Queen’s University Belfast Proactively Protects Against Advanced Malware Using Infoblox
“Advanced malware exploits, such as phishing and data exfiltration, are especially concerning for research focused institutions, such as Queen’s. These types of attacks put universities in a challenging position because we need to protect against theft of intellectual property, or for instance, protect against a cybercriminal leaking research before it’s ready to be published. We wanted to ensure that our new IPAM solution would incorporate threat detection and prevention. Infoblox with its BloxOne Threat Defense solution was able to demonstrate the ability to protect our users against sophisticated DNS-based threats, which is where 91% of threats occur.”” —David Nelson, Head of Networks, Queen’s University Belfast
THE CUSTOMER – QUEEN’S UNIVERSITY BELFAST
Queen’s University Belfast is a top-ranked and world-renowned public research university in Belfast, Northern Ireland.
Founded in 1845 and led by Chancellor Hillary Clinton, former U.S. Secretary of State, the university was established with collaborative innovation at its core. Queen’s is one of the largest employers in Northern Ireland with nearly 4,000 faculty and staff. Nearly 25,000 students attend the university. Queen’s students, faculty, staff, and guests are located in more than 80 countries, creating a vibrant, diverse, multi-cultural community.
Customer: The Queen’s University Belfast
Industry: Education
Location: Belfast, Northern Ireland, United Kingdom
Objectives: Enhance cybersecurity posture, Improve visibility into network operations, Secure core network operations, devices, and user data, Migrate legacy database and DHCP/DNS services to a resilient, supported solution
Results: Proactive threat detection and protection against advance malware, Centralized network management through a single console, Delegated administration across multiple teams throughout the university
Products: BloxOne Threat Defense, Reporting and Analytics
Queen’s IT investments include advanced online learning opportunities via “Queen’s Online,” including access to over 1,700 PCs providing secure, highspeed wireless broadband Internet connection based in 20 centers around campus. The University is also in the process of developing a new, state-of-the-art remote learning platform known as The Bridge. The Bridge offers participants around the world a fully immersive online learning and teaching environment. It combines a traditional physical lecture theater with real-time video collaboration for up to 64 remote users at once. Head of Networks David Nelson and his team are responsible for managing and protecting the Queen’s University network and with protecting all users, data, and devices wherever they live.
THE CHALLENGE
Improving Visibility into Network Operations, Enhancing Security
The IT team identified several priorities to update its IT systems: improve operational efficiency, centrally manage network operations, enhance network visibility, and proactively protect against the widest range of advanced DNS-based threats, such as ransomware and data exfiltration.
In order to resolve these pain points, the Queen’s team needed to replace its aging legacy network management system. In place for many years, this system did not support delegated administration and offered limited DHCP resilience. Further, it was not IPv6-capable, offering IPv4 support only.
Further, in order to realize their objectives on optimizing the university’s security posture, the team needed to implement robust DNS-based malware protection and effectuate a separation of internal DNS from external DNS operations.
THE SOLUTION
A Proactive Approach to Protecting Against DNS-Based Threats
The IT team at Queen’s is highly cybersecurity conscious and understands the vulnerability of DNS as the leading threat vector in today’s rapidly evolving security landscape. David Nelson and team are also well informed of the unique cybersecurity challenges that higher education institutions are facing. He states, “Advanced malware exploits, such as phishing, and data exfiltration, are especially concerning for research focused institutions, such as Queen’s. These types of attacks put universities in a challenging position because we need to protect against theft of intellectual property, or for instance, protect against a cybercriminal leaking research before it’s ready to be published. We wanted to ensure that our new IP address management (IPAM) solution would incorporate threat detection and prevention. Infoblox with its BloxOne Threat Defense solution was able to demonstrate the ability to protect our users against sophisticated DNS-based threats.”
THE RESULT
A Network Optimized for Greater Visibility and Efficiency
Queen’s is now benefitting from BloxOne Threat Defense, Infoblox’s subscription-based, hybrid security solution that leverages the cloud to detect more threats and protect users anywhere while tightly integrating with the on-premises ecosystem. It also provides resiliency and redundancy not available in cloud-only solutions. With Infoblox, the customer can centrally and automatically secure devices, apps, virtual machines, and switch ports wherever they reside, all using a common console.
Nelson continues, “Since we can only protect what we can see, we needed greater visibility into our network and the ability to report on usage more efficiently. Infoblox provides centralized management through a single console and delegated administration across our multiple teams throughout the university. As a result, we can ensure highly available core networking services, such as DNS and DHCP, and thus, reliable access to all applications and services online.”
the university. As a result, we can ensure highly available core networking services, such as DNS and DHCP, and thus, reliable access to all applications and services online.”