Network Access Control
NAC Information
TCNJ employs a Network Access Control or NAC device to help prevent a computer from becoming a victim of virus, spyware, spam, or trojans, and also from spreading such malware. The NAC also replaces the IT registration database and the Resnet registration application with an electronic equivalent that associates a TCNJ community member with a computer.
The NAC works by electronically enforcing the Computing Access Agreement and Resnet Access standards. These security requirements are available at the following websites:
http://www.tcnj.edu/~it/procedures/computeraccess.html
http://www.tcnj.edu/~resnet/documentation.php
A summary of the College’s security requirements is:
- use appropriate and up-to-date anti-virus software
- keep your computer up-to-date with operating system patches
- do not use peer to peer file sharing applications
- do not disrupt the work of others
Anti-virus software is available from TCNJ free of charge here: http://www.tcnj.edu/~resnet/software.php
Allowed antiv-virus software vendors include Avast!, AVG, Authentium, AVGuard, BitDefender, EZ AntiVirus, Kaspersky, McAfee, Microsoft OneCare, NOD32, Panda, Sophos, Spysweeper AV, Symantec, TrendMicro, and ZoneAlarm.
The information collected by the NAC includes your username, IP address, MAC address, and security profile of your machine gathered from the state of your anti-virus software, operating system update settings, and any peer to peer file sharing applications. This information resides on a TCNJ server and is not transmitted off campus.
Fall semester 2012
Labs and Faculty/Staff (Wired Computers) - The SafeConnect Policy Key client should be preinstalled on your TCNJ-owned computer. Provided that the SafeConnect Policy Key client is installed:
- When you login to the network your credentials are automatically passed along to the NAC so you will not see a second login prompt for the NAC
- Your TCNJ-owned computer receives anti-malware and operating system updates automatically so it will never be blocked from accessing network or Internet based resources
If you bring your personally-owned computer to campus you will be prompted to install the SafeConnect Policy Key client and comply with the College's security requirements (listed above).
Wireless (Campus Wide) - Your computer will be blocked from accessing the Internet if it does not comply with the security standards of the College. Access to on campus resources will not be restricted. Once you fix the non-compliant security condition access to the Internet will resume immediately. For help please contact the Res.net helpdesk at x3138 or the TCNJ helpdesk at x2660.
Resnet (Wired Computers) –
August 2, 2012 - Resnet will start the term in "warning mode". The NAC will prompt you to login and install a policy key client. The policy key only needs to be installed once. You will begin to receive periodic warnings if your computer does not meet the security standards of the College. Your computer will not be blocked for non-compliance.
Instructions
Download NAC policy key
You will be prompted to install the policy key the first time you connect your computer on campus. To make your initial setup go faster, you may download and install the policy key before you arrive. Pre-installing the policy key file will not impact your computer usage while off campus.
Please download and install as you would any other application.
- Windows NAC Policy Key
- Mac OSX NAC Policy Key
- (No policy key required for Linux at present)
Gaming consoles, PDAs, etc.
Gaming consoles, PDAs, etc., will not be prompted to login to the NAC.
Connecting your computer to Resnet for the first time
Connect your computer to the network and launch a web browser. You will see the NAC login page (below). Login with your Unix/email account username and password. If you do not login you will not be able to access the Internet.
Download and install the policy key on login
Next, you will prompted to download and install the NAC policy key if you haven't already done so. You will only have to install the policy key once. The NAC policy key reports into the NAC management console with the security status of your computer. If you do not install the policy key, you will not be able to access the Internet.
Please follow the onscreen prompts and instructions to download and install the policy key for Windows and Mac OSX.
Compliance with the College's security standards won't be enforced until later in the semester. Please see the installation schedule above.
If the security settings of your computer do not meet the College’s security standards your computer will be quarantined from accessing the Internet. Please refer to the onscreen messages as to what the exact reason is that your computer has been quarantined and for information or instructions on how to remedy the situation.
