FDU Network Authentication and Validation
Frequently Asked Questions

Q: What do you mean by “authentication” and “validation”?
A: Authentication is the process of verifying your access to the network by confirming your username and password and associating it with your computer.

Validation refers to the process of confirming that adequate security measures are in place on your computer.

Q: How does the FDU Network Authentication and Validation system work?
A: The computer security system performs the following functions:

• It will first authenticate the individual to the network by asking for the person’s Webmail username and password.
• The system will then confirm that the computer’s operating system and antivirus software meet the minimum requirements needed to access the FDU network.
• In the event that the machine does not meet these requirements, it will be placed in quarantine until minimum security standards are in place.
• The machine will then be redirected to the appropriate site to remediate the issue.
• Once action is taken and the system is confirmed to be “clean,” the security system will allow access to the network.

Q: Why is this system being introduced now?
A: Over the past few years, a multitude of new work viruses have wrought havoc upon the Internet community. In fact, in the first half of 2004 alone, well over 30 worm viruses with a threat level of medium of higher were let loose upon the Internet. To their credit, the Networking team of FDU’s IT department would address these issues immediately by blocking individual viruses and performing immediate containment of any threats that momentarily breached our network. Although the effects of these viruses were minimized to the best of our ability, it was determined that additional security would be required to provide the safest possible internet experience within the University.

Q: How Does Validation Work?
A: Upon connecting to your favorite Internet browser for the first time, you will be redirected to a Web page allowing you to download and install our “Cisco Clean Access” validation agent.

Once launched, the agent will determine if your computer meets the minimum standards required to access the FDU network. If the computer fails to meet the requirements, it is only allowed Internet access only to the remediation sites. Once corrected, full network access is provided and a timer is set for 24 hours.

This connection to the FDU network remains intact until the timer expires. The connection is then reset and the user must validate by launching the agent again.

Q: What Validation Checks are being performed?
A: The following are some examples of validation checks that can be performed:

• Run Nessus scans for known vulnerabilities.
• Check for current release of anti-virus software and current virus definitions.
• Check for current Windows OS Patches for Windows machines.

Q: How Long Do the Validation Checks Take?
A: The checks can take as little as 15 seconds and will not take longer than few minutes.

Q: How Does Validation Work for Macintosh and Linux Users?
A: Macintosh and Linux users must authenticate by logging in via a web page. The only validation check for Macintosh or Linux systems is the Nessus vulnerability scan. There is no agent which is downloaded to these systems.

Q: What Remediation is Available?
A: Microsoft Windows Patch Failure. If your system fails the check for current critical Operating System patches, you will be instructed to click on the URL for the Microsoft Windows update site and follow the instructions. Additionally, you will have the option to download a program that can assist in configuration of Microsoft Windows Automatic Updates.

A: Anti-Virus Failure. If your system fails the check for current anti-virus software, you will be provided with the ability to download either for the antivirus software itself or the current engine and virus definition files.