Denison University
Campus Manager
Presenters:
Andy Babb
&
Ryan Lininger
What’s To Come
•
•
•
•
•
•
Denison’s Background Environment
Previous Setup
Current Setup
Future Setup
The Good and Bad
Questions
Background Environment
• Population: 2,100 Students, 600 Employees, 300 Labs
• Cisco Switches
– IOS and CATOS
• Mixed Vendor Wireless (Cisco, 5G)
• Have Many VLANs
• Distributed routing design
– No single aggregated point for traffic
• Desire to improve students ability to register on their own
Previous NAC Setup
• Previous system was home grown system
• Previous registration system required up to 10 minutes
for the services to update DHCP information.
• No client validation
• Much of the information was self reported
– I.E. input errors.
• Lots of staff hours in fall during student move in
– Lots of development hours as well
• Sasser and Blaster motivated us to move to a new
solution
Current NAC Setup
•
•
•
•
•
•
•
•
Non-persistent client
Out-of-Band solution fits with our network structure
Wired Registration: Use VLAN switching
Wireless Registration (Testing): DHCP/DNS manipulation
LDAP authentication
Student self remediation and validation
Forced Registration and Role Based access in student spaces
Staff hours invested in fall registration process is less than before
and more services are provided
Client Listing
Denison NAC: Future
• Recently upgraded Campus Manager
• 4.0 moves away from Nessus Scans
• Persistent Client for Denison Owned Machines
(possibly students also)
• Role Based Management Campus Wide
– Testing role based access in academic
areas now
• Helpdesk usage of Campus Manager
• Reporting & data mining from Campus
Manager
• Disabling clients (policy violations)
The Good
• Support
– Vendor and community
•
•
•
•
•
•
•
Initial Setup
Admin console runs on Apple and Windows
Console interface is robust
VLAN Switching works well
Administrative view
Protocol support (ssh, telnet, snmp)
Game console registration
Admin Console
Game System Registration
The Bad
•
•
•
•
•
•
Operator permissions are too limited
Operator account interface
Java setup of console is… umm… picky
Reporting is limited
Database API has room for growth
Custom automation and scripting
Questions?
• Andy Babb
– [email protected]
• Ryan Lininger
– [email protected]
• Campus Manager Listserv
– www.bradfordnetworks.com/CampusMgrArchive/