Sample messages follow:
Sample operating system updates out of compliance message
Sample anti-virus software out of compliance message
Fall semester 2011
Labs and Faculty/Staff (Wired Computers) - The SafeConnect Policy Key client should be preinstalled on your TCNJ-owned computer. Provided that the SafeConnect Policy Key client is installed:
- When you login to the network your credentials are automatically passed along to the NAC so you will not see a second login prompt for the NAC
- Your TCNJ-owned computer receives anti-malware and operating system updates automatically so it will never be blocked from accessing network or Internet based resources
If you bring your personally-owned computer to campus you will be prompted to install the SafeConnect Policy Key client and comply with the College's security requirements (listed above).
Wireless (Campus Wide) - Your computer will be blocked from accessing the Internet if it does not comply with the security standards of the College. Access to on campus resources will not be restricted. Once you fix the non-compliant security condition access to the Internet will resume immediately. For help please contact the Res.net helpdesk at x3138 or the TCNJ helpdesk at x2660.
Resnet (Wired Computers) –
August 3, 2011 - Resnet will start the term in "warning mode". The NAC will prompt you to login and install a policy key client. The policy key only needs to be installed once. You will begin to receive periodic warnings if your computer does not meet the security standards of the College. Your computer will not be blocked for non-compliance.
September 19, 2011 - If you haven't remedied the non-compliant security condition, your computer will be blocked from accessing the Internet. Access to on campus resources will not be restricted. Once you fix the non-compliant security condition access to the Internet will resume immediately. For help please contact the Res.net helpdesk at x3138.
Spring semester 2011
Labs and Faculty/Staff computers -
The SafeConnect Policy Key client should be preinstalled on your TCNJ-owned computer. Provided that the SafeConnect Policy Key client is installed:
- When you login to the Novell network your credentials are automatically passed along to the NAC so you will not see a second login prompt for the NAC
- Your TCNJ-owned computer receives anti-malware and operating system updates automatically so it will never be blocked from accessing network or Internet based resources
If you bring your personally-owned computer to campus you will be prompted to install the SafeConnect Policy Key client and comply with the College's security requirements (listed above).
Fall semester 2010
Resnet and Wireless deployment -
New for Fall 2010 for wireless is single sign-on where your credentials are passed from the wireless systems to the NAC, eliminating the need for a second NAC login in most cases!
Resnet and Wireless access will start the term in "warning mode". The NAC will prompt you to login and install a policy key client. The policy key only needs to be installed once. You will receive periodic warnings if your computer does not meet the security standards of the College.
During the week of September 20th, 2010, the NAC will be transitioned into "blocking mode". If you haven't remedied the non-compliant security condition, your computer will be blocked from accessing the Internet. Once you fix the non-compliant security condition access to the Internet will resume immediately.
For help please contact the Res.net helpdesk at x3138 or the TCNJ helpdesk at x2660.
Spring semester 2010
Wireless deployment -
Week of January 25, 2010 - The NAC will prompt you to login and install a policy key application. The policy key only needs to be installed once. The policy key will be pre-installed on TCNJ managed computers so faculty and staff may not be prompted to install the policy key. You will begin to receive periodic warnings if your computer does not meet the security standards of the College. Your computer will not be blocked.
Week of February 15, 2010 - If you haven't remedied the non-compliant security condition, your computer will be blocked from accessing the Internet. Access to on campus resources will not be restricted. Once you fix the non-compliant security condition access to the Internet will resume immediately. For help please contact the Res.net helpdesk at x3138 or the TCNJ helpdesk at x2660.
Fall semester 2009
Deployment to Resnet –
August 10, 2009 - The NAC will prompt you to login and install a policy key application. The policy key only needs to be installed once. Thereafter, you will be prompted automatically to login to the NAC every time you restart your computer.
September 14, 2009 - You will begin to receive periodic warnings if your
computer does not meet the security standards of the College. Your
computer will not be blocked.
October 5, 2009 - If you haven't remedied the non-compliant security
condition, your computer will be blocked from accessing the Internet.
Access to on campus resources will not be restricted. Once you fix the
non-compliant security condition access to the Internet will resume
immediately. For help please contact the Res.net helpdesk at x3138.