Founded in 2005, SIM University is Singapore’s only privately funded university dedicated to the educational needs of working professionals and adult learners. SIM University offers flexible, modular programs that accommodate their schedules and helps them gain the skill sets and educational degrees needed to succeed in, or change careers. Approximately 11,700 students, ranging in age from 21 to over 60, all part-time, are enrolled at the university.
Constant Attacks Rob Network Bandwidth, Impact Performance, and Waste Security Administration Time
For many of SIM University’s programs, online learning complements the time students spend in the classroom or lab. “Because our students can use it on their own timetable and access it from anywhere via the Internet, our learning management system is one of the most important solutions the IT department provides to students,” explains Gary Teo, SIM University’s director for campus IT services.
“Like any organization with a presence on the Internet, we are constantly being attacked by hackers and various forms of malware,” adds Teo. “These daily attacks chewed up network bandwidth and decreased network throughput by as much as 30 percent at times. They also tied up precious IT administrator time that could have been spent elsewhere.”
Wanted: Security for Today and tomorrow
As SIM University researched the best security solution to combat these daily attacks, it considered a number of leading security vendors and solutions. “We knew this wouldn’t be our only security issue,” says Teo. “Ideally, we wanted multilayered security from a vendor that could meet all of our security needs, now and down the road. It was clear that McAfee had the broadest range of security solutions available and the ability to provide a complete end-to-end solution. We also liked that McAfee was focused solely on security, unlike many of its competitors.”
Three Layers of Protection
As a first line of defense, SIM University implemented McAfee Firewall Enterprise in its data center demilitarized zone (DMZ). McAfee Firewall Enterprise includes enhanced security powered by McAfee Global Threat Intelligence (McAfee GTI), a comprehensive cloud-based threat intelligence service that works in real time, 24 hours a day, to protect customers against cyberthreats across all vectors—files, the web, messages, and networks. McAfee Firewall Enterprise uses the McAfee GTI network connection reputation service to help reduce the overall “attack surface area” that traditional firewalls may leave exposed. The McAfee solution does so by identifying domains, IP addresses, and ports that may be hosting malware attacks and blocking those attacks. It also uses web reputation information to identify URLs that may be infected or hosting malware attacks, as well as sites hosting undesirable content.
Secondly, to detect and prevent network intrusions before they reach the core of the university’s data center, SIM University deployed a pair of McAfee Network Security Platform appliances—one for production and one to ensure redundancy and high availability. Before Internet traffic can reach the university call center, it must go through the McAfee Network Security Platform, which uses McAfee GTI file reputation and network connection reputation data to detect suspicious files before they are identified as carrying malicious payloads, as well as domains/IP addresses that are infected or hosting malware attacks.
“Thanks to the McAfee solutions, our students no longer encounter performance issues with the learning management system, and they can count on it being available when they need it. Reduced network traffic and vastly improved system stability mean less work for IT administration too.”Gary Teo
Director Campus IT Services, SIM University
After leaving the McAfee Network Security Platform in detection mode several months to establish normal versus abnormal traffic patterns and types of traffic, SIM University switched from monitor mode to preventive mode to proactively block and quarantine any suspicious traffic that makes it past the firewall, including known, zero-day, denial-ofservice (DoS), distributed denial-of-service (DDoS), SYN flood, and encrypted attacks.
As a third layer of security, SIM University deployed McAfee Web Gateway in front of its application servers, including the learning management system server, to prevent unwanted incoming Internet traffic from clogging bandwidth—or worse. “[McAfee] Web Gateway, like the other McAfee solutions, was easy to deploy and easy to administer,” states Teo.
Improved Security Posture from the Start
Before the McAfee deployment, a virus attack shut down a number of SIM University systems. SIM University’s IT department spent 24 hours remediating the situation. Since implementing the three-tiered McAfee solution, however, SIM University’s network has not experienced a single major security incident or virus attack. “There’s no doubt that the number of security incidents we have had to deal with has dropped significantly,” says Teo.
Increased Stability and Availability for the Learning Management System
With McAfee Firewall Enterprise, McAfee Network Security Platform, and McAfee Web Gateway protecting SIM University’s network, the university’s critical learning management system’s availability is above 99.9 percent. “Thanks to the McAfee solutions, our students no longer encounter performance issues with the learning management system, and they can count on it being available when they need it,” says Teo. “Reduced network traffic and vastly improved system stability mean less work for IT administration too.”
SIM University is considering adding McAfee Vulnerability Manager to its security arsenal to proactively assess vulnerabilities of all the systems on its network. Integration of the McAfee Vulnerability Manager with McAfee Network Security Platform would allow SIM University to have vulnerability scan data automatically correlated with intrusion event data to help quickly determine event relevancy. SIM University administrators could also initiate ondemand scans of a single IP address or group of IP addresses directly from within the McAfee Network Security Platform alert console—thus providing a simple way to access near real-time updates of host vulnerability details.
“With McAfee, we can continue to add to and modify our security resources as our needs evolve,” concludes Teo. “Ultimately, our goal is to enable the highest quality of network services for SIM University students and staff. McAfee provides the forward-looking security to help us attain that goal.”