Friday, December 13, 2024

Giving Network Demons the Boot

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Last fall when the students at Lasell College in Newton, Mass went back

to school, they brought posters, CDs, books… and a whole lot of

viruses. The minute they arrived, the school’s network went down.

And it stayed down for a week.

So while students should have been starting their homework and

professors should have been digging into their course work, not much was

getting done. IT workers at the college had to stop whatever projects

they were working on to not only clean up the servers but to

individually visit the school’s 1,100 students and clean the viruses off

their machines.

”It was definitely a nightmare,” says Deborah Gelch, chief information

officer at Lasell College, a liberal arts school running 28 Windows NT

servers, 400 faculty and staff desktops, and 10 wireless access points.

”Last year was a disaster… It was a critical time for students to

start their homework and get onto email. They’re already nervous about

school and now they can’t get onto the network. It was a panicky

situation.”

But there was no downtime and no panicking this year.

With the help of Perfigo, Inc., a San Francisco-based network security

company, getting this fall’s crop of students online was a much easier

process.

”What happened this year is exactly what was supposed to happen,” says

Gelch. ”Students couldn’t log onto the network until their machines

were clean and they had updated anti-virus software and were patched for

Windows vulnerabilities… The network ran perfectly through the whole

process.”

Perfigo, which has a significant presence in the academia world but is

looking to break into the corporate arena, won’t allow new accounts to

access the network until they’ve met a few requirements, which are set

up by the IT administrator. For instance, a student or new employee

would not be able to get onto the network until the desktop or laptop is

scanned to make sure that it has up-to-date anti-virus software and the

latest patches, and isn’t carrying any viruses. If it doesn’t meet those

criteria, the user is then walked through the needed processes.

Rohit Khetrapal, president Perfigo, says the issue that the college had

translates into the corporate world, as well.

”The issues are the same,” he says. ”You have guests — consultants,

partners — coming in and out of the network and you don’t have control

over their laptops. If you want to be on my network, you must correct

this infection in your machine. I see who you are and I will give you

access into your email, but I will not let you on my network. I will

keep you on an isolated network that does not touch my environment in

any way, shape or form.”

Khetrapal says partners, clients, big customers and consultants all are

prime candidates to carry a virus or Trojan onto the network.

But Gordon Haff, an analyst at Illuminata, an industry research firm

based in Nashua, N.H., says scanning laptops might become an issue when

the user isn’t an employee and she has proprietary or confidential

information on her machine.

”From the network that’s doing the scanning point of view, it’s a level

of security. From the scannee’s point of view, though, they would have

some legitimate concerns about that being done,” says Haff. ”As

consultants we have confidential client information on our system, and

it would not be appropriate for competitors to look at our systems.”

Khetrapal says it’s a problem that can be worked out.

”You’re doing a vulnerability assessment. You’re not looking at their

machine in any way shape or form,” he points out. ”Is this machine

blasting something malicious? Is there a port open? Is this machine

vulnerable? You’re looking at the behavior from this machine and you’re

not looking at data.”

Weeding out the Bugs

At Anderson University, a 2,500-student college in Anderson, Indiana,

the network administrator was able to actually focus on his real job

this fall instead of running interference on the network and with

several thousand angry and petulant students.

Last fall, Anderson’s network administrator Stuart Hilbert was left

wrangling with a harsh Blaster attack, which plagued his network through

most of the school year. Knowing that Blaster was a major problem,

Hilbert’s IT team asked students to bring their machines into the IT

department to have them scanned before they went online. Only about 600

of the 1,400 on-campus students with laptops and desktops did so.

The other 800 students ignored warnings and heavily infected the

school’s network.

”It got to the point where I was working all the time,” says Hilbert.

”I would walk in and head out to the dorms to find people and get them

patched. And that wasn’t my job. It was nobody’s job. As we did that, we

started neglecting other things. My job last year was to manage the help

desk and get all the faculty and staff machines and printers working.

They began to suffer, and then tickets start to pile up on you. It was a

lose-lose battle.

Hilbert says the problem probably cost the college more than $200,000,

not to mention the added stress and diverted attention.

This year, though, it was a whole different battle.

Hilbert was using Perfigo, so students weren’t able to get onto the

network until their systems had been scanned and OKed. This time, there

was no way to ignore the IT department. This time it wasn’t a request.

”We’ve been so much more able to control the environment, it’s

unbelievable,” says Hilbert. ”Five days in, we had 90 percent

completion of the process, and we’d been hoping for 85 percent or 80

percent. Most of that was done by the students. We weren’t spending time

in their dorm rooms this year.”

Both Anderson and Lasell colleges have set up Perfigo to rescan the

students’ computers on a periodic basis, keeping them up-to-date with

the latest patches.

”As far as our responsibility to provide a smooth running network, we

were able to do that no problem,” says Gelch. ”And now our students

are much more educated on how to manage their own computers.”

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles