Network Admission Control

NAC Frequently Asked Questions (FAQ)
Q.  What is Network Access Control?
Q.  What is Safe-Connect?
Q. Who and what is affected by Safe-Connect?
Q. What will Safe-Connect do?
Q.  What policies will Safe-Connect check for?
Q.  What is a Peer to Peer (P2P) file sharing program?
Q.  What mobile devices are allowed?
Q.  Can I connect my gaming device to the network?
Q.  Why is my gaming device slow over the wireless network?
Q. When will Safe-Connect go into effect?

Q. What is Network Access Control?
A: Network Access Control is a type of technical system that performs network validation. The software performs the following functions:

  • Requires authentication to the network
  • Validates whether a system connecting to the network meets minimum security requirements.
  • Quarantines a system until it meets minimum security requirements.
  • Allows access to the network once a system is validated as “clean”.

Q: What Is Safe-Connect?
Safe-Connect Network Access Control (NAC) is a system being deployed at Savannah State University in an effort to bring real-time visibility of who is on our network at all times.  It also blocks unauthorized users from accessing our campus network and resources.

Safe-Connect NAC is a core component to securing our network and will ensure that our institutional computing resources are protected from unauthorized access. When connecting to the SSU network, you will benefit in knowing your computer is properly configured by meeting best-practice standards. You will also have reasonable assurance that others connected to our network are also protected and will not pose a threat to your computer or network access.

Safe-Connect also fulfill requirements handed down by the Board of Regents’ Office of Internal Audit for Savannah State University.

Q:  Who and What Is Affected By Safe-Connect?
All student wired and wireless networks and all faculty/staff wired and wireless networks will be required to install and run Safe-Connect policy key from their Macs or PC's in order to maintain full internet access (i.e., access beyond basic campus resources).  At this time, Apple iOS (e.g., iPhone, iPad, iTouch, iPod), Android phones and tablets, Linux and Windows mobile devices, and gaming devices are not required to install and run the Safe-Connect policy agent.

Q: What will Safe-Connect Do?
If you are running a Windows or MacIntosh laptop, Safe-Connect will install a small agent file called a ‘policy key’ onto your computer.  This will occur only one-time. Once installed, Safe-Connect's client will answer basic yes/no questions regarding security software installation, status and updates as well as operating system settings and relay that information so that Safe-Connect can provide the appropriate response to your computer's status. As of now, no antivirus or operating system updates will be checked for until Fall Semester 2014.  After the policy agent is installed, the user will then have access to the network. 

This agent does not monitor your machine/activity beyond retrieving basic yes/no information for these system "health checks".  Additionally, Safe-Connect is entirely passive when you are off the campus network and will not continue performing checks on your computer or communicate information about your machine. 

 

Q: What policies will Safe-Connect check for?
Basically, depending on your device, Safe-Connect will check for the following:

  1. You must successfully login using your TIGERWORLD User ID and Password;
  2. Download and install a policy key to all Windows and/or MacIntosh notebooks;
  3. To check if you are running a Peer to Peer (P2P) program.  If you are, you will be issued A WARNING ONLY.  You will still be allowed access to the network.

This coming Fall Semester 2014, Safe-Connect will check for the following:

  1. You must successfully login using your TIGERWORLD User ID and Password;
  2. Download and install a policy key to all Windows and/or MacIntosh notebooks;
  3. Depending on your system, check to see if you are running an anti-virus program;
  4. Depending on your operating system, check to see if you have applied Microsoft critical updates;
  5. Block network access if you are running a P2P program.  Once the P2P program is removed, you are allowed network access.

Users must login once every 24 hours.  If a user is running a Peer to Peer (P2P) file sharing program, they will be issued a warning every 12-hours that they have a P2P program running on their computer.  This will repeat until the program is removed from the computer.
Q: What is a Peer to Peer (P2P) file sharing program?
P2P file sharing programs have been predominately used to copy commercial music and video files, without the copyright holder’s permission.  This activity violates the Copyright Law.

Any of the following activities, if done without permission of the copyright owner, are illegal:

  • Copying and sharing images, music, movies, television shows or other copyrighted material through the use of P2P technology.
  • Purchasing a CD or DVD and then making copies for others.
  • Posting or plagiarizing copyrighted material on your personal Web space.
  • Downloading anything of which you don't already own a copy (software, MP3s, movies, television shows, etc.).

Copyright law applies to a wide variety of works, and covers much more than is listed above. If you're in doubt about a particular work, assume that it is copyrighted!  Since Savannah State University prohibits running a P2P program on your system, Safe-Connect will issue you a warning every 12-hours if it detects that you are running one. Once Fall Semester begins, you will be blocked from network access if Safe-Connect detect a P2P program running on your system.

 

Q: What mobile devices are allowed on the SSU network?

During this phase, the following mobile devices will be allowed onto the campus network:

  • Apple iPads, iPhones, and MacIntosh Notebooks
  • Microsoft Tablets, smartphones, and notebooks
  • Android Tablets & smartphones
  • Chrome books
  • Palm smartphones
  • Blackberry smartphones
  • Nokia mobile devices
  • Linux mobile devices
  • Microsoft, Nintendo, & Sony Gaming devices

    Q: How can I connect my gaming device to the network?
    Each student is allowed to attach up to five gaming consoles to the campus network.  When the student is on campus with their gaming device, they must attach it to the campus network first, and then register it at the following website:
    https://auth.impulse.com:8443/enroll
    Registration for each device is good for 120-days.  At the end of the 120th -day, registration will be revoked.  The student must re-register the device should they decide to use it again.
    Q: Why is my gaming device slow over the wireless network?
    Bandwidth over a wireless connection is much slower than over a wired connection.  We highly recommend and encourage you to attach your gaming console to a wired connection if available.  The following dorms have wired connections in each room:

    1. University Commons
    2. University Village
    3. Freshman Living Learning Center

    If your device requires a network patch cable and you do not have one, please stop by the Helpdesk office to acquire one.
    Q: When will Safe-Connect go into effect?
    We plan to go-live with phase 1 of Safe-Connect NAC on this Friday, March 28th, 2014 around 9:00am.
    Should you have a mobile device that was not in the list above, more than likely it will be allowed access to the network if it provides a browser for you to sign-on using your TIGERWORLD user ID and password.  If you have forgotten your TIGERWORLD user ID and password, please go to https://simba.savannahstate.edu/students/login.aspx  to reset it.
    After the implementation of this first phase we will monitor the use and quality of service of the campus networks.  If there are additional adjustments that need to be made, they will not be implemented before the fall semester 2014.