Secure remote access enables virtual desktops, mobility

St. Richard’s Catholic College in East Sussex implemented secure remote access to allow mobile access to network resources while rolling out virtual desktop learning tools.

Secure remote access helped turn a badly functioning network into a functional resource for students and staff at St. Richard's Catholic College. The school wanted to offer access to its network from any mobile device and enable new learning tools via virtual desktops. It first needed a network upgrade and a solid security plan.

St. Richard’s Catholic College is a co-educational secondary school based in East Sussex with over 1200 pupils on roll. As pupil numbers and unpredictable traffic demands grew, network traffic management became increasingly complex. Failure rates rose to 20%, leaving the network out of action for up to two days at a time.

In addition, the network lacked flexibility. “People were asking for the ability to work from home outside of working hours," said John Neeson, IT network manager. "A lot of students are disadvantaged because they don’t have the same software that we have in college,” he said. These students could benefit from the ability to access network resources during off hours.

Remote access aids new learning platforms

Remote access had not been possible because the previous network was so unreliable. But in the summer of 2010, the network was refreshed with Juniper Networks’ EX Series Ethernet switches, allowing the school’s IT team to move forward with plans to provide services such as virtual learning resources based on Citrix XenDesktop.

 “It is a whole new way of thinking, of opening up your network to external devices and anyone bringing in their own device and being able to use that," said Neeson. "Ideally, we want to be able to have one-to-one computing, where every child has access to a computer all the time… We thought, 'A lot of people already have laptops and mobile devices, so why don’t we try and use those?'”

He describes the college as still in the initial stages of implementing secure remote access from any device. The issues are around data security, ensuring that devices allowed on to the network only have access to the appropriate resources.

Secure remote access starts with security

 “There are headaches involved in ensuring everything is locked down. The Juniper equipment has enabled us to do this, providing the functionality to run 802.1x network access control. When a device connects to the network, it has to be authenticated with us before it is allowed to do anything,” said Neeson.

Citrix XenDesktop runs on top of the Juniper network to provide virtual desktops. “Citrix has an application that runs on iPads and iPhones, an application that runs on Windows and Macs, an application that runs on Android," said Neeson. He and his team are aiming to successfully support any device a pupil or employee wants to use.

The security levels are different for staff and students. The school wanted to make it as simple as possible for students to access the network: “Everything we do for the students is single sign-on with one username and password. That has its own security implications, because we have to ensure that the student access is as restricted and locked down as possible," Neeson said.

The college is looking at single sign-on with a security token and some form of additional security for staff members because of their ability to access sensitive data.

St Richard’s now has upwards of 300 students a night logging in remotely. Student-introduced malware and other attacks are an issue, said Neeson: “It is interesting working in a school environment, because it is an environment where you are constantly attacked from the inside. You have to bear that in mind when designing any solution. There will be students who have newfound knowledge and want to try and make use of it, and [they] will not always do that in the best way.”

--Tracey Caldwell is a professional freelance business technology writer.

Read more on Network security strategy

Data Center
Data Management