CCA Home > Announcement

What is Clean Access and What do I do?

Clean Access is a network security system that checks weekly for vulnerabilities on machines operating in the residence halls.  All student workstations must pass these checks to get online.  Please follow these steps to gain network access:
  1. User Authentication
    1. Web Login
    2. Clean Access Agent
  2. Vulnerability Assessment
    1. Windows Vista
    2. Windows XP
    3. Windows 2000
    4. Windows ME/98
    5. Macintosh
    6. Linux
  3. Remediation
    1. Missing REQUIRED Software
  4. Removing the Clean Access Agent

Background: Nearly all network outages or brown-outs experienced in the Residence Halls are the result of virus-infected or severely compromised student PCs accessing the network.  As a result, it has become necessary for the University to implement a network security system in order to minimize the risk posed by students who connect infected PCs to the campus network.

User Authentication

User authentication simply means you need to provide proper credentials (i.e. your Windows NT Domain username and password) in order to gain access to the network.  There are two methods for entering this information: Web login and Clean Access Agent.

Web Login

Open any web browser, such as Internet Explorer, Safari, Firefox, Opera, etc.  If your network settings are configured properly, you should be automatically redirected to the authentication page:

Web Login is the user authentication method for all non-Windows based computers as well as computers running any Microsoft Windows operating system other than Windows 2000 and Windows XP. Users running Windows 2000 or XP are required to authenticate using the Clean Access Agent.

Clean Access Agent

If you are running Windows 2000, XP or Vista, you will be directed to install the Clean Access Agent.  For these users, the Agent will now be the method for authenticating.

Click Download Clean Access Agent 4.1.2.0 button.  Although you can choose to open the file directly, we recommend saving it to your hard drive so you can re-install at a later time, if necessary. 

Once the Agent installer is saved, double-click to install.  Following the wizard installation instructions should only take a minute or two.

Once Clean Access Agent is installed, the login window will appear automatically whenever your computer attempts to access the network. Enter your LHU NT Domain UserID and password and click Login. (Note: The authentication provider should be LDAP.)

If the Clean Access Agent log in window doesn't appear automatically, you probably have an installed firewall (e.g. Norton Internet Security) preventing the window from popping up. To bypass this problem, modify your firewall rules to allow Clean Access Agent (port 8905). The method for modifying the rules vary depending on the firewall you're running.

Top of page

Vulnerability Assessment

After you successfully log into the system, Clean Access checks your computer for vulnerabilities to make sure it meets the necessary security requirements for connecting to the network.  Only compliant computers are granted full network access.  Every week your machine will be revalidated to ensure compliance.

What are the requirements for accessing the network?

It's possible that the minimum requirements may vary from time to time in order to remain proactive in preventing new viruses and trojans from infiltrating the network.  All students are accountable for keeping their computer updated with current antivirus software and all operating system security patches.  Here are the current and planned specific requirements that Clean Access checks:
Windows Vista Current requirements:
  • Clean Access Agent 4.1.2.0
  • Automatic Updates enabled and set to "Download and prompt..."
  • All Windows Critical Updates.
  • Up-to-date McAfee Antivirus software  (Provided to all Lock Haven University students at no charge).
  • McAfee Antispyware installed.
Windows XP

Current requirements:

  • Clean Access Agent 4.1.2.0
  • Automatic Updates enabled and set to "Download and prompt..."
  • All Windows Critical updates.
  • Up-to-date McAfee Antivirus software  (Provided to all Lock Haven University students at no charge).
  • McAfee Antispyware installed.
Windows 2000

Current requirements:

  • Clean Access Agent 4.1.2.0
  • Automatic Updates enabled and set to "Download and prompt..."
  • All Windows Critical updates.
  • Up-to-date McAfee Antivirus software  (Provided to all Lock Haven University students at no charge).
  • McAfee Antispyware installed.
Windows ME/98/95 Current requirements: Web Login
Macintosh

Current requirements: Web Login
Linux Current requirements: Web Login

If no vulnerabilities are found, your computer is considered compliant and is granted full network access.  If vulnerabilities are found, your computer is moved into remediation.

Top of page

Remediation

If your computer fails the vulnerability assessment, it is moved into remediation, and you are provided with directions for fixing/patching it.  You are given temporary network access in order to download any necessary software.

Missing REQUIRED Software

Required software must be installed before your computer will be granted network access.  If your computer is missing required software, you'll see a message like this:

Click the Go To Link button to download and install the required software.  Because this is required, you must correct the problem before full network access is granted.

Top of page

Removing the Clean Access Agent

By Fall 2005, the Clean Access Agent will be required in all residence halls on campus.  If you connect your computer to the Internet somewhere other than in a residence hall, the Clean Access Agent is not required and simply will not appear.  However, if you move off-campus and no longer need to connect your computer to network in the Residence Halls, you'll probably want to remove the Clean Access Agent.  To do so, go to Start -> Control Panel -> Add or Remove Programs.  Select Clean Access Agent and click Remove.

Top of page