BloxOne Threat Defense from Infoblox boost Bochum University’s defenses against phishing and other threats
“We had reached the point where we knew we had to act and create a new foundation for our network security.”
- Martin Schindler, Head of Network & Security, Bochum University
THE CUSTOMER: BOCHUM UNIVERSITY OF APPLIED SCIENCES
The Ruhr region of Germany has the densest concentration of universities in Europe, and one of the universities found here is Bochum University of Applied Sciences.
The university specializes in engineering and business and offers career-focused education and over 40 bachelor’s and 15 immersive master’s degree programs. More than 8,200 students study at Bochum University (as of November 2020) across a total of six departments: architecture, civil and environmental engineering, electrical engineering and computer science, geodesy, mechatronics and mechanical engineering, and business. In addition to the main campus in Bochum, the university also has an external site—the Velbert/Heiligenhaus campus, which focuses on computer science and engineering courses.
Bochum University’s administration is based at the Bochum campus and is divided into eight departments. Department 6 is the IT campus. It is responsible for providing the IT infrastructure, solutions, and tools essential for supporting the organizational processes in administration, research, and teaching. At the IT campus, a five-strong team is entrusted with the network and security, and it is responsible for ensuring a seamless and secure IT infrastructure. With the increasing risk of cyber attacks, the team’s responsibilities are even more challenging.
Customer: Bochum University
Industry: Education
Location: Bochum, Germany
Objectives: Protect against external security threats, specifically phishing, Ease the IT team’s workload, Guarantee “teaching freedom”
Results: Protection from phishing and other cyber attacks, Transparency via comprehensive analysis options, Simple installation and minimal maintenance
Products: NIOS DDI, BloxOne Threat Defense
THE CHALLENGE
Meeting the Need for Stronger Cyber Security
Infoblox’s network solution NIOS DDI has been in use at Bochum University for roughly six years. It helps the IT campus team manage DNS, DHCP, and IP address management (collectively known as DDI) easily and efficiently. But the need for additional cyber security was demonstrated to university IT managers during a meeting with Infoblox, when the NIOS solution’s capabilities at that point were reviewed. “In our conversation, Infoblox made us aware of the dangers of cyber attacks and enlightened us, so to speak, regarding DNS vulnerability,” says Martin Schindler, Head of Network & Security at Bochum University. “The fact that DNS protocol is involved in more than 90 percent of ransomware events was something we hadn’t even considered up to that point.”
Bochum University did have a security solution in the form of a web filter module on the firewall, blocking supposed malware. Unfortunately, this web filter worked very slowly when categorizing and updating web pages; as such, it did not provide the necessary protection. Bochum University, like all higher education institutions, also had to guarantee access to knowledge and content (including websites) in the spirit of “teaching freedom,” which meant that filters were used sparingly.
Experience of Phishing Attacks Prompts a Rethink
Last summer, the impact of cyber attacks became very real for Schindler and his team. Bochum University repeatedly fell victim to numerous phishing attacks, during which administrative employee access data was tapped. By restricting the number of outgoing emails, the problem was brought under control; however, the fear of new attacks, resulting damage to the university’s reputation, and follow-up costs remained. “We had reached the point where we knew we had to act and create a new foundation for our network security,” said Schindler. Thanks to the team’s existing contact with Infoblox and a more than satisfactory proof of concept, Bochum University decided on Infoblox’s BloxOne Threat Defense security solution.
THE SOLUTION
Powerful Network Security in the Cloud
In terms of cyber security best practice, the earlier any anomaly is detected, the greater the chance of avoiding damage. For this reason, BloxOne Threat Defense starts at the first point of communication: the DNS layer. Bochum University’s main aim was to avoid phishing attempts and users accessing suspicious websites. Whereas threats were previously blocked purely at a browser level—when it was already too late to prevent damage—the protection that BloxOne Threat Defense provides is much more effective. For example, all incoming emails are scanned via an emails gateway and any embedded information, such as the email origin or additional links, is checked for anomalies. A barrier at such an early stage greatly increases the chance of intercepting phishing attempts and other threats.
Full Transparency with Comprehensive Analysis Options
When used in isolation, even BloxOne Threat Defense does not offer 100 percent protection from phishing attempts in the system. However, used as part of an integrated security stack, the solution offers a decisive advantage for Bochum University—transparency. Thanks to the Infoblox portal’s comprehensive analysis options, Martin Schindler and his team can access all the relevant details, such as when a domain was registered and whether it has previously attracted attention. “Attacks don’t stop there, but thanks to quick analysis, we are now able to respond easily and rapidly and can internally block and prevent employees from following a link in an email and leaving sensitive data on websites,” says Schindler.
Another advantage that Schindler and his colleagues greatly appreciate with BloxOne Threat Defense is the minimal maintenance required. Qualified IT personnel are hard to find, so a solution that is essentially self-sufficient after initial installation, and that doesn’t take up much time and needs little maintenance, is particularly valuable. “The ratio of protection to effort is simply superb,” Schindler says.
THE RESULT
Successfully Countering Phishing Attacks
When BloxOne Threat Defense was presented to Bochum University, managers were immediately convinced they’d found the solution to their need for stronger security. This was the key component they had so far been missing to successfully counter attacks. The IT campus is certain there will be more phishing attacks, but thanks to BloxOne Threat Defense, the chances of success for the authors of phishing emails have been significantly reduced and the barrier facing attackers has been significantly strengthened. BloxOne Threat Defense represented an obvious improvement on the previous web filter, which is now obsolete, so the decision to go with the new solution was remarkably easy for Schindler and his team.
“Naturally, there are more complex applications for security solutions than ours at Bochum University,” says Schindler. “But the deciding factor was that Infoblox was able to meet our individual requirements and managed to give us a sense of security—and we are extremely pleased about that!”