Posts

5 Best Practices for Fast, Secure Wi-Fi on K-12 Campuses

When I was a high school student, bringing a smartphone into classrooms was not permitted. If you were caught with any electronic device, it would be confiscated. Pronto.

In this new digital era, schools are embracing this transformation everywhere. Classrooms are changing, with Wi-Fi being the primary form of internet access. Students, faculty and guests also use more than one device at a time, including laptops, tablets, wearables and smartphones. As the number of devices grow, it becomes critical to plan your K-12 networks effectively and future-proof it to be able to implement newer and safer technology.

If you’re expanding, upgrading or building a secure wireless network for K-12 campus or districts, review these five helpful best practices.

Plan for density

Secure Wi-Fi networks are often planned based on coverage. If the wireless signal simply covers a classroom it does not signify that it can actually handle the device density in that room. With students and faculty using multiple devices, the number of devices connected to a particular wireless access point increases. Ensure that you are prepared for max traffic density in your classroom — and across the entire campus.

How? As a first approach, ensure you have sufficient coverage and layer this with density. Use a site survey tool like the SonicWall WiFi Planner to make this process easier to visualize. Next, estimate where you find max device density, peak traffic and plan your Wi-Fi deployment around this.

Go cloud

More applications and functions are moving to the cloud (or are likely already there). For K-12 schools untethering Wi-Fi from their wireless controller or firewalls, the cloud offers powerful infrastructure and applications to simplify management and security.

By going this route, K-12 districts and schools have the flexibility to manage wireless security solutions from the cloud, scale limitlessly and also drive down TCO.

How? Transition to a cloud-managed wireless solution. The SonicWall wireless solution can be managed by the WiFi Cloud Manager, which is a scalable, centralized Wi-Fi network management system, simplifying wireless access, control and troubleshooting capabilities across networks of any size or region.

Accessible through SonicWall Capture Security Center (CSC), WiFi Cloud Manager unifies multiple tenants, locations and zones while simultaneously supporting tens of thousands of SonicWave wireless access points.

Single-pane-of-glass management

Managing multiple management dashboards is challenging as there is a high risk of things falling through the cracks. To avoid this and to streamline the process it is essential to have a single-pane-of-glass management system with real-time analytics to capture threats and abnormalities in your network. This type of management saves you time and helps you become proactive rather than reactive.

How? Empower yourself with the right management solution to govern your entire network security ecosystem from a single dashboard. Capture Security Center is a scalable cloud-based security management system that’s a built-in, ready-to-use component of your SonicWall product or service.

Capture Security Center features single sign-on (SSO) and single-pane-of-glass management. It integrates the functionality of the Capture Cloud Platform to deliver robust security management, analytics and real-time threat intelligence for your entire portfolio of network, email, mobile and cloud security resources.

Enable content filtering

Wi-Fi is an easy gateway for malicious attacks. It must be protected with the right encryption and security mechanisms. Create granular policies to ensure that students are protected against malicious and non-reputable websites.

How? Ensure that you enable content filtering on your network. SonicWall provides a Content Filtering Service (CFS) that compares requested sites against a massive database in the cloud containing millions of rated URLs, IP addresses and domains. It provides administrators with the tools to create and apply policies that allow or deny access to sites based on individual or group identity, or by time of day, for over 50 pre-defined categories.

Future-proof with the latest technology

Ensure that you deploy the latest wireless technology in your schools. Future-proofing secure Wi-Fi is the best way to ensure that you get your money’s worth in the long term while providing the best user experience.

How? This does not mean you have to rip and replace your entire existing network. It could be a gradual approach, wherein you upgrade only critical units based on your needs. Build your network on the latest certified wireless standard: 802.11ac wave 2. Future-proof with wireless access points that are 802.11ac Wave 2-capable.

Adhering to these best practices will make your WiFi network efficient and secure — all while saving you time and money.

SonicWall Named 85th Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA)

SonicWall has recently been named the 85th Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA) by the MITRE Corporation, an international not-for-profit security institute.

What does this mean for SonicWall and the cyber security world at large? SonicWall has a new way to contribute to cyber security education and defense. The purpose of the CVE program is to provide a method and consortium for identifying vulnerabilities in a standardized manner.

