Complete Network Visibility and Automated Access Provisioning
The environment at Kerry County Council in the south west of Ireland consists of over 800 users across 70 sites. In June 2009, the Council experienced a virus outbreak due to a compromised laptop connecting to the network. After reviewing a number of potential solutions, the Council realised that due to their geographically dispersed wired and wireless network, that only a network access control (NAC) solution would provide complete network visibility and prevent future outbreaks. “The big challenge was the amount of sites and the geographical separation. We looked at port based security, but it was just too difficult to implement. We even looked at having a centralised DHCP server for everything and tying it down by MAC address, but again it was too complex and would have created more problems for us to manage. The only solution for us was NAC” said Padraig Daughton, network analyst at Kerry County Council. Since the network was mainly based upon Cisco, the Council first considered a Cisco NAC solution however due to costs and its reliance on switch models and functionality, the solution was not suitable for their environment.
The Council then reviewed the market and evaluated five solutions before selecting Khipu Networks, for the implementation of Bradford Networks Network Sentry platform. The Network Sentry platform architecture enables the Council to automatically provision network resources securely based on pre-established policies. Khipu offering was extremely flexible, allowing us to deploy a central solution across all of our 70+ sites without the need to upgrade or replace any of our network infrastructure. It was an ideal fit within our network, making the implementation smooth without any disruption to network services. Other solutions that were considered required multiple systems to be deployed into many areas of our network, whereas the out-of-band architecture of the Bradford Networks solution, required a single platform installed centrally that would then manage and secure access for all of our users across wired, wireless and VPN, said Daughton.
Khipu NAC solution, based upon Bradford Network Network Sentry technology, provides Kerry County Council with the following;
- Complete Network Visibility of Devices (IP and MAC Address), User logged on, Health, Type and Location.
- An automated compliance check that is seamless to the user
- A self-healing process that does not require IT support intervention
- Prevents unauthorised or non-compliant devices accessing the Council network.
Now that the solution has been deployed into Council’s environment network, users across multiple locations can now seamlessly authenticate to the network with their device(s) being checked for compliance before being granted network access. Using Bradford Networks Persistent Agent technology, the check is transparent to the user unless the device fails to meet compliance. In the event that it does, easy self-help instructions are provided, enabling the user to update their device to meet the Council’s policy and be granted network access. With the solution being live on the wired and wireless networks since January 2010, it is now being rolled out to the Council’s VPN users to provide complete network visibility and secure access to all users within the Council.
For further information, please contact Khipu:
- +44(0)845 2720900
About Kerry County Council (www.kerrycoco.ie)
Kerry County Council provide the planning framework and essential infrastructure and services that shape the social, economic, and cultural development of Kerry county. Kerry known as “The Kingdom” is the fifth largest County in Ireland with a geographical spread of 4701sq km with a population of 132,527. Kerry County Council employs 1,307 employees and has seven Area Offices, nine Branch Libraries, and ten Fire Stations strategically situated throughout the County.
About Khipu Networks (www.khipu-networks.com)
Khipu Networks core business is to provide secure and dynamic network solutions into public sector and corporate organisations, providing the following;
- ACCESS – Wireless and Remote Mobility, LAN Infrastructures and Core Network Services Solutions
- VISIBILITY – Device Visibility, User, Content and Threat Identification and Network Behaviour Analysis
- CONTROL – Network Access Control, Next Generation Firewalls and Intrusion Prevention Solution