Organizations are constantly at risk when it comes to protecting their data against threats while maintaining performance, and higher education and academic institutions are no different. In fact, sometimes research universities have even more pressure to do more with less. I’m referring to the pressure of ensuring their network and applications are performing at world-class levels, regardless of vertical, and maintaining the highest levels of security to protect their research, data and network users all while saving as much money as possible to put back into the education and research.
Currently, Gigamon is working with a number of academic partners, including the University of Glasgow and the University of Wisconsin-Madison (both contributing research resources to the Large Hadron Collider), helping them to anticipate and mitigate potential security risk by enabling comprehensive active visibility for their networks while maximizing the ROI of the performance and security monitoring infrastructure. With thousands of students, faculty and staff using their respective networks each day, often from a variety of locations and increasingly through a multiplicity of devices, each institution needs to protect itself from the threat of malicious traffic and serious breaches without sacrificing performance, network quality or availability. Here, we take an in depth look at how Gigamon has partnered with each university.
The University of Glasgow
Founded in 1451, the University of Glasgow is a research-led institution with campuses in Glasgow, its suburbs and in several Glasgow teaching hospitals and reaches 20,000 students and 6,000 staff members. As one of the UK’s leading research centers and a member of the prestigious Russell Group of UK research universities, it contributes to research programs with a global impact, in fields that range from the rapid detection of malaria to the biggest particle physics experiment in the world: the Large Hadron Collider.
The University’s IDS (Intrusion Detection System) alerts its IT security department to potential network threats, but with 30,000 users, there’s a significant problem of scale. As Internet traffic has grown to more than ten gigabits per second, the mirrored port used on one of its Internet gateway routers was only able to monitor a fraction of the overall capacity, and it became less and less probable that the system could identify malware or cyber-attacks. The problem couldn’t be resolved simply by adding multiple mirrored router ports, so the University needed a technically viable and cost-effective way of upgrading its IDS system to detect hacking attempts and identify PCs infected with malware – all at speeds of multiple tens of gigabits per second.
Gigamon developed a tailored solution to meet the University’s specific needs that included mirroring external Internet traffic using Gigamon’s G-TAP optical network TAPs, which duplicate all the traffic passing over the 10Gb links. The system then uses Gigamon’s GigaVUE-HB1 Visibility Fabric™ node with hardware-based patented Flow Mapping® technology to isolate the traffic that needs to be sent to the IDS systems, and excludes irrelevant traffic. Today, the University of Glasgow has 40Gb speeds running in its core and its network monitoring capabilities have scaled to encompass all traffic coming across its 10Gb internet links, enabling detection of compromised machines, viruses identification and remedial action. In addition, the University is now able to operate its IDS systems on a cluster of commodity servers, as well as repurpose existing network monitoring and measuring equipment, both resulting in significant cost savings.
The University of Wisconsin-Madison
As one of the premier research facilities in the world, home to more than 100 research centers and programs, the University of Wisconsin-Madison processes and shares massive amounts of data with other facilities such as CERN, home of the Large Hadron Collider. Following a significant network upgrade, which adapted the existing WAN design to cater to increasing volumes of data sharing and peering arrangements with partner facilities, the University’s network monitoring platform began dropping traffic. The main challenges included the need to monitor 100 percent of traffic on a 100Gb link plus 10Gb internal network traffic, as well as the distribution of traffic to multiple network security, monitoring and troubleshooting tools that have 10Gb network interface controllers (NICs). In addition to the ability to optically tap up to 100Gb with zero loss, UW-Madison needed the flexibility to dynamically configure the solution to send the tapped traffic to multiple departments.
Working with Gigamon, the University selected Gigamon’s Visibility Fabric™ to meet these challenges while ensuring ease-of-use and high volume processing. Gigamon passive optical TAPs, 100Gb high capacity line cards, and the GigaVUE-HD4 chassis-based fabric node now provide 100 percent of the monitored traffic and deliver it to security and troubleshooting tools. The result is that the University can now optically tap the two 100Gb Internet connections and 48 10Gb LAN ports to get 100 percent visibility of all north/south and east/west traffic. It’s able to send traffic from any point on its network to any team within the institution that needs it and is finally able to have visibility to 100 percent of traffic to monitor for security and network management.
Read the full case studies linked below for more!
- University of Glasgow Cost-Effectively Scales its Intrusion Detection System
- University of Wisconsin-Madison Chooses Gigamon for Large-Scale Data Center Monitoring
You can also check out our recent solutions overview which discusses how security teams are turning to multi-tiered and parallel deployment approaches, leveraging the latest threat intelligence tools to protect their network: Active Visibility for Multi-tiered Security.