The massive increase in demand for remote access has encouraged Canterbury University to reinforce its perimeter firewall by making its network hacker-resistant at the desktop and server level.
With 12,500 students, 1400 staff and more than 5000 connections to the network on any given day, security has been a major concern, says Canterbury University network manager Jerry Schave.
Schave says that with 2200 seats in computer labs and 500 students in hostels accessing the university’s network, the university needed a centrally managed but distributed security solution for at-risk desktop and servers. It chose 3Com’s embedded firewall, which uses packet-filtering, firmware embedded in network cards and central management software using which the network manager can set security policies.
The embedded firewall solution will provide protection from hacking incidents initiated from the computer labs and university hostels, or potentially disgruntled employees who may try to alter data on one of the 120 campus servers.
Initially the university will deploy the embedded firewall solution on the 16 servers used by management information system staff and students.
“Once we see the results of this deployment we will gradually deploy the solution on departmental servers and other machines where confidential information such as students grades and records are stored,” says Schave.
Schave describes the university campus network as being built around a dual wagon wheel configuration using distributed routing. Each of the two hubs is a 12-port 1Gbit/s switch feeding a router over a diverse path.
These routers in turn connect each department to the backbone. Currently the only 1Gbit/s connection to the backbone is from the IT server farm, which comprises about 15% of the servers on campus. The internet connection is 100Mbit/s and the university is hoping to provide high-speed access to users using DSL or cable modems later this year.