Case Studies Archive Search Case Studies

Community College Delivers Secure SharePoint Access to all Users with F5 Solution

A large U.S. community college wanted to give users access to all of its applications and services through Microsoft SharePoint—from anywhere using any device. By deploying a unified traffic management, access, and security solution from F5, the college was able to address all the performance, security, and remote access challenges of its SharePoint deployment.

Business Challenges

Serving more than 27,500 students, faculty, and staff, a U.S. community college relied heavily on its web portal for many services—from admissions and registration for students, to coursework and grading for faculty, and budget management for staff. “Our web portal experiences a massive amount of traffic,” says the school’s IT director. “If we can’t provide reliable performance, it has a major impact on the entire college community.”

Three years ago, the college's portal was performing slowly and unreliably to meet users' needs.  The IT team had deployed a Cisco ACE Application Delivery Controller (ADC) to address these performance issues, but the product’s load balancing and monitoring tools fell short of the team’s needs. “We never experienced the performance enhancements we anticipated, and the reports and status checks we needed in order to ensure the health of our servers were unavailable,” says the IT director.

The existing web portal also presented significant limitations for users. For example, remote users only had read access to files on the network drive, not write access. As demand for IT services grew, an initiative evolved to replace the existing web portal with Microsoft SharePoint, making it the single point of access to all applications and services from any device, internal or external.

To accomplish this, the IT team would have to address not only performance and reliability, but complex security and access control issues as well. “Users didn’t want to use a VPN to get to SharePoint and other applications, but access needed to be controlled and restricted,” says the IT director. “For example, we needed to allow only faculty members to access the grading tools.” The team also needed to protect the portal and all applications from malicious application layer attacks. A basic firewall was in place at the time, but it didn’t provide the level of security needed.

The IT team was also gearing up to launch Microsoft Exchange Server campus-wide for all users—faculty, staff, and students—whether they were working on campus, at home, or at an Internet café. The team had also received numerous requests to deploy Citrix XenApp to make applications available via a portal, and Citrix XenDesktop to provide faculty and staff a virtual desktop solution. This would relieve IT of the burden of installing applications on staff and faculty users’ laptops.

“Without the F5 solution, we couldn’t have provided SharePoint access to all our services and applications as successfully as we did.” IT Director

Solution

To address this broad range of challenges, the IT team evaluated solutions from F5 and A10, but quickly ruled out A10 as it could not provide the support or capabilities needed. Relying on research from Gartner and best practice guidelines from Microsoft for optimizing SharePoint deployments, the team ultimately chose the F5 solution. “It was clear that the BIG-IP platform was the best choice for our performance and reliability needs, and that it could provide all the security, remote access, and policy control functions we required,” says the IT director.

At each of its two data centers, IT deployed redundant pairs of F5 BIG-IP ADC devices running BIG-IP Local Traffic Manager (LTM). The team also deployed BIG-IP Global Traffic Manager (GTM), which intelligently directs incoming traffic to the closest or best performing site. In the case of a data center outage, BIG-IP GTM also provides failover to the secondary site, where the college has duplicate servers, storage, and key applications running behind the BIG-IP LTM devices.

Also deployed on the BIG-IP LTM devices is BIG-IP Access Policy Manager (APM), which provides fine-grained control over user access policies so the IT team can ensure each application is accessed only by authorized users.

Finally, because F5’s solutions are built on a unified platform, the IT team was able to deploy BIG-IP Application Security Manager (ASM) on the BIG-IP LTM devices without impacting the performance of other services. BIG-IP ASM provides the robust application level firewall needed to protect the college’s infrastructure from application layer attacks.

“Overall, F5 provides a complete return on investment, saving us time, money, and manpower.” IT Director

Benefits

The F5 solution has provided the critical security and access control capabilities the college needed in order to meet its ambitious goal of making SharePoint a single point of access for all users. “Without the complete F5 solution, we couldn’t have provided SharePoint access to all our services and applications as successfully as we did,” says the IT director.

Fast, safe, universal access via SharePoint

Since deploying the new solution, all users, whether working on campus or remotely, have fast, secure access to all college services, collaboration tools, and applications through SharePoint. Using BIG-IP APM, the IT team was able to create a custom login page where users enter their credentials for authentication, and then are directed to the SharePoint portal. From there, they can access any application they are authorized to use, including those available through XenApp. As an added bonus, they can do all this without having to download any client software or use VPN connections.

Superior application uptime and disaster recovery

By deploying BIG-IP GTM alongside a redundant pair of BIG-IP LTM devices in each data center, the IT team is able to provide 100 percent uptime and unprecedented stability for SharePoint and other applications. “We haven’t had any downtime or hardware failures since deploying the F5 solution three years ago; it has been completely reliable,” says the IT director. “The way the solution is configured, we can provide superior disaster recovery and ensure business continuity.”

Another perk is that IT administrators can take servers in and out of service for maintenance or upgrades without having any effect on user access or performance. “I’ve taken down all the servers at one data center for maintenance during prime time and shifted traffic to the other data center without any hiccup in application performance,” says the IT director. He also finds the health monitoring and reporting capabilities of the F5 solution far superior to those of the previous ADC solution.

Robust application level security

The IT team worked closely with F5 partner WhiteHat to integrate WhiteHat Sentinel’s vulnerability detection capabilities with BIG-IP ASM. The solution protects the college from the latest application level security threats by continuously scanning, identifying specific vulnerabilities, and enabling IT to configure effective remediation policies. “We couldn’t have provided safe remote access to SharePoint without the security F5 offers through BIG-IP ASM,” says the IT director. “And we don’t have to spend hours reviewing thousands of vulnerability log entries in order to configure ASM effectively.”

Low total cost of ownership

The IT director estimates the F5 solution will save the college up to $100,000 a year. “We get all the capabilities we need with F5—and we eliminated the need to purchase five or six solutions from different vendors.  By overseeing our environment through one F5 management and reporting console, the savings are immense,” says the IT director. “It’s simple enough to use that we didn’t need to hire anyone with F5-specific expertise,” he adds, noting that all tasks are handled by the existing IT staff. “Overall, F5 provides a complete return on investment, saving us time, money, and manpower.”

The college’s F5 and SharePoint deployment has been so successful that many other universities have visited the team to see how they can deploy similar solutions. The IT director says, “Other colleges are eager to learn how they can duplicate our success providing such great access, performance, and security using F5 solutions.”