Managing a network catered to thousands of off-campus college students isn't easy.
They hog bandwidth, they initiate thousands of sessions -- sometimes at ridiculous hours -- and they demand a reliable network to ensure they can both work and play securely.
But Managed Services Inc. (MSI), the IT division of the Dinerstein Companies, a Houston-based real estate development and property management company, took on that challenge about a year ago and rolled out wired and wireless connectivity to dozens of their 37 properties across the country. In deploying that network, MSI learned a few lessons that every enterprise could benefit from when introducing a new network to its workers.
For starters, they realized the network wasn't as secure as they had hoped. According to MSI's IT director, Michael Dalke, students were unknowingly introducing viruses. They also discovered that the students were overusing bandwidth, which created slowdowns for other residents, and they were doing what many college students do: illegally sharing copyright protected materials.
"When we first started out there were some difficulties," Dalke said. "We had some learning to do."
As soon as some of the properties went wireless that opened a whole new can of security worms. In one instance, Dalke recalled, a resident in a nearby building mimicked the IP address of one of MSI's properties, tricking residents into logging onto his network and not their own.
"It took us a while to run him down and take care of that," he said.
The BlueSecure boxes, which MSI has installed in properties in Arizona, California, Georgia, Mississippi, North Carolina and Texas, prompt users for authentication in order to get access to the network. They allow access based on assigned roles and policies and scan for endpoint security. They also manage and control bandwidth usage.
Similar to companies with more than 3,000 users and multiple campuses, "student properties provide unique challenges when it comes to Internet usage given the number of concurrent sessions that are in play and the prevalence of bandwidth intensive, peer-to-peer applications," Dalke said. "Bluesocket … enabled us to block users infected with viruses [and users who are] guilty of sending spam traffic." Bandwidth management capabilities have also helped control our expenses, Dalke said. "We can effectively roll out the amount of bandwidth needed per property without any waste."
Dalke and his staff can now make sure no one user or group monopolizes the network when downloading extremely large applications or files. They can also monitor and analyze individual packets and sessions and use intrusion detection to protect from and block possible viruses and worms.
"We are able to determine who is sending a virus and quarantine them," Dalke said.
The controllers also let end-users troubleshoot their own network problems, helping them download anti-virus and anti-spyware updates. That, Dalke said, cuts down on the number of help desk tickets he and his staff receive.