Military college bolsters remote device access to support virtual lab

Vermont military college, Norwich University, improved student access to its virtual forensics lab with a new gateway from Array Networks.

The nation's oldest military private college has beefed up its virtual laboratory network with new gateway technology that enables secure remote device access and ease of use.

Northfield, Vt.-based Norwich University recently rolled out Array Networks Inc.'s AG Series secure access gateway to underpin the college's Center for Advanced Computing and Digital Forensics, using it to replace a VPN-anchored topology.

"We now have the stability we need," said Peter Stephenson, the center's director and NU's chief information and security officer. "At the end of the last semester, we were supporting 350 students on our system and the system works flawlessly. We've never had one minute's problem."

Among other functions, the center teaches students how to attack, analyze and defend computer systems as well as study virtualization, cloud computing and fraud detection. It is nationally recognized by a number of corporate and government agencies, including the U.S. National Security Agency and Department of Homeland Security, and it received a $975,000 grant from the National Science Foundation for its cyber-investigation efforts last year.

Former platform no longer doing the job

NU began retooling remote access to the center last year, said Mike Stephenson, the school's virtual laboratory systems manager. "Each machine is assigned to a student, and since they are virtual machines, the students can't really sit down at them. So what we needed to do was provide remote desktop access."

The frustration we had was that the back end was working beautifully, but students couldn't get to it. Now I don't think we have that problem at all.
Peter StephensonNorwich University

Mike said the center's remote device access technology at the time was no longer doing the job. "We initially went with a remote access gateway by [another vendor], and one of the things it touted above and beyond traditional VPN was its ability to allow users to log in via remote desktop, but the way it was done was somewhat kludgy," he said. "When we first had it up and running we were running it with a smaller class size, and we didn't have a lot of problems. But as we started to bring the system into production and had more classes and more students, we found that many configurations weren't supported. We spent a lot of time troubleshooting and waiting."

What NU needed was a system that could support remote desktop access and accommodate a wide variety of platforms and devices, but one without complex VPN technology. "Not all of our students are technically inclined; to say that you have to download this or install that is asking quite a bit from students," he said.

"It's easy for the user and the school," said Paul Anderson, Array's director of marketing, about the implementation. "All the instructor has to do is provide the URL, and after the student enters his credentials, he or she is presented with the workstation in the lab."

Relies on securing the connection

The Array gateway, with its built-in DesktopDirect remote access capability, met all of NU's demands, Mike said. "The DesktopDirect feature specifically does what I need it to do; it works across platforms and [accommodates] everything else I can throw at it."

Rather than an SSL-encrypted VPN tunnel, the Array gateway establishes a connection using the remote desktop protocol (RDP), and then encrypts that link. RDP over SSL "is a subtle difference but a very important one," Peter said, adding that this approach ensures that hackers can't infiltrate the network through a user's laptop or mobile device. Connection time, meanwhile, has been slashed, from 40 to 3 milliseconds.

The replacement project is valued at more than $2 million, almost all of which was donated by NU's technology partners, Peter said. As a top cyber-forensics academic program, NU was an early adopter of the virtual laboratory concept, which gives students access to applications and data without the need for a dedicated physical facility. The lab network is separate from NU's campus infrastructure and consists of a seven-host VMware virtual cluster and a nine-host Microsoft-based high-performance-computing cluster. The virtual cluster sports 256 GB of RAM and almost 40 TB of storage.

A cyber war room component of the digital forensics center hosts information security, cyber investigation and network attack and defend classes, among others, Peter said. Students can access the war room externally if desired, he said, adding that the room can also be completely isolated from its back-end computer clusters when students are working on projects such as dissecting live malware.

Expanding students who can use remote device access

"At the end of every class, I ask students what we should take or add for next semester," Peter said. "And I received a lot of really good suggestions for upgrading the lab content." Due in part to the remote access upgrade, "we will be making some significant changes in some of the things we are doing. From a standpoint of the system, we haven't begun to stress it. The frustration we had [with the old access system] was that the back end was working beautifully, but students couldn't get to it. Now I don't think we have that problem at all."

More than 500 students will access the virtual labs this fall -- ranging from computer science majors to students using computer-aided design in their construction engineering and architectural courses.

"We treated this as almost a development system, but now more classes are asking for access; one of my colleagues is at a conference this week and one of the things being talked about is the necessity to expand the lab's capabilities," Peter said. "I could not support this kind of lab effort at a university the size of Norwich unless we did it virtually. We couldn't support 350 students taking seven or eight courses at a time and have a separate room to accommodate all those servers. We couldn't do it, and the cost in manpower to administer a system like that would have been far higher. The other aspect is that our systems are administered by students, so the students on the systems administration team are getting an opportunity to work in a production environment on what would be a medium-sized virtual system."

Administering a system 700 miles away

Ease of oversight was key to Mike, who administers the gateway and the virtual lab via a mobile device from his office in suburban Detroit, some 700 miles southwest of Northfield. "It allows me to remote [access] to any device. Sometimes it's easier to bring up the Array application and remote right into a server or [other component] having a problem. There is a variety of ways I can manage the system."

NU has the Array platform running on a physical appliance rather than a VM to ensure security, Peter said. "Even before we bothered to register in the domain name system, which for a long time we didn't do for security reasons, we were getting pounded by [international hackers]. I don't want them to be able to get into the system before they reach a point where we can control them, and if they were in a VM, they are too far in."

In addition to boosting the number of students accessing the virtual lab, Peter said NU's other goal is to expand its "forensic cloud" capability, which will let the university collaborate with community colleges and other institutions that want to develop their own digital forensics programs. Mike also wants to expand mobile device support, allowing students to use smartphones and tablets as well as laptops to access the virtual lab.

This was last published in July 2013

Dig Deeper on Network virtualization technology