Software to monitor network
April 13, 2010
UNIT is currently in the process of implementing monitoring software that students will be required to download on their computers in order to connect to the Villanova wireless and wired network, beginning this semester with South Campus and moving campus-wide in the fall.
The software, known as Safe•Connect and published by Impulse Point, LLC, was implemented on South Campus on Tuesday to ensure that computers meet minimum security requirements, which consist of updated anti-virus and anti-spyware software, according to Director of Technology Support Services Matthew Morrissey.
The idea for this Network Access Control, or monitoring software, originated from several virus outbreaks on the Villanova network in the past few years that heavily impacted UNIT.
“Last year, an infected non-VU computer shut down the network in Bartley and the Pavilion for four days,” Morrissey said. “This product will help us target those instances and isolate infected computers from the network to avoid those problems.”
The Safe•Connect software was piloted in Stanford Hall on March 27 and 28. Students in Stanford were prompted to download unspecified security software. If students chose not to download the software, they could only visit internal Villanova Web sites, such as Novasis and WebCT, and they were blocked from all other Web sites, including Google.
According to Morrissey, the UNIT staff communicated their plans for the software implementation in Stanford to the resident assistants before March 27. The RAs were asked to inform their residents about the software and to let them know that members of the UNIT staff would be available for assistance in the building, Morrissey said. But the communication must have fallen through somehow, because according to several RAs in Stanford, they didn’t know anything about what the software was or what was going on, so neither did their residents.
The South Campus-wide installation of the Safe•Connect software was scheduled for April 13 at 10:30 a.m., according to an e-mail that was sent out to all South Campus residents from the Office of Residence Life on April 9. The e-mail explained that the purpose of the software was to “allow UNIT to identify and remedy compromised computers thus ensuring a safer computing environment for the entire Villanova University campus network.”
Sometime between now and August 23, the first day of classes, the software’s purpose will include another feature: monitoring for illegal activity on peer-to-peer networks as well as malware threats on the Villanova network.
“The software works by listening in on an open port on your computer, where data is sent and received over the [school’s] network,” said Vincent Veltri, a junior majoring in computer science. “Once you uninstall the software and start browsing the Web, you get redirected to the download page within 10 minutes, so it’s safe to assume that the software is checking your computer every 10 minutes.”
When students have the Safe•Connect software installed on their computers but are using an off-campus or outside network, such as Linksys or Comcast Hi-Speed Internet, their online activity will not be monitored, according to Director of Network and Communications Robert Mays.
“The software sits dormant on your computer until you come back to Villanova and access the network,” Mays said.
UNIT also plans to eliminate Villanova’s unsecure network, VU Guest, in order to require every user to download the software to access the network.
According to Mays, Villanova is not among the first schools to implement Network Access Control software. While some schools have harsh policies in blocking peer-to-peer traffic with NAC software right away, UNIT is taking an easy and undisruptive approach in transitioning to monitoring software, Mays said.
“We will focus on notification and education [about illegal downloading]; enforcement will come later,” Morrissey said.
According to Mays, the UNIT staff wants to first use the Safe•Connect software to monitor, then to send out notifications of copyright infringement to those violating the school’s policy, then to target the largest problems on the network and adjust accordingly and finally to mediate the problem or to block the user from any Web sites that are not internal Villanova sites.
The software will notify UNIT if a student is downloading content on a P2P program, but it will not be able to exactly identify what is being downloaded, according to Morrissey. This could be problematic for students because legal content, such as books and software that are available in the public domain, exists alongside illegal content in P2P file-sharing programs.
“It will be impossible for UNIT to tell if the download is legal or illegal from this monitoring software,” Veltri said.
While the UNIT staff is still unsure about what other features they will use within this software and how they will use them, by the end of next year, UNIT is hoping to implement the Safe•Connect software on all computers that attempt to access the Villanova wireless and wired network, including those of faculty and staff, according to Mays.
“There needs to be transparency with this kind of technology,” said Rick Eckstein, a sociology professor and the associate director of the Center for Peace and Justice Education. “A person whose Internet usage is being examined needs to know the moment that they are being examined. Just because the technology is available doesn’t mean it’s desirable.”
The incident in the Lower Merion School District involving webcam monitoring, which is currently being debated in the law as a violation of privacy, is one such example of technology that is available but can become undesirable once its power is placed in the wrong hands.
“The precedent of technology like the Safe•Connect software being abused by people with the power to control them has unfortunately been set,” Veltri said. “I’m not saying that UNIT will in any way reproduce what happened in Lower Merion. I just hope that they’ll do their best to notify the students about how they are using this software and not hide anything.”