Educause Security Discussion mailing list archives

Re: Screening of visitor and transient systems

From: Dan Updegrove <updegrove () MAIL UTEXAS EDU>
Date: Mon, 20 Sep 2004 07:48:00 -0500

Tim & colleagues,

As student computer ownership moves increasingly to laptops, as campuses
deploy wireless access points by the hundreds, (and as students migrate to
broadband Internet in their off-campus residences, increasing their
vulnerability to worms, trojans, et al.), I think colleges and universities
will find it increasingly important to develop systems that screen-at
connect time and then quarantine problematic systems. (I'm hopeful that
broadband ISPs will do the same, since cracked home systems are a major
source of Internet attacks.)

Regards,
Dan Updegrove


At 10:31 PM 9/19/2004, jack suess wrote:

Tim,

I don't believe there is any consensus on this in higher ed. Most
schools don't mandate a check for policy conformance on their wireless
as they do with residential networks. I think because resnet is being
handled much better, and most laptops are student-owned, we see some
residual benefits from that that help wireless.

What we are doing at UMBC is putting an IDS scanner on wireless and
contacting people we find with viruses or other security problems. We
can also lock them out of wireless if it isn't taken care of.



jack suess


On Sep 16, 2004, at 9:38 PM, Tim Howard wrote:

Hello All,
I am interested in hearing about programs at your institution that
require
a visitor to have their laptop or PDA, or other computer, screened for
current patches and/or anti-virus updates prior to connecting to your
network.  In implementing an Information Security Program for the US
Antarctic Program, we are trying to align our efforts with what is
being
done in the university community to give our grantees a sense of
compatibility as they move between their home institutions and the
USAP.

Thanks
Tim





Tim Howard
Information Security Manager, U.S. Antarctic Program (NSF)
Raytheon Technical Services Company, LLC
301.883.4104 office     301.883.4136 fax
301.943.4732 cell timothy_g_howard () raytheon com

**********
Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/cg/.

Jack Suess                CIO, UMBC
410.455.2582           1000 Hilltop Circle
410.455.1065(f) Baltimore, MD. 21250
http://userpages.umbc.edu/~jack

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/groups/.



VP  for Information Technology          Phone (512) 232-9610
The University of Texas at Austin       Fax (512) 232-9607
FAC 248 (Mail code: G9800)              d.updegrove () its utexas edu
P.O. Box 7407                                   http://wnt.utexas.edu/~danu/
Austin, TX 78713-7407

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Current thread:

Screening of visitor and transient systems Tim Howard (Sep 16)
- <Possible follow-ups>
- Re: Screening of visitor and transient systems jack suess (Sep 19)
- Re: Screening of visitor and transient systems Dan Updegrove (Sep 20)