Business school shuns firewalls, keeps voice, data networks separate

WIth events such as the recent SQL Slammer worm, security has remained a major topic of discussion among networking technology experts.

But the IT director of one business school, HEC Montreal, freely admits that his organization relies mainly on the good old-fashioned user name and password

and doesn’t even use firewalls.

“”We have implemented security a bit differently than most private companies would do,”” said Paul Mireault, HEC Montreal’s director of technologies.

Instead of using a firewall, the school uses an access control list in order to prevent outside users from accessing important servers.

HEC (Ecole des hautes etudes commerciales of Montreal), which offers 31 undergraduate and graduate management study programs, has more than 8,000 ports in its buildings for students who need to plug in their notebook PCs. About 4,500 students have laptops.

Students who log in have access to the Internet, Mireault said, adding IT staff use intrusion detection to detect “”abnormal”” behaviour.

“”In a university environment, you have to balance ease of access with security,”” Mireault said. “”We’re not a high-tech company, where industrial espionage is an issue. We’re just a business school.””

DIVIDING THE NETWORK INTO SEGMENTS

HEC is in the process of implementing authenticated virtual local-area networking (VLAN) technology from Alcatel SA. School officials plan to set up a primary address server, which will identify users with permission to access certain machines. The VLAN is designed to divide the network into segments that correspond to each user’s access privileges.

The school also plans to upgrade its Alcatel core switches this summer, from the OmniCore 5052 to the OmniSwitch 7800.

The OmniSwitch 7800 is an 18-slot module chassis with a fabric capacity of 128 Gbps, whereas the OmniCore 5052 has a backplane capacity of 52 Gpbs.

A key feature of the 7800 is “”smart continuous switching,”” which is designed to switch the system over to a hot standby module if a management/fabric module fails. Alcatel states Level 2 and 3 traffic, including voice, will continue without interruption.

HEC plans to install three 7800s this summer — two in the main building and a third in the secondary campus. One of the 7800s will be used as a primary while the other will be on standby in case the primary fails.

The two OmniCore 5052s currently in use at the main campus are designed to be redundant, Mireault said.

“”All the nodes on our system have double roots, so if ever one machine goes down, we can still serve all our users.””

WHEN ALL 60 STUDENTS LOG ON AT THE SAME TIME

One of the reasons for the upgrade is to bring 10 Mbps of dedicated bandwidth to each port.

“”We have some areas where you have a classroom with 60 or 70 students and you want to have fast access to the Internet,”” Mireault said. “”At the moment, if they all press Enter at the same time, their bandwidth gets shared, a

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs