St. Mary's County Public Schoools

Access Control & Network Security Solution for Digital Student Learning

Abstract

Data Networks implemented a 1:1 computing program with unified access control to enable student access while maintaining strong wireless network security for this school district in Maryland.

What Data Networks Did for SMCPS

 

  • Deployed access control for wireless network at two schools in this school district.
  • Allowed students to access and use the wireless network while maintaining strong network security.
  • Minimized effort to deploy and maintain network access control by leveraging its existing investment in network equipment.

The challenge

Preparing our children for the 21st Century means giving them the advanced science, technology, engineering and math skills they need to remain competitive in a global economy, and that’s a priority for St. Mary’s County Public Schools (SMCPS) in Maryland.

The Science, Technology, Engineering and Math (STEM) academy is a rigorous program designed to give students extensive laboratory experiences using the latest scientific and problem-solving techniques and to give students exposure to a broad range of technical applications.

St. Mary’s County Public Schools received a grant to purchase 60 laptops to support the STEM program. The laptops are mounted on carts and are wireless, so they can be moved easily from classroom to classroom. The school district was particularly concerned about the risks associated with wireless, so it set out to find a solution.

“We were very concerned about wireless security,” says William Caplins, director of technology at St. Mary’s County Public Schools. “We needed to protect the privacy of our communications and to protect our network from wireless attacks.” Data Networks stepped in to provide guidance.

Basic wireless security isn’t sufficient protection when it comes to protecting against unauthorized network access. “With basic wireless encryption, an attacker can break the encryption easily. Stronger authentication and access control methods are necessary to ensure the security on a wireless network,” says Dwayne MacKenzie, Principle Architect at Data Networks.

“After learning about network access control (NAC), we knew we needed it if we were going to have wireless LANs (WLANs) in our schools.” says Caplins.

Data Networks recommended Juniper’s Unified Access Control. “We conducted a rigorous comparison of access control solutions and there’s nothing else that compares to UAC,” says MacKenzie.

The solution

The school district deployed UAC to provide access control for students participating in the STEM academies at Spring Ridge Middle School and Great Mills High School. “With UAC, we can allow a wireless network and have the same level of control that we have on our wired network,” says Caplins.

St. Mary’s County Public Schools deployed the IC4000 and downloaded the UAC agent to the laptops. The UAC combines user identity, device security state and location information for session-specific access policy by user enforced through the network. UAC enforces security policy at Layer 2 using any vendor’s 802.1X-enabled switches or wireless access points, or at Layers 3-7 using any Juniper firewall platform. St. Mary’s County Public Schools uses 802.1X-enabled wireless access points and switches for policy enforcement, and authentication is managed through a RADIUS server back to their Microsoft Active Directory server.

The UAC agent is dynamically downloaded to the laptops. The UAC agent provides Host Checker, which scans endpoints and performs an assessment on the security state for a variety of anti-malware and security applications, while also automatically monitoring antivirus signature files. This ensures that only computers that meet St. Mary’s County Public Schools security policies are permitted access to the network. Plus, computers compromised with malware won’t be able to access the network and spread attacks.

Mission accomplished

With UAC, St. Mary’s County Public Schools was able to roll out a wireless one-to-one computing program with confidence that data privacy and network security would be maintained. “Juniper’s UAC was the pivotal factor in enabling the digital learning curriculum in our district,” says Caplins.

St. Mary’s County Public Schools took a phased approach to deploying network access control, which ensured a smooth deployment and enabled it to leverage its existing IT infrastructure without modification, including wireless access points and switches. “It was a straightforward deployment of a new technology,” says MacKenzie. “We kept the scope focused and took a flexible, phased approach to deployment, making it easy to build on our success.”

Click here to view the PDF version of the St. Mary’s County Public Schools Keeps Students on the Forefront of Science and Technology with Digital Learning Secured by Unified Access Control case study.