Brighton Grammar School keeps its network safe
Brighton Grammar School is an Anglican boys school based in Melbourne. Its focus is to tailor teaching methods and programs to meet the unique learning styles and interests of boys and to create a curriculum that engages, excites and challenges each student.
To support the educational and administrative aspects of the school, Brighton Grammar maintains an extensive information technology infrastructure including a 10 GB backbone, a storage area network, a VMware virtualised environment plus 600 computers, 30 notebooks and more than 50 thin client computers. In addition, the school’s recently established research arm, the Crowther Centre located in the Melbourne CBD, connects to the main school campus via a virtual private network. The system is used by approximately 1500 on-site staff and students plus a number of parents who remotely log in to the school portal via secure links.
David Young, Brighton Grammar’s Information Technology (IT) Manager, notes that modern teaching and classroom practices, and business operations place a huge reliance on connectivity. “That’s why we run an enterprise-class network and we need enterprise-class devices to make sure it all works. Users expect the system to be up 100% of the time and it’s our job to make sure that everything works.”
This makes network integrity and security essential considerations for Young. “We have an enormous diversity of user requirements with students from three years of age through to adults of 70 or 80 using school resources,” Young explains. “All have their own specific requirements that we need to address, whether it’s from a duty-of-care point of view or a research perspective. For example, we have to be aware of not letting users access sites that contain inappropriate information. Therefore, we need to be able to identify traffic and build appropriate rules for that traffic.”
Young deployed a WatchGuard solution as a firewall and web service or mail service proxy for internal resources. “We chose WatchGuard because of its ease of management. It was - and remains - straightforward, simple to operate and configure,” Young says. “The information that we get from WatchGuard and from our logs means that we know where things are supposedly going and what’s happening with the network. We keep intrusion detection turned on and periodically we test it from outside the organisation to make sure there are no security holes.”
The landscapes changes. That was eight years ago and Brighton Grammar is now onto its third generation of firewall solutions. Instead of one appliance, the school has two enterprise-level WatchGuard XTM 8 series appliances at the main campus, with one acting as a fail-over for the other. At the school’s remote sites, another WatchGuard Firebox X Core series device is deployed for VPN connectivity within the network to give even greater flexibility and security.
The school also subscribes to WatchGuard’s LiveSecurity Service, enabling Young to receive regular software updates, early warning of newly identified threats, practical advice and guidance, and professional support.
Young points out that any firewall needs to be regularly reviewed. “This technology is not something that you just put in and forget about. It needs to be managed, maintained and upgraded. As everything else behind the scenes gets bigger and bigger, so must the firewall.”
Another ongoing challenge is the need to adapt security to meet changes in the technology infrastructure. It’s not just a matter of desktop computers any more. Network users demand access via wireless notebooks, smartphones, iPads and any number of portable devices. “It’s a challenging environment to try to secure,” Young acknowledges. “We’re always trying to keep a step ahead of our users,” said Young.
The D-Link PowerLine AV2 2000 gigabit pass-through powerline starter kit includes two...
The Trend Micro Incorporated XGen endpoint security identifies benign data and known threats. It...
The Kingston IronKey D300 managed encrypted USB flash drive deploys an advanced level of encryption.