School Districts Deploy Multiple Tools to Ensure Security
Gary Brantley, CIO for DeKalb County Schools in Georgia, understands that while products and tools are important, it takes people to secure a network. “Security has become a continuous process, and there’s a human element that plays a significant role in securing the network and making sure things run properly,” he explains.
A few years ago, DeKalb County Schools opened its network operations center. It began with simple tools, and today 10 people rotate in and out of the NOC to monitor the network from 5 a.m. to 10 p.m. daily.
The technicians in the NOC use Palo Alto Networks firewalls and Trend Micro anti-virus software. For network analysis, the district taps a network monitoring tool from Fluke Networks and Splunk. The Splunk software receives incident information from the Palo Alto Networks firewall, and Brantley says that integration gives the NOC team a clear dashboard into what’s happening on the network.
DeKalb County Schools also deployed Lightspeed’s web filter about three years ago to block malicious traffic. Brantley says Lightspeed lets his IT staff set controls, so he has set up the web filter to block pornography and questionable content. “We leave it up to the teachers to decide what content to allow,” he adds.
Frank Dickson, a research director for Frost and Sullivan, says IT departments require tools today that not only identify malware, but can also track malicious activity.
The percentage of attacks where there’s a secondary victim when the motive for the attack is known
SOURCE: Verizon, “2015 Data Breach Investigations Report,” April 2015
“Organizations need tools that can deliver more visibility into network traffic,” Dickson says. “I think we’ll see more security products come with sensors, so IT managers can more accurately track the flow of traffic across the enterprise and determine if there’s anything suspicious with network activity.”
Best-of-Breed Wins
Dysart Unified School District in Surprise, Ariz., also uses a combination of tools to protect its network. The IT staff supports about 25,000 students across 24 schools.
CIO John Andrews says Dysart USD has deployed a Barracuda content filter, Fortinet firewall and uses a combination of Fortinet monitoring tools along with the monitoring tools offered in Aruba’s AirWave software.
Andrews says this setup ensures that all of the district’s content complies with the Children’s Internet Protection Act. Teachers have different levels of access, and they can request access to sites directly connected to their curriculum. The Fortinet firewalls protect the network from incoming threats, especially attacks on critical human resources and student information system databases.
“All of these tools give us the ability to control and manage what’s on the network. We can see and monitor any malicious activity and keep bad content out,” Andrews adds.