IT Services, first floor
60 William Street
Worcester, MA 01609
» How does the Network Authentication and Validation system work?
» Why Are We Introducing this Solution Now?
» How Does Validation Work?
» What is Clean Access Agent?
» What Validation Checks are being performed?
» How Long Do the Validation Checks Take?
» How Does Validation Work for Macintosh Users?
» What Remediation is Available?
The computer security system performs the following functions:
The computer security system performs the following functions.
There are many medium or higher rated threats (List of Threats) that infected computer systems every year. We needed an effective solution to effectively quarantine systems until proven “clean” and to ensure unprotected systems that are infected were cleaned before entering the network. From investigation of solutions used at other Universities, it has been determined that the best way to prevent this from happening is to insure that virus software and OS critical update/patches are current and maintained.
The validation solution will “trap” any Internet browser access and redirect the user to a web page that instructs the user to download and install a validation Agent.
Once launched, the client installs the validation rules and processes these. If the workstation fails the test, it is allowed Internet access only to the remediation sites for a period of time. Once corrected, full network access is provided and a timer is set for the connection.
The connection remains intact until the timer expires; at that time, the connection is reset and the user must re-validate by launching the client.
ForeScout is an automated security control platform that verifies updated anti-virus software to ensure the network remains free of viruses. All students and vistors must authenticate with ForeScout to use the network.
The following are some examples of validation checks that can be performed:
The checks can take between 15 seconds to a few minutes, depending on how long it has been since you last completed updates.
Macintosh users must authenticate by logging in via a web page. The only validation check for Macintosh systems is anti-virus software.
Microsoft Windows Patch Failure. If the user’s system fails the check for current critical OS patches, the user is instructed to click on the URL for the Microsoft Windows update site and follow the instructions. Additionally, the user is provided the option to download a program that can assist in configuration of Microsoft Windows automatic update.
Anti-Virus Failure. If the user’s system fails the check for current anti-virus software, the user is provided a link to supported Anti-Virus software none is found or redirected to download current virus definitions if antivirus software is found on the system.
Host IDS (Intrusion Detection). If the user’s system fails the check for current IDS/IPS host agent, the user is provided a download either for the software itself or for the agent files updates.