Network Security

Case study: Easing learning

Connection issues prompted an educational service in Illinois to find a solution to speed distribution of teaching materials. Greg Masters reports.

It's all about connections, but it's not always about who you know. In the case of an education service in Illinois,  it's about what tools are used to facilitate communication.

Libertyville, Ill.-based Ombudsman Educational Services (OES) was having issues with its network connectivity, and this was unacceptable for an education service needing to provide teaching materials to students across 120 school districts.

OES is a division of Educational Services of America (ESA), a leading provider of behavior therapy and alternative and special education programs for children and young adults. OES partners provides alternative education programs to students who have dropped out of school or are at risk of dropping out. The company works with more than 13,500 clients and students each day across its three divisions.

The company's educational materials include videos to remotely connected PCs and, after a time, with its WLAN experiencing connection issues with the PCs as well as introducing an additional layer of complexity to the network, the five-person IT team set itself the task of finding a solution. Harold Ragland, director of network infrastructure, and Blayne Potter, WAN administrator, led the charge.

Being as OES already was a Fortinet customer, the team decided to try its access points product. “We were using Fortigates for security and decided to try the FortiAPs when they were available,” says Ragland. “The testing went great and by using the Fortigates as WLAN controllers our network complexity was reduced as was the capital expenditure of our future expansions by eliminating the other vendor's controller.” An additional benefit, he says, was that operating expenses also were lowered by having fewer devices to cover with support.

Having the ability to provide teaching materials and videos to its students via the WLAN is a basic requirement, Ragland says. His team also wanted to reduce the costs of its new Learning Center deployments. “Not needing a traditional Cat5 [Ethernet cabling standard] infrastructure reduced cost and network build out time,” he says. “We can build a Learning Center network in one day.”

Deployment was very smooth, he adds. “We were up and running in 30 minutes.”

Managing the APs directly from the company's Fortigates has made operating the WLAN much easier than having a separate overlay WLAN, says Ragland.

FortiAPs are deployed in all 130 schools and the enterprise's headquarters. Fortinet touches the entire company across all divisions, which allows Ombudsman to report status per the Child Protection Acts. The entity also has the capability to uncover and mitigate rogue APs, which could possibly allow for their users' personal information to be leaked.

Fortinet has combined security and access into a complete solution, says Neil Sundstrom (right), VP wireless solutions at Fortinet. “A controller for the wireless access points is built into every Fortigate UTM appliance, delivering a single pane of glass for management of both the wired users and the wireless users.”
Owing to this combination, a network manager can provide the same user, device and application security policies to both the wired and wireless users, he adds.

Detailed reporting on the network, users, applications and devices is provided through FortiManager or FortiAnalyzer products, so a network manager needs only one screen to understand issues on the network and provide assistance with troubleshooting or reporting at any time.

Meanwhile, Ombudsman/ESA is expanding rapidly and plans on installing Fortigates and FortiAPs in all its new schools.

At press time, 80 percent of the locations are 100 percent wireless. And, as new threats arise every day, the Fortinet implementation helps the facility keep students and faculty safe, as well as preventing access to unwanted sites and blocking malware and viruses.

What differentiates the Fortinet offering is that the wireless network is an overlay to the enterprise security network in competing offerings, Sundstrom explains. Wireless users are mapped to the wireless network first and then re-mapped onto company-wide security policies in a ‘best efforts' manner. That, he says, can leave gaps in security policy that can be exploited by inside users or outside users.

“Not only are there security risks in a multilayer access approach, there is ultimately a higher total cost of ownership,” says Sundstrom. “Whether the overlay network is controller- or cloud-based, both have higher costs due either to extra hardware costs or monthly and annual recurring managed services costs.” Fortinet, he adds, does not charge a separate annual fee for the ongoing wireless controller interface or a monthly or annual fee for each access point.

The Fortinet wireless solution supports multiple methods for updating equipment, either directly from the Fortigate or from the FortiManager centralized management software, Sundstrom says. Centralized profiles associated with access points, enable updates to be easily pushed out from a central location, such as a data center, based on the needs of each profile. Additionally, access points can be updated individually if the network manager is having trouble with one specific access point. Reporting identifies any issues and drill downsare available to immediately isolate and fix them. 


For reprints of this case study, contact Elton Wong at [email protected] or 646-638-6101. 

For reprints of this case study, contact Elton Wong at [email protected] or 646-638-6101.

For reprints of this case study, contact Elton Wong at [email protected] or 646-638-6101.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.