Making the Case for Network Access Control in Higher Education: 3 Points to Consider
Managing the growing number of connected devices on college and university campuses is an essential part of every successful wireless network. Depending on what study you look at, the average student today owns between 3-5 devices, some even saying that number is as high as seven.
Even if you choose to go with conservative numbers the reality is there are a lot of connected devices that need to be addressed on campuses today.
Colleges and universities can't just limit the number of devices students can bring with them to school. Managing network access is a mission-critical task and one that has to be addressed properly.
So, how do you safely and effectively manage all of the devices accessing your campus wifi network?
A great solution is network access control.
Whether you don't fully understand how a NAC solution can benefit your school, if it will integrate with your current wireless platform or if you can afford it or not, here are three points you should consider to help you make an informed decision.
How will NAC benefit your school?
You wouldn't be here if you weren't having wifi problems around visibility and control of the devices accessing your network.
We define network access control as, "defining a set of conditions to address how you want to handle a device."
For example, a college wants to allow both school owned and personally owned (BYOD) laptops and iOS devices, with NAC you can address this scenario.
However, what if the school also wants to block all mobile phones?
On many wireless networks there's no way for you to differentiate between a laptop, a tablet and a phone, it's all seen as the same device, they don't have a way to understand what the differences are.
With the right network access control solution you can profile those devices and you can break them into categories.
Suggested Reading: Do You Need Network Access Control? 10 Questions To Ask Yourself
So going back to the school, you can now create a condition specific to mobile phones that says if you're connecting with a mobile phone put it in the deny role or throw it into the VLAN that has no access to any resources like a quarantine VLAN.
Even though the user with the mobile phone is authenticated they can't go anywhere on that device because of that specific condition.
Taking this a step further, let's say that everyone isn't allowed to put their mobile phones on the network but you have some school owned phones for specific people say the Facilities Manager, Dean etc. and you want to grant them access so no matter where they are on campus they're reachable.
So how do you differentiate between those few people who are deemed critical and can have those phones on the network versus everybody else?
Using network access control you can write conditions to specify those devices with specific users and allow them on the network while denying everyone else.
NAC allows you to be as granular as you need to be in terms of who and what is allowed to get on your network.
There are so many devices that want and need to get onto your campus wifi network but each user or device should only have access to everything they need, nothing more and nothing less, NAC gives you this ability.
Will NAC integrate with my current system?
Every environment is different and no two systems are 100% alike, so when it comes to managing access to your network your NAC solution should have the ability to integrate into any existing WLAN infrastructure.
Is network access control too expensive and only applicable for large, complex networks?
NAC right out of the box at the base level is more affordable than you would expect and it can be applied to schools of all different sizes.
There are different services that you can add on that will increase the price as well as different licenses that will add to the price tag depending on how many devices you need to support, but the more you spend the better the savings.
NAC is a viable solution for every college and university, not just the biggest networks with the most users/devices. You could be a school of 150-200 students supporting a few hundred devices all they up to a school supporting thousands of students with thousands of devices and connected IoT objects.
Affordability is subjective but the real takeaway is that NAC is more within reach than you might think.
At SecurEdge Networks, we know we can't be all things to all people, but what we do know is how to design and implement, reliable, affordable, safe and easy to support wireless platforms. If you have any questions about NAC or would like to discuss and upcoming project, please contact us here.
Danny is the Marketing Manager at SecurEdge Networks. This basically means it’s his mission in life to make sure you have the secure mobility tools and resources that you actually want and can use. P.S. He also loves a good craft beer.