A flood of student-owned mobile devices was wreaking havoc on Bodwell High School

Vancouver school averts BYOD chaos with UTM tool
Until the deployment of an endpoint and network protection appliance from Sophos Ltd., IT personnel at Bodwell High School in North Vancouver were having a challenging time meeting the high bandwidth and security demands of the school’s staff and student population.
The two-acre waterfront campus overlooking Vancouver Harbour always strived to provide its students with the latest in technology to assist their learning, according Steve O’Neil, the school’s systems administrator. For instance, apart from a spacious and well-equipped multi-purpose gym and a presentation theatre, Bodwell also has computer rooms and provides wireless Internet access throughout the campus to support the a bring your own device program.

However, with no less than 500 boarding students using an average of three mobile devices each (an MP3 player with Wi-Fi, laptop and mobile phone), the load on Bodwell’s aging network infrastructure was causing network slowdowns and security concerns, said O’Neil.

Unbalanced distribution of traffic was a also frequent problem with the network’s antiquated antennas. For example, one antenna could have 50 students using it while another would only have 10 users.

“Our 36 unmanaged Cisco wireless access points often locked up,” he said. “If even one student downloaded high bandwidth videos, performance could become unacceptable for others nearby.”

The lack of a remote management tool also meant that IT personnel’s time was taken up by manually resetting access points that locked up at least once to three times a day.

Exercising control over applications such as Skype which were being run by students was also proving to be tough as was the ability to secure the wide range of devices used in campus.

“We not only have BYOD, we have BYOD from around the world,” O’Neil said. “We encounter the Russian version of Facebook, Chinese QQ (IM/chat), multiple languages and content that’s legal outside North America but not here.”

Bodwell itself was suffering from the effects of multiple non-integrated systems from different vendors.

O’Neil said Bodwell looked at several unified device management tool manufacturers but found most of them costly. After testing various products, O’Neil said, they decided to purchase Sophos’ UTM (unified threat management) 625 high availability mode appliance with the company’s V9.0 software for integrated gateway and endpoint security.

Since 2004, UTM tools have been widely used as a primary gateway defence for many large and medium sized organizations. UTMs are typically all-in-one security products perform network firewalling, network intrusion prevention and gateway antivirus, anti-spam, load balancing, appliance reporting and load balancing.

Richmond, B.C.-based IT integrator Opus Consulting Group Ltd. helped Bodwell migrate its data from the old network hardware to the new system and deploy new Brocade switches that were integrated to the new Sophos UTM appliances and Bodwell’s active directory.

O’Neil said the new system enables the IT department to monitor bandwidth usages and track device activity more accurately.

“Now, we are able to determine how much bandwidth is being used, track down bottlenecks and allocate bandwidth to areas where it is needed at the moment that it is needed,” he said.

O’Neil can now also update security software and roll out antivirus protection to student and staff laptops from a centrally from a single console.

He also able to control access to social networks based of the school’s schedule and designated areas.

“For example, I created a school network that completely blocks social networks from 8 am to 3:30 pm when students are supposed to be in classrooms,” said O’Neil. “A separate dorm network allows students to access social networks like Facebook from their dorms but still blocks risky or high bandwidth apps such as Farmville and Mafia Wars.”

 

 

 

 

Related Download
IDC Analyst Connection - Unified Threat Management: Benefits of an Integrated Approach to Network Security Sponsor: Fortinet
IDC Analyst Connection – Unified Threat Management: Benefits of an Integrated Approach to Network Security
This IDC Analyst Connection looks at the the benefits of using a UTM platform integrated with network connectivity and how it will save the enterprise money, reduce the number of vendors' products needed to be purchased, improve the communications between devices, offer the opportunity for organizations to deploy more sophisticated capabilities, and vastly improve security.
Register Now
Share on LinkedIn Share with Google+ Comment on this article