Dynamic Segmentation Helps Universities Improve User Experience and Security

College is back in session, and the move-in day photos have been insta-faved. Beyond the fluffy rugs and fabulous fitness centers, students also expect insanely great Wi-Fi. After all, they come to school with laptops, phones, gaming consoles, smart watches, streaming devices and smart speakers. It sounds like a lot of gear, but according to the latest ResNet study, students are bringing an average of seven devices to campus.

Students and faculty aren’t the only ones expecting an amazing Wi-Fi experience. In fact facilities teams are looking to smart devices to make the campus safer and more operationally efficient. Many universities have made safety and security enhancements to address growing concerns. IoT devices such as security cameras, connected door locks, smart lighting, temperature sensors and irrigation systems can create a better, safer and more efficient environment, while trash cans and rat traps can let facilities know when they need service.

Higher education is open, collaborative environment, making cybersecurity an ongoing challenge. But as the need for connectivity has expanded to every corner of the campus, the challenge is growing.

Aruba’s Dynamic Segmentation solution can help IT managers meet the growing need for secure connectivity and a great user experience. Dynamic Segmentation is a nondisruptive approach, and is an overlay to the existing campus network. Many Aruba customers already have the building blocks of the solution, as dynamic segmentation works across Aruba access points, mobility controllers, switches and SD-Branch gateways.

Three Reasons to Use Dynamic Segmentation
Let’s look at three ways Aruba’s Dynamic Segmentation solution can improve security, deliver a great user experience and give IT managers more control over IoT devices.

1. Enforce network access policies consistently. Universities have long been managing static configurations to make sure that users always have access to their applications and resources, and academic, administrative and residential traffic stays separate and secure. But static lists are no match for today’s dynamic mobile and cloud world.

Dynamic Segmentation eliminates the pain of configuring VLANs to manually segment the network. Instead, Aruba ClearPass Manager provides centralized policy management and allows users to connect easily and without compromising security. Access is granted based on users’ and devices’ roles—and placed in the broader context of factors like time of day and location.

ClearPass simplifies providing secure access for everyone from students, faculty, staff and visitors as well as outside vendors and service providers. There’s no more worry about outdated policies or policies that are enforced differently whether a person or device connects over the Wi-Fi, the wired network or a VPN. Students’ private health information, financial data and grades are properly protected, as is payment information from the bookstore and stadium concessions.

2. Provide an amazing user experience. Whether Facetiming with a friend, engaged in a late-night Call of Duty session, or replaying yesterday’s multivariate calculus lecture, students expect technology to just work.

Dynamic segmentation is a more modern way of enforcing application service level agreements. Universities can meet students’ connectivity expectations in their dorm rooms—without sacrificing the bandwidth needed to keep the university’s academic, administrative and facilities running.

3. Gain better visibility into IoT devices. At a university, it’s virtually impossible for IT managers to know about all of the devices connected to the network—and the explosion of IoT only exacerbates a long-standing blind spot. Traditional IT asset management tools have a hard time identifying IoT devices in any useful detail. Given the many IoT security horror stories in the news, many IT managers are understandably concerned.

Aruba ClearPass Device Insight provides complete visibility into all connected devices—including ones that aren’t in the IT asset database. ClearPass Device Insight uses machine learning, deep packet inspection and other techniques to provide full visibility into device type, vendor, hardware version and behavior including applications and resources accessed. Now IoT devices, whether used by students or facilities, can be identified, granted appropriate access and monitored continuously for suspicious behavior.

Get Started with Dynamic Segmentation
Aruba’s network segmentation strategy helps universities deliver a better experience when connecting mobile and IoT devices and better protect the network with policies that are consistently enforced across campus. It’s time to give up the old, hard ways of manually configuring VLANs for an automated, dynamic approach that will free up the network team for more strategic projects.