Purdue University, located in West Lafayette, Indiana, is the flagship university of the five campuses within the Purdue University System, and one of the largest university systems in the United States. Purdue offers both undergraduate and graduate programs in over 200 major areas of study and is perhaps best known for its highly competitive engineering college and leading programs in aviation and aerospace. Approximately 70,000 students attend the University.
Information technology is extremely distributed at Purdue. There are 42 IT organizations on campus, from several individuals who support the unique needs of specific departments, to a central organization that provides the common network and security infrastructure and tools for both administrative and academic sides of the University. On a typical day, the University’s network receives 2.4 million emails and has 57,500 active network connections, including 3,000 from wireless access points.
Data breach prompts investment in stronger security
“Several years ago, we experienced a serious data breach that made the front page of national publications,” remembers Scott Ksander, Chief Information Security Officer at Purdue University. “We had been relying on ad hoc virus protection—from free open source packages to a wide range of point solutions or no protection at all—in part because anti-virus software seemed to slow down system performance. The data breach was a clear wake-up call to implement a coordinated defense.”
Coordinated, central control seals deal for McAfee
Purdue University conducted an in-depth technical review of anti-virus solutions, including a pilot of the top two solutions. The decision team also talked at length with IT security groups from the University’s peer institutions about their experiences with different solutions. The result: Purdue chose McAfee Total Protection (ToPS) for Endpoint.
Purdue was particularly impressed with McAfee ePolicy Orchestrator® (ePO™), the web-based management console that comes with ToPS for Endpoint and integrates with other McAfee and non-McAfee products to provide centralized control and reporting. “ePO was the linchpin in our decision,” says Ksander. “It’s the ‘secret sauce’ that makes security administration so much easier.” Furthermore, the McAfee solution did not bog down Purdue’s network as other solutions had.
Benefits realized immediately upon deployment
“Once we installed McAfee Total Protection for Endpoint, we realized benefits almost immediately,” says Ksander. “From the start, it intercepted and blocked viruses and spyware, and, thanks to ePO, has been extremely easy to monitor and manage.”
Purdue implemented McAfee ToPS for Endpoint across approximately 20,000 desktops and 250 servers. Although not all departments within the University have adopted Total Protection, Ksander expects more to do so in the future. The University is also using McAfee VirusScan for Mac to protect approximately 2,000 Mac desktops.
Currently, the University is only using the anti-virus and anti-spyware protection capabilities of Total Protection for Endpoint; however, as internal resources permit, Purdue plans to take advantage of the solution’s other capabilities, such as network access control and host IPS.
Coordination across a very distributed environment
“The ability to coordinate security across a geographically and logically distributed environment is a huge benefit of ePO,” says Ksander. “For both political and technical reasons, such as the unique needs of the aviation and aerospace departments, Purdue has implemented seven ePO servers in addition to a central ePO server. “The administrators using ePO can easily work together to coordinate pushing out new files or policies, or even publishing reports.”
"The fact that McAfee is a company truly dedicated to security, not trying to be all things to all people, is important to us. So is open, two-way communication. With McAfee, we have that type of communication and cooperation at all levels. Purdue and McAfee are definitely on the same team, fighting the bad guys together."Scott Ksander
Chief Information Security Officer, Purdue University
Much easier security administration
On the customizable McAfee ePO dashboard, graphs and charts show Purdue administrators at a glance what percentage of systems have out-of-date .DAT files or how many suspicious files have been intercepted. For example, in a recent quarter, McAfee Total Protection detected approximately 230,000 suspicious events. Of these, it automatically deleted 210,000 and denied access to 20,000.
By simply clicking on ePO dashboard items, administrators can drill down to review more detailed information. Recently, for instance, Purdue’s central ePO dashboard showed a spike in suspicious activity. “Using ePO, our incident response team quickly drilled down to determine what was going on and whether they needed to educate users or take some other action,” explains Ksander. “In this case, there was no cause for alarm, but if there had been, they could have taken action immediately.”
McAfee ePO saves Purdue security administrators hours each week because it lets them quickly and easily distribute new .DAT files or update McAfee software agents without having to leave the central console. ePO graphics and summary reports also make presenting information to University management quick and easy.
Scaleable centralized control
In the future, Purdue plans to take advantage of ePO even further by using it to centrally manage additional McAfee and non-McAfee security products besides ToPS for Endpoint, such as Endpoint Encryption or DLP.
“In an environment as distributed as ours, the ability to oversee multiple security tools from one central console simplifies our job immensely,” says Ksander. “We have learned over time that strong protection technology is a must, but it’s only part of the solution; you also need a good way to administer the technology.”
Data protection beyond campus
As at most universities, Purdue University has many remote users. Approximately 40 to 50 percent of Purdue employees work from their home or off campus at least some of the time. That’s why Ksander is excited about the possibility of issuing McAfee Encrypted USB devices to employees, to securely transport University data. McAfee Encrypted USB combines powerful encryption technology with strong access controls so that only authorized users can read the information stored on USB drives. Integration of the devices with ePO would make it easy for Purdue administrators to manage them.
ROI in positive reputation
“Reputation is to a university what profit is to a corporation,” says Ksander. “McAfee plays a key role in our nationally acclaimed SecurePurdue program, the goal of which is to protect our users and, ultimately, our reputation.”
“The fact that McAfee is a company truly dedicated to security, not trying to be all things to all people, is important to us,” adds Ksander. “So is open, two-way communication. With McAfee, we have that type of communication and cooperation at all levels. Purdue and McAfee are definitely on the same team, fighting the bad guys together.”