Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Department of Housing and Resident Education Charles Benjamin.

Published byKristin Grant Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security Department of Housing and Resident Education Charles Benjamin."— Presentation transcript:

1 Network Security Department of Housing and Resident Education Charles Benjamin

2 Resident Housing at UF

3 The Housing Network

4

5

6 Network Security Change network from flat to routed Installed FWSM Installed 802.1X on Ethernet Started using XpressConnect from Cloudpath Installed CopySense from Audible Magic

7 Network Security Add Wireless PEAP MSCHAP v2 241 Wireless Access Points ( adding 105) 4 WISMs Configured 802.1X to Wireless Installed SourceFire 3500 IDS Added NOC Installed StealthWatch from Lancope

8 Computer Security Employee Computers Installed Web Filter Websense Installed and run Identity Finder Installed VIPRE Antivirus Student Computers NAC SafeConnect from Impulse

9 Network Access Control Evaluation Cisco Bradford Networks Impulse SafeConnect KIS Components Cost Function Other Installation Florida

10 Impulse SafeConnect Components Policy Enforcer appliance (PE) DB – MySQL, Webserver – Tomcat, Proxy – Squid Management Console Reporting Console Policy Key Lite weight program 1.27 M Router configuration Authentication Server

11 Management Console

12 Reporting Console

13 Impulse SafeConnect Setup Configure Housing Border Router NetFlow Policy Based Routing SSH connection Install Policy Enforcer Appliance Configure Authentication Server RADIUS Configure Policy Groups, Management Console Device Type Location

14 Impulse SafeConnect Example of Windows Policy Policy Key P2P Anti-virus OS updates Anti-spyware

15 Impulse SafeConnect Go Live with Housing NAC Implemented in phases: Internal Summer A 2010 570 students Summer B 2010 2,680 + 350 = 3,030 students Fall 2010 7,530 + 350 = 7,880 students

16 Impulse SafeConnect Installing Policy Key DHNet CD, XpressConnect On wireless dhwInstructions DHNet webpage, XpressConnect From SafeConnect Policy Enforcer (PE)

17 Impulse SafeConnect Connection Process Student runs XpressConnect via DHNet CD Wireless SSID dhwInstructions XpressConnect Configures 802.1X Supplicant Install SafeConnect Policy Key RADIUS server sends accounting to PE IP, MAC, Username

18 Impulse SafeConnect Connection Process (cont.) Student connects to Housing network Router send NetFlow information to PE PE compares data from RADIUS and Policy Groups configured in PE Items in the Group Policy are processed from top down

19 Impulse SafeConnect Connection Process (cont.) If the Policy Item specifies Quarantine PE sends Policy Based Routing information to the router via SSH The students connection is “Quarantined” sent to PE and presented with a webpage of instructions and URLs Internet access is limited

20 Impulse SafeConnect Connection Process (cont.) If the Policy Item specifies Warning The policy key will instruct the browser to display the Warning page Policy Based Routing isn’t used The student still has full Internet access Time limits for warning are set in each item of the PE Policy Groups

21

22

23

24 Impulse SafeConnect Example of Windows Policy Policy Key Quarantine, Immediate P2P Quarantine, Immediate Anti-virus Warning 1 Day, Warning 1 Day, Quarantine OS updates Warning 1 Day, Warning 1 Day, Quarantine Anti-spyware Warning 1 Day, Warning 1 Day, Quarantine

25 Management Console

26 Reporting Console

27 Real Time Reporting

28 Anti Spyware

29 Anti-Virus

30 Open Access Per User

31 SafeConnect History

Download ppt "Network Security Department of Housing and Resident Education Charles Benjamin."

Similar presentations

CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved AOS & CPPM INTEGRATION CONFIGURATION & TESTING EAP TLS & EAP PEAP by Abilash Soundararajan.

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved AOS & CPPM INTEGRATION CONFIGURATION & TESTING EAP TLS & EAP PEAP by Abilash Soundararajan.
Mr C Johnston ICT Teacher www.computechedu.co.uk BTEC IT Unit 09 - Lesson 10 Achieving D2.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 10 Achieving D2.
Network Access Control Systems at Educational Institutions Richard Becker Brian Leslie Kansas State University.

Network Access Control Systems at Educational Institutions Richard Becker Brian Leslie Kansas State University.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Overview of Wireless Network Steven Fetcie Infrastructure Manager Information Services.

Overview of Wireless Network Steven Fetcie Infrastructure Manager Information Services.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Housing Residence Education Network and Services.

Housing Residence Education Network and Services.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco NAC Guest Server Guest Access - Simplified Tim Wellborn SE Sangeeta.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco NAC Guest Server Guest Access - Simplified Tim Wellborn SE Sangeeta.
Trend Micro Round Table May 19, 2006. Agenda Introduction – why switch? Timeline for implementation Related policies Trend Micro product descriptions.

Trend Micro Round Table May 19, Agenda Introduction – why switch? Timeline for implementation Related policies Trend Micro product descriptions.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Using RADIUS Within the Framework of the School Environment Charles Bolen Systems Engineer December 6, 2011.

Using RADIUS Within the Framework of the School Environment Charles Bolen Systems Engineer December 6, 2011.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Fermilab VPN Service What is a VPN ?.

Fermilab VPN Service What is a VPN ?.
Being Proactive with Computer Posture Assessment Department of Housing and Residence Education Charles Benjamin.

Being Proactive with Computer Posture Assessment Department of Housing and Residence Education Charles Benjamin.
Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.

Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
VPN Scenarios © N. Ganesan, Ph.D.. Chapter Objectives.

VPN Scenarios © N. Ganesan, Ph.D.. Chapter Objectives.

Similar presentations

Ads by Google