Network Authentication
From CIT Wiki
Before providing access to the college network, CIT must first verify that all computers that are going to connect to the network are free of viruses and other malware, and are updated. In order to do this, we use a solution known as Network Access Control (NAC). The NAC product we use is known as Safe•Connect.
Users connecting to the network are directed to a CIT web page with a link to our Acceptable Use Policy and a section for logging in, using one's ObieID username (e-mail/network username) and password.
Once logged in, the user is presented with a Policy Key, which is the tool used to check the health of the client computer. Installing the Policy Key is a quick process, and only needs to be done once. After the Key is installed, the system then checks the computer for viruses/worms/malware and, if a Windows system, checks for current system updates. If viruses are found or updates are not current, the user is directed to the proper locations for remediation (resolution of problems noted).
Once the checks have been passed, the user's computer (or other device) is authorized for connection to the network and the computer then has access to the Internet and all applicable campus network resources.
Guests will also be required to install a Policy Key. If you seem to be having trouble connecting to the network, first try opening your web browser to see if the authentication page comes up again.
This system will be used for all student, faculty, staff and guest computers connecting on campus. In this way, all computers connecting to the college network are checked for viruses and updates.
Contents |
How Does it Work?
1. We configure our desired policies and rules using the Safe•Connect Policy Management Console by network segment or directory services group.
2. Endpoint devices connecting to the college network will be intercepted, authenticated, presented with our acceptable use policies, and issued a Safe•Connect Policy Key.
3. The Safe•Connect Policy Key certifies that the endpoint device adheres to endpoint security policies on a continuous/real-time basis. It reports non-compliance to the Safe•Connect Policy Enforcer and delivers individualized remediation guidance. The endpoint devices can remain completely isolated using I-LAN quarantine technology until the policy breach is resolved.
4. Safe•Connect offers consistent endpoint device support for wired, wireless, and VPN networks.
What Do I Need to Do?
Simply open your internet browser and enter your ObieID and password to authenticate. If you are using a Windows XP or Vista computer and/or a Macintosh, you will be prompted to install an application that checks for various things such as Windows Update, Macintosh Updates, and anti-virus software. There will be certain parameters that must be met in order for access to be granted. Installation of the Policy Key is required for guests to Oberlin College as well. For more information on obtaining an ObieID and password, please see details on Sponsored Accounts.
How will Safe•Connect affect my daily work habits?
The only change to your daily work habit you will see is at the point you will need to re-authenticate. An internet browser window will launch which will in turn bring up the “Login” page. Use your ObieID and password to get authenticated to the Oberlin College network.
More Details
Please visit our Safe•Connect frequently asked questions page for additional information. Alternatively, see the installation process and screenshots page to find out what to do if you get a warning or notification generated by Safe•Connect or the Known Issues page if you're having difficulty installing the Safe•Connect Policy Key on your computer.
