Case Studies

The American University in Cairo Thwarts Cyberattacks with F5

American University in Cairo (AUC) students excel and faculty innovate in a secure, reliable digital learning environment, thanks to F5. By empowering IT staff to focus on strategic initiatives, F5 helps AUC drive success across its educational ecosystem.

Business Challenge

Cyber threats are an ever-present risk for universities, where expansive networks, thousands of students, and critical research data make them prime targets for attacks. As a prestigious English-language, American-accredited institution in the Middle East, AUC faces these challenges head-on. With 7,000 students benefiting from a cutting-edge physical and digital campus, AUC supports advanced learning applications that foster research, collaboration, and innovation. Safeguarding sensitive data and access to critical academic systems is a priority for Dr. Iman Megahed, AVP for Digital Transformation, Chief Knowledge and Strategy Officer at AUC.  “Imagine the diverse community of individuals living, learning, and interacting on our campus,” she says. “To deliver the experience our name and mission promise, a robust and secure technological foundation is crucial.”

Like many universities, AUC has seen a dramatic rise in cyberattacks with financial and political motives in recent years. DDoS attacks targeting its network infrastructure are especially harmful. During critical periods, such as exam weeks, major campus events, and peak registration periods, these attacks escalated, disrupting essential services.

Attacks surged to unprecedented levels, according to Osama El-Gedawy, Senior Manager of Information Security Operations at AUC. While Internet service providers attempted to mitigate the threats, their solutions often created a “black hole” effect, essentially disconnecting the university from the Internet.

Beyond security concerns, AUC’s transition to a cloud-first strategy introduced additional challenges. With applications and research workloads increasingly moving to the cloud, the university needed a unified security approach to protect both on-premises and cloud environments while ensuring uninterrupted operations.

Solutions

To defend its systems and ensure a smooth transition to a hybrid server environment, El-Gedawy and his team turned to F5, the university’s long-term IT partner. For over seven years, AUC has relied on hardware-based solutions on the F5 platform as the backbone of its application security and availability strategy. F5 BIG-IP Advanced WAF protects the university against threats listed in the OWASP Top 10, while F5 BIG-IP Local Traffic Manager (LTM) load balancing ensures that systems are always available, especially during spikes in demand.

Along with these solutions, Megahed emphasizes the frequent, high-quality releases and features from F5. Additionally, the proactive approach of F5 engineers and account managers allows the university to adapt quickly to both planned and unexpected events. 

When the COVID-19 pandemic forced a rapid transition to remote learning, the university had to scale its digital services overnight. It turned to F5 for protection of new applications, including a COVID-19 health monitoring system for employees. The shift to virtual learning and operations also expanded the attack surface significantly, a challenge F5 addressed by securing the university against emerging cyber threats.

Now, F5 is supporting the university as it reaches another important IT milestone, the migration of an increasing number of applications to the cloud. While this has major cost saving and scalability advantages, it also increases network exposure due to Internet-facing services, APIs, and remote access. 

Matters reached a head during a particularly aggressive DDoS assault on the university’s systems. El-Gedawy picked up the phone and called his F5 account manager requesting assistance to repel the attack. Without hesitation, a team of F5 experts immediately routed all university traffic across the F5 global private network, deploying F5 Distributed Cloud DDoS Mitigation to stop the attack.

"The transition was incredibly smooth,” says El-Gedawy. “Since adopting F5 Distributed Cloud DDoS Mitigation, we’ve seen a significant decrease in attacks, and thankfully, haven’t encountered similar disruptions. The F5 Egypt team provided outstanding support.” He also highlights the role of additional app and API protection services on the F5 platform that deliver continuous defense and API protection, alongside DDoS mitigation capabilities that detect and prevent attacks before they reach the network infrastructure and applications. 

With these resources, the university can now focus on strategic security roadmaps, anticipate future threats, and implement solutions without placing stress on internal teams. “We don’t view F5 just as a vendor, but rather as a partner that is agile, innovative, and reliable. We can all sleep better at night!” says Megahed.

Results

Drive innovation in education

As cybersecurity threats evolve and cloud adoption accelerates, F5 gives AUC a secure platform for the deployment of advanced educational tools. The university is integrating AI—from chatbots and AI tutors to VR/AR labs and competency-based frameworks—across various disciplines, offering students hands-on experience with cutting-edge technologies.

“We are committed to integrating AI into all aspects of education and operations,” says Megahed. “F5 empowers AUC to deliver a world-class digital learning experience, ensuring students, faculty, and researchers can innovate, collaborate, and excel without disruption.”

Reduce pressure on staff

Managing a university’s complex IT infrastructure can be overwhelming, with security threats, system performance issues, and downtime risks placing constant pressure on IT teams. With Distributed Cloud DDoS Mitigation automating security, traffic management, and threat mitigation, AUC’s IT staff no longer spend their time firefighting system outages or responding to DDoS attacks. 

Freed from routine maintenance and crisis management, staff can dedicate more time to developing new technologies, supporting faculty and students, and driving AUC’s digital transformation. 

Minimize downtime from DDoS attacks

AUC faces frequent DDoS attacks, particularly during exam weeks, major campus events, and peak registration periods. By transitioning to Distributed Cloud DDoS Mitigation, AUC benefits from real-time threat detection and automatic mitigation, ensuring continuous availability of its critical applications. 

Since deployment, the university experienced a significant reduction in attack-related downtime, improving both operational efficiency and the user experience.

Secure a hybrid cloud strategy

With applications and services distributed across on-premises data centers and the cloud, AUC needed a unified security framework that could protect its hybrid infrastructure. The F5 Application Delivery and Security platform provides centralized security management, safeguarding both legacy and cloud-native applications. 

This ensures that sensitive research data, learning management systems, and student portals remain secure and accessible regardless of where they are hosted. By integrating F5 security controls across multiple environments, AUC can maintain seamless, policy-driven protection while advancing its cloud-first strategy.

Adopt AI-powered security

As cyberthreats become more sophisticated, AUC plans to take advantage of AI-driven threat intelligence within the F5 Application Delivery and Security Platform to anticipate and mitigate emerging risks. This proactive approach empowers security teams to detect anomalies faster, automate response strategies, and enhance real-time protection against evolving attack vectors. 

With AI-powered security, AUC can stay ahead of potential cyberthreats without overwhelming its IT team with manual monitoring. By integrating machine learning and advanced analytics, AUC expects to maintain a resilient and future-ready digital campus.

See all customer stories  ›

The American University in Cairo logo
Benefits
  • Mitigate cyber threats effectively   
  • Ensure continuous availability   
  • Enable resilient hybrid cloud strategy   
  • Reduce pressure on IT staff   
  • Streamline operations management
  • Centralize security policies in multicloud environments
Challenges
  • Combat rising cyberattacks   
  • Prevent service disruptions   
  • Secure hybrid cloud environments   
  • Manage IT workloads
  • Reduce complexity related to tool sprawl
Products

Distributed Cloud Web App & API Protection ›

Distributed Cloud DNS ›

DDoS Mitigation ›

BIG-IP Advanced WAF ›

BIG-IP Local Traffic Manager ›