Campus InterZone

Campus InterZone - secure by default

Improvements to network access at McGill are underway! Campus InterZone began its deployment in Summer 2019 and continues its progress. Learn more about this initiative and its benefits: 

What is Campus InterZone? 

Campus InterZone is McGill's new network architecture. This new method of administering network access will improve quality of service for all network users and provide greater security for users, devices, and the McGill network. 

Zone-based security 

Users and devices at McGill will now be placed in virtual "zones" and assigned access accordingly, so that all users or devices within a particular zone will have the same network access from anywhere on campus. Until now, network access has been assigned according to a user's location. With this method, if a user changes location on campus or uses wireless, they may lose network access and need to use the McGill Virtual Private Network (VPN) in order to access the resources they are normally authorized to use.

With zone-based security, users and devices will be assigned access according to their identity, and not their location. These changes will result in consistent access to the McGill network from anywhere at McGill, so that authorized users will no longer need to use the McGill Virtual Private Network (VPN) on campus.

Users and devices in virtual zones - Campus InterZone

Benefits of Campus InterZone

1. Increased mobility for all authorized wired and wireless network users on McGill campus: With zone-based security, by connecting to the McGill network users will be able to access all the services they normally do from anywhere on campus. Users will no longer require VPN while connected to the wireless network to access McGill services.
2. Improved security for users and devices: Campus InterZone places users and devices into virtual security zones, allowing greater control over the traffic between these and reducing the risk of security breaches. This change will prevent infected devices from communicating with other devices within a zone and increase protection against malicious activity.
3. Better protection for McGill's network: With zone-based security, more features of McGill's firewall can now be put to use, resulting in greater protection for our network. Intrusion Prevention (IPS) and Denial of Service (DOS) will be implemented, which will allow the firewall to better detect and block an infected computer or malicious actor from attempting to exploit a vulnerable system within McGill's network.
4. Streamlined process to assign access: Presently, each network user is assigned access based on their location. In order to assign users network access, LAN Administrators need to submit detailed information for each user and location. Since zone-based security is based on user profile and not location, only one submission is required per user, and users will now have consistent access regardless of where they go.

Campus InterZone - deployment schedule

As an updated network infrastructure is required in order to enable zone-based security, the wired and wireless network upgrade is a prerequisite for the deployment of Campus InterZone at McGill. See the Status at a glance page for an update on the upgrade's progress.

Campus InterZone's deployment will continue, group by group, for teams that reside in buildings that have already received the wired and wireless upgrade. November and December 2023 will be the initiative's transition phase to allow for the completion of migrations in progress, and the project closure is February 2024. 

Information for LAN Admins 

LAN Admins involved in the Campus InterZone migration can find additional details and tools on the page InterZone migration for LAN Admins (restricted page, login required).