UT Dallas External Phone Calls
OIT is aware of an issue affecting some external calls to the University to be disconnected and is working with Microsoft for a solution. Calls to our Service Desk are functioning normally. We will provide additional details as they become available.
Network Access Control Project
The Office of Information Technology (OIT) currently manages an enterprise network with over 38,000 potential end point connections with limited physical security. Currently the only method to control connections is through MAC based filtering from our DHCP server however static connections are allowed. Due to the increase in security threats and the availability of access the need for a Network Access Control system is paramount to ensure the students, staff, and research data is protected from nefarious actors. Within UTD there are over 11,000 managed devices which have access via mac based filtering, however as the necessity for network connectivity grows we (UTD and OIT) need to adapt and provide a safe and secure network that is available for higher learning and research.
The growth of the University, in terms of research, students, and buildings are driving the need for more ports and additional bandwidth availability. In collaboration with the Federated IT Group at UTD a panel was created to discuss the need for the NAC as well as which options are available that would best suit our needs. The panel first agreed to set parameters of what the University needs to protect and how to make it available and from there five major areas were identified. Those five were relayed to Gartner and based on their research and our needs, the panel chair reached out to the 4 appliance based NAC solution companies and 1 cloud NAC solution. Each vendor was given the following requirements and asked to provide a proposed solution to include cost and deployment timeline. Multiple meetings were held with each manufacturer to refine their proposals and through deliberation within the panel a final decision would be made.
- Host Blocking & Network assignment – The NAC needs to be able to block unwanted MAC addresses on our network as well as place devices in the appropriate network based on policies
- Appliance Logs – have the ability to run reports and trigger scripts based on log events
- Host Info – Identify host info and connect NAC to ISO tools to gather additional info about Host and end user
- Host Compliance – Connect NAC to ISO tools as well as provide an understandable dashboard to identify compliance based on set policies; quarantine non-compliant machines and allow them the ability to become compliant
- HIPAA Compliance – host compliance queries specifically to check for HIPAA compliance based on policies; trigger API calls to ISO and Client Services
The Forescout Appliance was installed in Feb and began configuration in March of 2023. As of May 2023 networks were being scanned to identify items on our network so that policies could be created. The initial timeline was to go live in August, however that has since been pushed to later December early January based on feedback received from the Federated IT Group. Client Services will be working with the Federated IT group to allow non-compliant devices to become compliant before they are blocked. Post Control implementation, non-compliant device owners will need to work with both members of the Federated IT group and Client Services to re-join the network.
To view our Frequently Asked Questions please click here.
