3 Institutions Deploy FireEye Appliances To Battle Breaches

San Francisco State University, Santa Barbara City College, and Connecticut College have all gone public with deployment of FireEye appliances on their campuses to preemptively stop data breaches caused by malware that steals student identity data, misappropriates faculty research, and exploits campus computing resources.

San Francisco State's IT infrastructure supports 30,000 students and 3,500 faculty and staff. According to a statement from the vendor, the university had no prior campus-wide anti-malware protection and selected FireEye based on the product's ability to protect against zero-day threats, low false positive rate, and ease of use. The university deployed the appliances at the virtual egress point of the campus border to help monitor campus network traffic for malware and botnet activities.

"The FireEye appliance identifies bot-infected computers and detects malware on the campus network, allowing us to take a proactive approach to stop bots before they have a chance to do more widespread damage," said Jack Tse, senior director, network and operations. "The FireEye appliance also helps mitigate the possible theft of sensitive and confidential student, faculty, and staff data."

Santa Barbara City College made the decision to deploy the FireEye security appliances after a six-week trial uncovered bots that were previously undetected by up-to-date antivirus and other security systems. The college, which serves 15,100 full time students and 1,200 faculty and staff, had also evaluated a deep packet inspection device that proved too costly to implement and provided a higher false positive rate than FireEye.

"The FireEye appliances accurately found malware immediately, even the smallest intrusions, and detected activity in callback channels initiated from compromised machines," said Jerry Thomas, network specialist at the city college. "FireEye also eliminated false positives and reduced the syslog numbers, saving me critical man hours. I now have a very high confidence level, when we get an alert from FireEye, we know we have something."

Connecticut College, which has 1,900 students on its New London-based campus, recently selected FireEye equipment to fortify defenses against stealthy malware infiltration due to infections outside the campus gateway.

"Connecticut College takes user security seriously and hence, we enforce patches and antivirus on the desktop, and use firewalls and [intrusion detection and prevention] (IDP) systems on the gateway," said John Schaeffer, systems & server administrator at Connecticut College. "But because of remote users who are infected outside our gateway, compounded by the reality of spear phishing, zero-day, and targeted attacks, we realize that a signature-based solution does not provide complete protection against today's Web exploits and botnets."

FireEye appliances use a multi-stage analysis engine called the "FireEye Analysis and Control Technology" (FACT). FACT detects zero-day malware and botnets by analyzing real-time Web and network traffic flows. Zero-day exploits attempt to find computer vulnerabilities before they've been patched by vendors. When malware is confirmed to infect a virtual victim machine, the appliances alert administrators and repel attacks via integration with existing security software in place. Linked into the FireEye "Malware Analysis & Exchange" (MAX) Network, the appliances gain additional malware signatures, call-back coordinates, and botnet. Participating FireEye appliances generate and share real-time malware intelligence to respond to known and unknown malware and botnets.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • glowing digital brain above a chessboard with data charts and flowcharts

    Why AI Strategy Matters (and Why Not Having One Is Risky)

    If your institution hasn't started developing an AI strategy, you are likely putting yourself and your stakeholders at risk, particularly when it comes to ethical use, responsible pedagogical and data practices, and innovative exploration.

  • laptop screen with a video play icon, surrounded by parts of notebooks, pens, and a water bottle on a student desk

    New AI Tool Generates Video Explanations Based on Course Materials

    AI-powered studying and learning platform Studyfetch has launched Imagine Explainers, a new video creator that utilizes artificial intelligence to generate 10- to 60-minute explainer videos for any topic.

  • cloud and circuit patterns with AI stamp

    Cloud Management Startup Launches Infrastructure Intelligence Tool

    A new AI-powered infrastructure intelligence tool from cloud management startup env0 aims to turn the fog of sprawling, enterprise-scale deployments into crisp, queryable insight, minus the spreadsheets, scripts, and late-night Slack threads.

  • Stylized illustration showing cybersecurity elements like shields, padlocks, and secure cloud icons on a neutral, minimalist digital background

    Microsoft Announces Security Advancements

    Microsoft has announced major security advancements across its product portfolio and practices. The work is part of its Secure Future Initiative (SFI), a multiyear cybersecurity transformation the company calls the largest engineering project in company history.