Basic wireless security isn’t sufficient protection when it comes to protecting against unauthorized network access. “With basic wireless encryption, an attacker can break the encryption easily. Stronger authentication and access control methods are necessary to ensure the security on a wireless network,” says Dwayne MacKenzie, Principle Architect at Data Networks.
“After learning about network access control (NAC), we knew we needed it if we were going to have wireless LANs (WLANs) in our schools.” says Caplins.
Data Networks recommended Juniper’s Unified Access Control. “We conducted a rigorous comparison of access control solutions and there’s nothing else that compares to UAC,” says MacKenzie.
The solution
The school district deployed UAC to provide access control for students participating in the STEM academies at Spring Ridge Middle School and Great Mills High School. “With UAC, we can allow a wireless network and have the same level of control that we have on our wired network,” says Caplins.
St. Mary’s County Public Schools deployed the IC4000 and downloaded the UAC agent to the laptops. The UAC combines user identity, device security state and location information for session-specific access policy by user enforced through the network. UAC enforces security policy at Layer 2 using any vendor’s 802.1X-enabled switches or wireless access points, or at Layers 3-7 using any Juniper firewall platform. St. Mary’s County Public Schools uses 802.1X-enabled wireless access points and switches for policy enforcement, and authentication is managed through a RADIUS server back to their Microsoft Active Directory server.
The UAC agent is dynamically downloaded to the laptops. The UAC agent provides Host Checker, which scans endpoints and performs an assessment on the security state for a variety of anti-malware and security applications, while also automatically monitoring antivirus signature files. This ensures that only computers that meet St. Mary’s County Public Schools security policies are permitted access to the network. Plus, computers compromised with malware won’t be able to access the network and spread attacks.
Mission accomplished
With UAC, St. Mary’s County Public Schools was able to roll out a wireless one-to-one computing program with confidence that data privacy and network security would be maintained. “Juniper’s UAC was the pivotal factor in enabling the digital learning curriculum in our district,” says Caplins.
St. Mary’s County Public Schools took a phased approach to deploying network access control, which ensured a smooth deployment and enabled it to leverage its existing IT infrastructure without modification, including wireless access points and switches. “It was a straightforward deployment of a new technology,” says MacKenzie. “We kept the scope focused and took a flexible, phased approach to deployment, making it easy to build on our success.”