|
The iPolicy Networks security solution has proven effective protecting educational institutions
and enforcing acceptable network use policies while protecting the integrity of campus networks.
The iPolicy Networks Intrusion Prevention Firewall is helping higher-education block attacks
and foil intrusion attempts into administrative servers holding student records and prevent use
of the open campus network to launch attacks against hosts outside.
iPolicy Case Studies
Nederland Independent School District
For school districts and universities, a common issue plaguing them has
been insider threats. The Internet has become a one-stop shop for free exploits and attack software.
Armed with these free tools, students often indulge in testing them out on campus networks – and
in some cases launching external attacks as well. In early 2004, the Nederland Independent School
District, with around 5000 students spread across 8 campuses, was facing a similar challenge – and
it soon escalated into a critical internal security breach. This case study discusses how Nederland
deployed iPolicy’s Intrusion Prevention Firewall appliance to complement their perimeter
security measures with a strong internal security shield to give protection from both internal
and external threats. Read
more
John Brown University
John Brown University, located in Siloam Springs, Arkansas, was founded
in 1919 as a vocational school and since then has grown into a fully accredited Christian University
serving more than 1900 students with a state-of-the-art networking infrastructure. The Blaster
and Nachi worms in 2003 proved to be a rude awakening for them as administrators had a difficult
time patching individual student machines. While they purchased an access control solution,
they also started a parallel process to evaluate solutions which would provide them protection
from future threats. This case study discusses their decision-making processes as they narrowed
down to select the iPolicy appliance, and how the integrated security architecture of the iPolicy
appliance provides a strong foundation to deal with the future attacks. Read
more
Children Information Protection Act (CIPA)
“The Internet is a powerful influence in the lives of our children. It is a truly global
knowledge bank. Inherent in it however, are the dangers associated with any other uncontrolled
communication medium – exposure to unwanted content in the form of adult/sexually explicit
content and violence and hatred sites.”
One of the major drivers of the explosive growth of the Internet has been its rapid adoption
in schools and universities as a critical tool for success. In fact, children and teenagers together
probably form the largest user group of Internet. It has become an integral part of the curriculum
in most schools as it provides students with additional research tools, new avenues of expression,
connection to other communities and new skills to obtain quality jobs, among other benefits.
On the flip side, schools and institutions embracing this technology are increasingly faced with
the unpleasant challenge of how to provide a safe online experience. According to a recent
poll conducted by Harris Interactive, 71 percent of parents think a major portion of the responsibility
for ensuring children’s safety on the Internet falls to schools ensuring children’s
safety on the Internet falls to schools (Source: Cable in the Classroom). While using the Internet
for their research and study projects children can be inadvertently exposed to inappropriate
content like pornography, hate sites and sites promoting violence that can have a serious impact
on their impressionable minds. Yet another emerging threat in the online environment is abuse
of the fast-growing social networking sites like myspace.com that attract online predators looking
to exploit children.
As these threats emerge, the government has come up with different regulations to help educational
institutions address these dangers. In October 2000, Congress passed the Children’s Internet
Protection Act (CIPA) as part of the Consolidated Appropriations Act. CIPA requires schools and
libraries receiving discounted telecommunications, Internet access or internal connections services
through federal funding mechanisms like the “E-Rate” program to certify and adopt
an Internet safety policy. There are three prime requirements for CIPA compliance.
- Implementation of Internet Content Filtering - Educational institutions are required
to implement a “technology protection measure” to block access to visual depictions
that: (a) are deemed obscene, (b) contain child pornography, or (c) when computers with Internet
access are used by minors, are harmful to minors. This filtering mechanism needs to be enabled
for all computers whether they are used by adults or children.
- Implementation of an Internet Safety Policy - While enforcing the filtering policies
described above, the schools and libraries need to enforce an “Internet Safety Policy” addressing:
(a) restricted access for minors to materials harmful to them (b) the safety and security of
minors when using electronic mail, chat rooms, and other forms of direct electronic communications;
(c) unauthorized access, including so-called “hacking,” and other unlawful activities
by minors online; (d) unauthorized disclosure, use, and dissemination of personal information
regarding minors.
- Internet Content Access Monitoring Policy - This policy requires tracking the child’s
online activities. While CIPA does not require the tracking of Internet usage by minors or adults,
it requires the ability to monitor the kind of sites the children are visiting. This would allow
the school or library to effectively block sites which are hosting inappropriate content and
also give guidance to the
students.
The iPolicy Solution – Building a Complete CIPA-Compliant
Framework
The iPolicy Intrusion Prevention Firewall is the industry’s most advanced
integrated network security appliance which offers a simple and elegant method of developing
and implementing an Internet Safety Policy for CIPA compliance. The iPolicy solution has been
proven in the largest of service provider and private network environments. It has been recognized
as one of the most visionary network security solutions by Gartner, a leading industry analyst
firm.
The iPolicy solution includes the key components necessary for CIPA compliance:
- URL Filtering Module – The iPolicy URL filtering module covers around 1.8 billion web pages and more than 10
million URLs. One of the biggest decisions for the network administrator is how to identify
which categories to block. All the web pages in the database are categorized into 45 well-defined
groups which can be blocked or allowed per the school or library policy . The extensive categorization
helps avoid the common issue of over-blocking of constitutionally protected content.
- Intrusion Detection and Prevention Module – “Script kiddies” interested
in launching attacks can actively search for exploit codes and hacking tools that are freely
available on the Internet. iPolicy’s IDS/IPS module includes extensive protection for
both internal and external networks from all well-known and emerging exploits by using multiple
signature and anomaly-based technologies. Its prevention actions are the most comprehensive
compared to any other solution available today.
- Application-aware Deep Inspection Firewall – The URL Filtering and Intrusion
Prevention modules are complemented with iPolicy’s deep packet inspection firewall, built-in
to ensure the safe use of communication over protocols like email and instant messaging. The
iPolicy Layer 3-7 firewall, designed for deep packet inspection, analyzes the payloads of not
only recognized protocols, but also of protocols which run on ephemeral ports.
Read more about
how iPolicy Networks solution can help you achieve CIPA compliance.
|
