Gary Porritt is the core systems administrator at Middlesbrough College, a further and higher education institution where up to 10,000 students are enrolled at any one time. Its high turnover demands that robust, effective security controls are constantly maintained.
The college recently installed LANDesk Management Suite, primarily as a means to improve hardware and software deployment, and with one eye on a large-scale migration from Windows XP to Windows 7 in the future. But Porritt also wanted to make sure the college’s 1,600 desktop PCs and several hundred laptops always had the very latest security patches installed.
Further reading
“In the past we did not have a patch management system – we went round and manually patched each machine every year using a simple patching tool,” he says. “LANDesk now lets us create pilot groups, synchronise the patches we need to deploy, and try them out for a week or two before deploying them to the whole college.”
Apart from using LANDesk to make sure that operating system and application security is hardened and up to date, the college also uses a variety of other security hardware and software to protect its network and users from malware and unauthorised access.
“We use Sophos anti-virus and Juniper’s hardware-based firewall [at the end point and network perimeter], as well as Active Directory controls for user access management,” says Porritt.
The college also uses the Ranger for Networks application to lock down its PCs so that users cannot reconfigure them or change system or application settings to circumvent other controls.
“It stops users doing anything that could cause trouble, such as running command prompts, getting into menu items, using different drivers, or running executable files on pen drives,” says Porritt. “We have a problem with students trying to get around the systems all the time so if, for example, they open up the Internet Options menu [on the browser], it results in a closure page that stops them right away.”
The college also uses a Bluecoat Systems proxy to filter its web traffic, and has configured a rule on its firewall that means anything that has not gone through the proxy is not allowed into the outside world. A dedicated network access control appliance from Juniper also logs separate users onto dynamic virtual LANs, which dictate groups of resources they can access.
Read about the tools and strategies IT leaders in challenging security environments use to control what goes into and out of their core systems here
Have your say on this article
Newsletters
Latest stories from Security Technology
Latest videos
You may also like
Security Technology jobs
Technology Patent Wars
Staff are increasingly using their personal devices for work. Productivity may increase as a result, but the trend brings with it security risks
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
