Add as a preferred source on Google


Blocking Cyber Attacks, Increase Bandwidth

  • By Thomas Danford
  • 10/31/03

Founded in 1850, the University of Dayton is the largest, private university in Ohio and one of the top 10 largest Catholic universities in the United States. The university has over 70 academic programs for its 10,000 students, and is one of the most wired campuses in the country. All university housing is connected for high-speed Internet access, and all students are required to own computers.

The Problem
Like most universities, University of Dayton needed to provide open network access to students, faculty and staff. This type of exposure makes it almost impossible to stop attacks, such as Code Red and Nimda that bypass the firewall on port 80 and other well-known ports. In the early stages of the Code Red worm spreading, it was discovered that as few as five infected machines could overwhelm the core campus router. This was further complicated in that there was no way to determine if the network was under attack. The only valid strategy of blocking attacks was to apply patches before a server or workstation—allowed on the network.

Additionally, file sharing is prevalent with students using Peer-to-Peer applications to download copyrighted music and video files. This can cause legal and security risks as well as absorb significant bandwidth. University of Dayton estimates that they received a dozen letters per month threatening legal action for piracy.

The Implementation
The University of Dayton installed TippingPoint Technologies’ UnityOne Intrusion Prevention Appliance, a high-speed intrusion prevention system that blocks malicious traffic and illegal P-to-P files on the network. We immediately viewed attacks being blocked on the security management console’s attack log. Since the implementation in early 2003, the university estimates that more than one million worms, viruses, and attacks have been blocked each month. The Digital Vaccine service, which allows administrators to download new security filters to the system to protect against the latest vulnerabilities, buys administrators additional time to patch their systems.

University of Dayton’s Network Systems and Security Officer Ronnie Wagers said, “The UnityOne gives me peace of mind. I am no longer comfortable with the idea of running our perimeter defense without it.”

The intrusion prevention enables customers to block P-to-P traffic uni-directionally or bi-directionally. The University of Dayton chose to allow students to be able to retrieve shared files from outside the university network, but blocked people outside the university network from retrieving shared files located within the university. With the implementation, reports show over 1 million shared files are blocked per month, augmenting the organization’s bandwidth availability. Results from the University of Dayton show that after blocking P-to-P traffic uni-directionally, bandwidth consumption dropped from a peak of 30Mbps to a low of 17Mbps within the first 30 minutes, giving a 43 percent increase in bandwidth availability.

Value Proposition
Organizations can greatly increase their security and bandwidth availability while reducing the legal risk of piracy by blocking P-to-P file sharing applications. TippingPoint’s Peer-to-Peer Piracy Prevention feature is included in all UnityOne Intrusion Prevention Appliances and Systems. The system performs deep packet inspection through Layer 7, providing immediate protection against known threats and vulnerabilities.

The cost savings from avoiding an attack could easily reach well into the six-figure range. When calculating return on investment from an intrusion prevention solution; administrators should take into account the time required to patch a system and reboot, the time required for emergency patching (the same day as a vulnerability or exploit is published), remediation time, time to test to make sure the machine is fixed, the opportunity cost of what tasks are neglected due to remediation, decreased productivity, overtime charges or outsourced staff expenditures required to fix the infection, and damages caused from the actual attack.

All of these factors would be multiplied by the number of infected machines, which can range into the hundreds or thousands depending on the size of the organization. Our intrusion prevention system has proved to be a good investment.

Featured

  • Graduation cap resting on electronic circuit board

    Preparing Workplace-Ready Graduates in the Age of AI

    Artificial intelligence is transforming workplaces and emerging as an essential tool for employees across industries. The dilemma: Universities must ensure graduates are prepared to use AI in their daily lives without diluting the interpersonal, problem-solving, and decision-making skills that businesses rely on.

  • Hand holding a stylus over a tablet with futuristic risk management icons

    Why Universities Are Ransomware's Easy Target: Lessons from the 23% Surge

    Academic environments face heightened risk because their collaboration-driven environments are inherently open, making them more susceptible to attack, while the high-value research data they hold makes them an especially attractive target. The question is not if this data will be targeted, but whether universities can defend it swiftly enough against increasingly AI-powered threats.

  • abstract pattern of shapes, arrows and circuit lines

    Internet2 Announces a New President and CEO to Step Up in October

    Internet2, the member-driven nonprofit offering advanced network technology services and cyberinfrastructure to the research and education community has completed its search, which began this past May, for a new president and CEO to take the helm.

  • glowing crystal ball with network connections

    Call for Opinions: 2026 Predictions for Higher Ed IT

    How will the technology landscape in higher education change in the coming year? We're inviting our readership to weigh in with their predictions, wishes, or worries for 2026.