engine and ease of implementation.
- Student and device registration automation.
- Strong access control of secure network segments, or lightweight IP subnet quarantine for rollouts where keeping students compliant is a higher priority than securely using identity to control access.
- Maintain DMCA P2P compliance.
- Assess the condition of a device and whether it is compliant to your organization's policies prior to granting network access. Lockdown network access control for education offers flexible health assessment methodologies, regardless of device type, connection method, or owner.
- Make access decisions based on user identity, whether it's faculty, students, or guest to provide everyone access to the right networks so you increase productivity and maintain the security of your network. Lockdown network access control offers comprehensive authentication coverage – regardless of type, including 802.1x, RADIUS, Windows Authentication, NDS Authentication, and Web–based Authentication.
- Centrally manage and apply granular policies consistently across the network. Ease administration and reduce support cost by ensuring all users and devices comply with policies that keep your network secure.
- Policy enforcement across your environment can be cost–effective, regardless of how large or small it is because Lockdown network access control scales to the size of your network environment.