MSD of Wayne TownshipCase Study
Cloud has been a very positive thing. It was clear it wasn’t going to take hours or days to setup. And of course, that just doesn’t happen unless it’s cloud!
Enforcing SSL Content Filtering While Improving Wireless Security
MSD Wayne has been a Lightspeed Systems content inspection customer for more than 11 years. They understand that more than 60% of overall traffic and over 80% of malware traffic is SSL encrypted, and with so much encrypted traffic flowing across their networks, content visibility was proving to be a challenge to the security policy. To address the problem, Pete and his team knew that the best solution was to implement Lightspeed SSL decryption certificates on every device. This led him to also seek a way to remedy his content visibility issue when devices entered their wireless network.
Because the BYOD web authentication Wi-Fi network needed to be revamped to address new challenges, Pete and his team looked to leveraging certificate driven WPA2-Enterprise Wi-Fi security. His research for vendor options needed to take into account that the device configuration process must be a simple self-service process to highlight independence, which is an educational pillar of MSD Wayne. Additionally, the plan for managed Chromebooks was to move them from pre-shared key settings to unique certificates, just as they had done with BYOD devices. They understood that certificates offered better visibility and user tracking on the network.
- Support a Wi-Fi security environment that combines both device and user authentication
- Cost-effective from a budget and IT resources and management standpoint
- Support a diverse device ecosystem of BYOD and managed endpoints
- Enforcing the installation of SSL content certificate for inspectio
- Knowledge of which device is connecting to the network and which user is associated with a given device
- Cloud Wi-Fi enrolment and authentication using WPA2- Enterprise security K-12
- Fast and easy, turn-key integration with the existing infrastructure
- Increased security for faculty, staff, students, and guests while maintaining CIPA compliance
- Easy and painless installation process for end-users
We can put a name to a device and see who everybody is. That gets to the dashboard…it’s very useful
Network Engineer Linda Carter led the integration of JoinNow’s cloud-based solution with their existing infrastructure. The choice to use certificates for Wi-Fi security meant RADIUS server technology and a CA (Certificate Authority) would be needed to issue certificates after validating users against their Rapid Identity SAML identity provider. Linda was originally skeptical about completing the network integration using a cloud network. She was surprised that with SecureW2’s deployment assistance, she was able to complete a network integration that would support more than 20 campuses in a matter of hours. When asked about her overall experience with the team, she commented, “Support has been very good. They’re quick to answer my questions, and they work hard at trying to get what I’m doing.” Linda also commented that the support she received was not simply instructional but had an educational focus so she could resolve any future complications independently.
SecureW2 JoinNow Education
- MultiOS provisioning clients for BYOD
- SCEP gateway for managed Windows, Mac and Chrome
- AAA/RADIUS server
- CA and certificate mgmt.
Cisco Switches and Wireless
MSD Network Goals Successfully Implemented
For Pete, SecureW2 was able to meet all the guidelines he set forth for MSD Wayne’s wireless security. A BYOD solution for students and staff needed to work on all major operating systems. SecureW2’s lightweight, dissolvable client technology allowed his users to go through a one-time setup and configuration process to install the Lightspeed content filter and SecureW2 Wi-Fi certificates. This meant a fast and painless setup, reducing the need for help desk or IT staff intervention. SecureW2 also allowed him to control access by setting expiration dates on his certificates, limit the number of certificates, and revoke a certificate at any time.
As Linda and her team began running the system, she quickly noticed some key benefits. User tracking was always a challenge in the past and required looking up information in multiple systems, including DHCP, to decipher users and their devices. Certificate-based wireless network authentication, or EAP-TLS, gave Linda confidence that she could track every user’s connection and pinpoint every device. It also provided the user some unique solutions that credential based network connections face, including eliminating disconnects due to password changes and improving Wi-Fi performance as devices connect and roam. Ultimately, “we can put a name to every device” stated Linda, “it’s very useful.” With the help of SecureW2, MSD of Wayne Township is now able to give students the independence to make smart online decisions and learn the lessons that will dictate appropriate device usage in the professional world.