Feature Story

July 6, 2006

Taking up one large city block in Bronxville, located in New York's Westchester County, is picturesque Concordia College. Founded in 1881, this four-year liberal arts college with a faculty of 120 serves about 1000 students every year. Each year during the September Labor Day holiday weekend, students arrive for the school year. Daniel Burroughs, Concordia College's dean of information services, and his staff brace themselves for the yearly nightmare: students arriving with their laptops and infecting the college's network with a variety of computer viruses that have the potential to damage network performance and cause outages on a daily basis.

"Every Labor Day has been the same for five or six years," says Vinu Thomas, chief security architect for Strategic Computer Solutions (SCS), a Cisco Premier Certified Partner. "Students arrive and connect their computers, and serious network problems start."

The college hired Burroughs to address the network problems and direct a technology upgrade strategy to help ensure that the network would support the college's future plans. Burroughs and Thomas had worked together earlier for several years while each was working for different organizations. Burroughs talked with a number of solutions providers about the networking issues and goals of Concordia College. He chose Thomas because of his networking and security expertise and their successful working relationship.

Working together, Burroughs and Thomas developed a three-phase plan that could be deployed over five years. The first phase, which took place in 2001, addressed the most critical needs such as installing a firewall for security. During the second phase, the network and infrastructure were upgraded, and switches and hubs were replaced with Cisco hardware. Then the network was segmented to establish a separate residence network, so students in the dormitories would not be accessing the campus network directly. This kept any infected PCs contained and separate from the college's network.

In early 2005, Thomas joined SCS to start a networking and security business unit for the IT company. It was maturing from a reseller to a solutions provider, and had strong relationships with existing customers. SCS wanted to more fully serve their needs by providing a full portfolio of solutions and services. With Thomas now heading up the new business unit at SCS, Burroughs chose SCS to complete the third and last phase of the upgrade and security project.

"Our ultimate goals were to prevent infected PCs from getting onto the residence network, and to minimize the support time required by the IT staff to help ensure student PCs were healthy and clean," says Burroughs. "We were checking each computer manually, which was very time-consuming, and once it left our control, we had no guarantee that it would stay clean."

The SCS and Concordia College IT teams recently completed the third and final phase in which Cisco Clean Access was deployed to keep infected PCs from getting on the network and tainting other systems. Both Burroughs and Thomas conducted extensive research before choosing Cisco Clean Access.

Implementation commenced in late August, and Cisco Clean Access was fully functional by the critical Labor Day weekend, when students showed up with their laptops that were carrying the usual variety of maladies. Now when students attempted to connect to the Internet, Cisco Clean Access would pop up and require the students to download a client that gets installed right on their PC and checks for antivirus and antispyware software and the correct security patches. If the computer does not pass, users are directed to a remediation Website, where programs can be installed to clean the computer so that it will clear a new security scan. Only when the machine is deemed clean, will it gain access to a fully functioning network.

"We were definitely concerned about getting students through the security process. We spent a lot of time planning what information the students would see when there was a problem with their computer, and guiding them to the right solution," says Burroughs. "We anticipated what their questions would be and designed the solution to ease them through the process." Burroughs even partnered with a major antivirus firm to provide a campuswide license for its antivirus software. If students did not have antivirus software, or if the license had expired, they could easily get properly equipped through the college's site license.

Within the first week of school, 80 percent of the student resident population either passed or went through the remediation steps to get on the network. The second week another ten percent got their computers secured. The remaining ten percent of computers were so infected that they needed to be taken to an outside firm for cleaning. The new security measures and the Cisco Clean Access solution have delivered a malware-free year: neither the college nor resident networks has suffered a virus or worm outbreak during the entire school year. And further testament to the project's success?

"For the first time in many years, I actually had a vacation over Labor Day!" says Thomas.

As head of the networking and security business for SCS, Thomas sees firsthand how seriously people are considering their security measures, saying many are no longer content with being compliant, they want to be proactive. Its recent expansion serves this need well, because SCS can now offer the full end-to-end portfolio of solutions.

"It is good for the customer, and that makes it good for SCS," he says.