MILPITAS, Calif. -- ConSentry Networks, the leader in secure switching, announced today that Fayetteville State University (FSU), a constituent institution of the University of North Carolina system, has selected ConSentrys LANShield Switch and LANShield Controller to provide secure switching for user segmentation and access control. The ConSentry solution provides malware control, increases ITs visibility into what users are doing on the universitys LAN, enables IT to restrict LAN access to only authorized users, and records a full audit trail of all user activity.
The university LAN serves about 6,300 students and 2,000 faculty and staff, as well as vendors, contractors, and auditors, across 37 buildings. As a public entity, FSU must balance access control with the rights of users to access any Internet and most university resources.
The universitys biggest problems were the continual exposure to malware and the lack of visibility into what users were doing on the LAN. Student-owned PCs, for example, would frequently release trojans, spyware, denial of service (DoS) attacks, and address resolution protocol (ARP) storms. The FSU IT team also struggled to enable open access to the Internet without leaving the university vulnerable if users downloaded copyrighted material or did other illegal activities.
Looking for a Better NAC Solution
FSU had implemented Clean Access in an effort to address these security needs but after a year found the solution too unreliable and limited in features. Since student machines could always reach the Clean Access server, infected devices bombarded it with so much malware that it went down every night. In addition, the solution relied on students properly installing the Clean Access Agent on their laptops, which presented recurring helpdesk issues. The need for this agent also meant the university had no means for scanning the laptops of visitors to the campus.
Ultimately, FSU sought an alternative, and the IT teams research led them to ConSentry. The ability to perform posture check without pre-installed software, to fully log all user activity, and to control access to resources based on roles within Active Directory drove the decision to deploy ConSentry, and an evaluation validated the inline performance the university needed to keep up with LAN traffic.
We talked to other vendors, but they couldnt provide the visibility or control we needed, said Payman Damghani, network security analyst at FSU. When we got the ConSentry demo gear and saw how it performs, we were sold on it. And having all that security available in a switch allowed us to blanket our campus and put controls right next to the users. It was a much stronger security architecture for our needs.