SonicWall now has the authority to identify unique vulnerabilities within its products by issuing CVE IDs, publicly disclose vulnerabilities that have been newly identified, assign an ID, release vulnerability information without pre-publishing, and notify customers of other product vulnerabilities within the CNA’s program.

“This program takes us one step closer to reaching the transparency security administrators need in order to make swift and educated decisions when it comes to threat protection,” said SonicWall Chief Operating Officer Atul Dhablania in an official announcement. “SonicWall looks forward to working with MITRE in a collaborative effort to expand the arsenal of information needed to properly equip those who are being targeted or looking to strengthen their security posture.”

On a larger scale, the program is effective because an entire network of certified organizations works together, with the backing of numerous researchers and support personnel, to identify and stay ahead of emerging threats.

CVE Numbering Authorities (CNAs) are organizations that operate under the auspices of the CVE program to assign new CVE IDs to emerging vulnerabilities that affect devices and products within their scope.

The program is voluntary but the benefits are substantial, among them the opportunity to disclose a vulnerability with an already assigned CVE ID, the ability to control disclosure of vulnerability info without pre-publishing, and the notification of vulnerabilities for products within a CNAs scope by researchers who request a CVE ID from the CNA.

Becoming a part of the CVE program is a chance to not only connect to a vast network of organizations working to identify cyber threats, but also to contribute to the effort as a whole.

Exertis and SonicWall Pave the Way for KCSiE Guidance and Safer Internet Day

Note: This is a guest blog by Dominic Ryles, Marketing Manager at Exertis Enterprise, SonicWall’s leading distributor in the United Kingdom. Exertis is committed to providing a range of channel focused services designed to enhance your current technical knowledge and expertise in the areas of IT Security, Unified Communications, Integrated Networks and Specialist Software.


The Internet is forever changing education. Opening up a world of opportunities and transforming how students learn. New technologies inspire children and young people to be creative, communicate and learn, but the Internet has a dark side, making them vulnerable with the potential to expose themselves to danger, knowingly or unknowingly.

On the 5th September 2016, the UK Government through the Department of Education (DfE) updated the Keeping Children Safe in Education (KCSiE) guidelines to include a dedicated section for online safety. This means that every school and college will need to consider and review its safeguarding policies and procedures, focusing particularly on how they protect students online. The guidance calls for effective online safeguarding mechanisms with a mandatory requirement for all schools and colleges to have an appropriate filtering and monitoring systems in place, striking a balance between safeguarding and ‘overblocking,’ and being conscious not to create unreasonable restrictions on the use of technology as part of the education process.

When we think of ‘inappropriate material’ on the internet we often think of pornographic images, or even access to illegal sites to download movies and music,  but due to the widespread access to social media and other available platforms, the Internet has become a darker place since it first opened its doors back in 1969. Physical danger from divulging too much personal information, illegal activity such as identity theft and participation in hate or cult websites can lead to cyber bullying, and radicalisation in the modern day school, thus making children and young people vulnerable.

Earlier this year, Exertis, in conjunction with SonicWall, set out on a mission to raise awareness of KCSiE through a series of online and offline activities to the channel. We first put together our comprehensive ‘Appropriate Web Filtering and Monitoring for Schools and Colleges’ guide, which to date has received an overwhelming response from our partner base. The guide provides our reseller partners with all the information they need to understand the statutory changes, and how the SonicWall and Fastvue security solutions can enable educational establishments to become compliant. Towards the latter part of 2016, we registered to support Safer Internet Day (SID) 2017, a day dedicated to raising awareness of online safety for children and young people. Already in its sixth year, Safer Internet Day is run by the UK Safer Internet Centre, a combination of three leading UK organisations: SWGfL, Childnet International and Internet Watch Foundation with one mission – to promote the safe and responsible use of technology for young people. It will be the first year both companies have supported Safer Internet Day and we have been busy raising awareness in our local community. We approached two schools; St Margaret Ward Catholic Academy and The Co-Operative Academy and commissioned them to produce a large canvas painting with the topic ‘What does the internet mean to you?’ Students and teachers from both schools will come together to create two canvas paintings depicting the good and the bad of the internet from their perspective. We have given the schools 4-weeks to complete the art project and will be revisiting both schools on Safer Internet Day, 7th February to meet with the students and teachers behind the project, provide a talk around e-Safety, and with it, hope to raise awareness of children and young becoming safe on the Internet.


