Network Security

Case study: Huntsville Independent School District and Network Box USA

Keeping up with technology needs is a formidable task for any enterprise anywhere on the planet. But, for educational facilities, the challenge is often exacerbated by the desire to keep the network as open as possible – while still protecting applications from attack.

For one school system in Texas, getting up to speed meant replacing legacy systems to meet ever-evolving demands from the students, faculty and staff who were not only requiring connectivity from on-premises desktops, but – as might be expected these days – a whole range of laptops and personal mobile devices as well.

The Huntsville Independent School District (HISD) includes eight facilities, all located in Huntsville, Texas, just north of Houston. It encompasses six school campuses and two buildings housing administration and support personnel in maintenance and special education. It serves more than 8,000 people, including students and staff, and its network is comprised of approximately 4,000 desktop and mobile devices, with an additional 2,200 devices part of the district's bring-your-own-device (BYOD) initiative.

HISD is committed to providing quality educational opportunities for its students and has set high expectations for student achievement from the district, the parents and the community, says Tracie Simental, director of technology at HISD. "And, technology plays a major role in making these expectations become realities."

Ten years ago, the district was using a firewall and content filtering from two separate well-known vendors. These systems were managed by a single staff person. But, with today's more dispersed endpoints and teachers and students increasingly demanding to explore more content that was traditionally blocked, it became an almost overwhelming job for staff to manage the firewall, keep it updated and provide other needed support, says Simental.

At the same time, there were other devices required for email scanning and anti-virus, leaving Simental with no option but to purchase multiple devices. On top of that, the school's content filtering provider decided to triple its license fee.

Simental (left) and her IT staff of six began to explore other alternatives.

After an evaluation process,  she and her network administrator chose a solution from Netwok Box USA. "The company's managed UTM+ did all of these things in one single device – content filtering, caching, email and anti-virus scanning, as well as intrusion prevention, plus they supported work tickets on the products," she says. "Our IT staff filed tickets and Network Box did the work."

Another motivation in implementing a content filter was meeting compliance with the Child Internet Protection Act, as federal funding is tied directly to it. "For our district, that's several hundreds of thousands of dollars at risk if we don't comply," says Simental. "Not to mention the security of our network."

She hasn't looked back. "We evaluated other content filtering solutions, which don't provide the all-in-one services, and even with the advances in technology, with other vendors we'd still have to purchase and deploy separate appliances," she says. "Using two Network Box E-4000X models in two locations continues to be the only viable solution on a cost/benefit basis."

How does it work?

Network Box is a service and a UTM at the same time, says Pierluigi Stella (below), CTO at Network Box USA, based in Houston. "As a UTM, it scans all inbound and outbound traffic for immediate protection," he says. "As a service, the company's Security Response Center monitors the devices and anonymously collects attack patterns and data to create new signatures to protect its customers. The devices are fully managed and monitored, constantly updated and always kept in superior protection configuration."

The solution associates a strong service with an equally robust UTM solution to guarantee the best protection, says Stella. "Our PUSH updates and continuous monitoring guarantee that the device is always properly configured, updated with the latest available signatures, and in prime position to ensure the best protection possible for our customers," says Stella.

Network Box USA continues to improve its services, the real-time scanning of http traffic, zero-day signature base and constant virus updating, says Simental.

HISD has also implemented opening and scanning of email for improved performance, she says. Instead of just looking at attachments, Network Box improved its functionality to look at emails.

As well, her team recently evaluated content filtering solutions for the district's BYOD initiative for another layer of reporting. They found the Network Box next-generation solution addresses this to pull reports and better see what's happening with its data plus IPv6 transparency. "Again, it's an easy choice to continue to grow the services with Network Box," says Simental.

Deployment of the Network Box went smoothly, she says. "We have done several deployments as we've upgraded over the years, and it has always gone smoothly." It now manages the  entire WAN across the district.

And, it is exceeding her expectations as they've not encountered any large problems or intrusions. "At one point, our AV expired on the Exchange Server, so all email was being scanned only by Network Box – an eye-opener on just how much security Network Box provides," she says.

HISD is continually upgrading its network and next year plans to expand for redundancy. "Network Box does such a great job of supporting the network that we want to install a back-up to avoid a single point of failure," Simental says.

Network Box has a proprietary patented method called HQPUSH updates, Stella explains. The Security Operations Centers managing the devices make a secure connection to each individual box and then PUSHes out the updates, whether AV, anti-spam or IPS signatures or any other form of update. Signature updates are automated and happen at a rate of about 300 times a day, or, on average, once every six minutes, says Stella.

"At the moment, we are PUSHing out an average of 160,000 new signatures every week, to the tune of almost two million every three months," Stella says. "PUSH updates are able to reach all our managed devices globally in 45 seconds and update them. Additionally, a system running on the device monitors the health of the signatures to ensure updates are successful." And, he adds, should a signature install fail, the SOC is immediately alerted so that in-house personnel may secure shell (SSH) to the device and fix any issues in real time.  

Collectively, these measures work to guarantee that Network Box devices are always running the latest protection and are consistently kept up to date, Stella says. "Protection is not only about having the protection and the signatures, but especially about having them before the malware hits a network." PUSHing out the signatures quickly ensures that they are installed and working in real time, all the time, he adds.

The advanced technology has alleviated a lot of the personnel hours needed prior. "We have not had to make any changes to our security policies," says Simental. Network Box USA has everything, is ahead of the game, and putting out services before the impact of the threats even reaches our system. We feel very protected."


For reprints of this case study, contact Elton Wong at [email protected] or 646-638-6101.
 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.