Click here to receive your FREE subscription to Campus Technology
Features
Blocking Cyber Attacks, Increase Bandwidth
10/31/2003
Founded in 1850, the University of Dayton is the largest, private university
in Ohio and one of the top 10 largest Catholic universities in the United States.
The university has over 70 academic programs for its 10,000 students, and is
one of the most wired campuses in the country. All university housing is connected
for high-speed Internet access, and all students are required to own computers.
The Problem
Like most universities, University of Dayton needed to provide open network
access to students, faculty and staff. This type of exposure makes it almost
impossible to stop attacks, such as Code Red and Nimda that bypass the firewall
on port 80 and other well-known ports. In the early stages of the Code Red worm
spreading, it was discovered that as few as five infected machines could overwhelm
the core campus router. This was further complicated in that there was no way
to determine if the network was under attack. The only valid strategy of blocking
attacks was to apply patches before a server or workstation—allowed on
the network.
Additionally, file sharing is prevalent with students using Peer-to-Peer applications to download copyrighted music and video files. This can cause legal and security risks as well as absorb significant bandwidth. University of Dayton estimates that they received a dozen letters per month threatening legal action for piracy.
The Implementation
The University of Dayton installed TippingPoint Technologies’ UnityOne
Intrusion Prevention Appliance, a high-speed intrusion prevention system that
blocks malicious traffic and illegal P-to-P files on the network. We immediately
viewed attacks being blocked on the security management console’s attack
log. Since the implementation in early 2003, the university estimates that more
than one million worms, viruses, and attacks have been blocked each month. The
Digital Vaccine service, which allows administrators to download new security
filters to the system to protect against the latest vulnerabilities, buys administrators
additional time to patch their systems.
University of Dayton’s Network Systems and Security Officer Ronnie Wagers said, “The UnityOne gives me peace of mind. I am no longer comfortable with the idea of running our perimeter defense without it.”
The intrusion prevention enables customers to block P-to-P traffic uni-directionally or bi-directionally. The University of Dayton chose to allow students to be able to retrieve shared files from outside the university network, but blocked people outside the university network from retrieving shared files located within the university. With the implementation, reports show over 1 million shared files are blocked per month, augmenting the organization’s bandwidth availability. Results from the University of Dayton show that after blocking P-to-P traffic uni-directionally, bandwidth consumption dropped from a peak of 30Mbps to a low of 17Mbps within the first 30 minutes, giving a 43 percent increase in bandwidth availability.
Recommended Reading
- Sun, Stanford Working To Archive History
In May in San Francisco, experts from leading universities, libraries, and research institutions around the world met as part of an ongoing effort to address a pressing issue: archiving the world's history, right up to today.
- The Quilt Coalition Rolls Out XO Communications for High-Capacity Network Services
The Quilt, a coalition of 28 regional network organizations, has added XO Communications Services to its authorized vendor list. The Quilt represents 200 universities and thousands of other educational institutions across the United States. With this new relationship, Quilt members can purchase XO's high-speed IP transit and network transport services at competitive rates.
- Wimba Classroom 5.2 Expands Classroom Capture Support, Adds MP3 Downloads
At the NECC 2008 conference in Texas this week, Wimba launched a new version of Wimba Classroom, the virtual classroom component of the company's Collaboration Suite. The new 5.2 release expands options for classroom capture and adds a variety of other functional and ease of use features.
- Automation Chimera: Education Is Not Management
The lure of automating workflow online so human intervention is minimized is continually reinforced in the minds of higher education administrators by examples of automated campus systems such as financials, student information systems, and other enterprise systems. But what's good for management is not always good for learning.
- Cognos Releases BI Software for Linux-based IBM System z Mainframe
Cognos, which IBM acquired in January, has released an update to its business intelligence software that will run on the Linux operating system on IBM System z mainframes. IBM Cognos 8 BI was being developed by the two companies prior to the acquisition, but assimilation of Cognos into IBM accelerated development.
- Facebook and Collegiality: A Serendipitous Social Niche
Facebook is a way to greet a colleague as if she or he is on your own campus: a wave at a distance, a hello at the corner burrito place, a honk as you both leave the campus parking lot. Informal collegiality has been extended over the miles.