About Safer Internet Centre.

The UK Safer Internet Centre are a partnership of three leading organisations: SWGfL, Childnet International and Internet Watch Foundation with one mission – to promote the safe and responsible use of technology for young people. The partnership was appointed by the European Commission as the Safer Internet Centre for the UK in January 2011 and last year reached 2.8 million children. To find out more. Please visit – https://www.saferinternet.org.uk/

About Exertis (UK) Ltd.

Exertis is one of Europe’s largest and fastest growing technology distribution and specialist service providers. We partner with 360 global technology brands and over 28,850 resellers, e-commerce operators and retailers across Europe. Our scale and knowledge, combined with our experience across the technology sector, enables us to continue innovate and deliver market leading services for our partners. To find out more, please visit our website – http://www.exertis.co.uk/

Three Core Network Security Tips From a K-12 IT Expert

Every moment of every day, anyone or any organization, government or institution – including K-12 – can fall victim to the latest threats and cyber-attacks. If you’re accountable for the network security of an entire school district, you know your success rests largely on everyone understanding and staying current with today’s complex and dynamic risk environment and how to avoid it.

K-12 IT expert Larry Padgett bears this out: “The most important thing is to get everybody to agree that technology security is everyone’s game, everybody on campus, and every division, department and schools must be fully engaged. Otherwise, it is going to be very difficult to be successful.”

Larry is the Director of IT Infrastructure, System Support, Security, and Governance for the School District of Palm Beach County (SDPBC). A career technology leader for more than 29 years, Larry oversees an IT infrastructure that is considered larger than the Coca-Cola® Company in terms of the number of ports and how his networks are laid out. SDPBC is one of the largest school district in the United States, with 187 schools and 225,000 thousands user accounts under management, including students, faculty, and general staff.

I had the privilege of meeting Larry at the 2015 SonicWall World Conference in Austin, Texas, where I had the opportunity to ask him specifically about the things that he is doing differently that allowed SDPBC to be successful.

Larry explained how security vendors typically talk about security as a layered approach but it can’t end there. He then described SDPBC’s winning approach to security rests on three core pillars: people, process and technology.

You must identify those who are, and who aren’t, fully engaged in exercising cyber hygiene within your district. You are responsible for every PC, servers and applications on your network. You’ll need to know if you are getting support from the board and leadership level down to everyone in the district.

People

  • How do you know if they are knowledgeable about security?
  • Can they identify the risks?
  • Do they all understand the risks?
  • What trial and test do you have in place to measure how knowledgeable they are about security?

If they’re not all engaged, you’re simply not going to be as successful as you could be. If they’re not as knowledgeable as they need to be, you would want to start discussing security as an everyday topic in your staff meetings, in the classrooms and, more importantly, in your executive and board room discussions. If security isn’t one of the top topics on the board agenda, you have much important work to do to get their buy-in, because nowadays, security is a key risk metric. Your ultimate goal is to get everybody to agree that security is everyone’s game so they become proactively involved in helping your institution be successful.

Process

When there are people involved, you also need to have processes in place that would allow you to make sure that you are doing the right things, that they are doing them well and that what they do is actually effective for the state of business you’re currently operating in.

  • What processes are you using?
  • Have you written them down?
  • How do you know if they are being followed?
  • How are they monitored and measured?

These are questions that enable you to think through all of the risks that you’re going to mitigate, and follow-through with implementing robust security policies and practices that can help put you in a better position for success.

Technology

Begin embracing a layered security approach as part of your defense-in-depth framework, because it provides you an effective and proactive way to help fend off today’s advanced threats. At a minimum, the top five security services that you must have as part of your layered security defense are:

  1. A capable intrusion prevention system with threat detection services that can provide complete anti-evasion and inbound anti-spam, anti-phishing and anti-virus protection
  2. SSL inspection to detect and prevent today’s advance evasive tactics and compromised web sites from sneaking malware into your network though the use of encryption
  3. Around-the-clock threat counter-intelligence for your next-generation firewalls and intrusion prevention systems, so you can receive the latest countermeasures to combat new vulnerabilities as they are discovered
  4. Email filtering and encryption to secure both inbound and outbound communications
  5. Security for endpoints, since most network infections begin with a compromised user device