F5 Features

 

Articles Archive   Search Articles

This story is a translation of the published article here. 

Conserving energy on campus and moving to the cloud have become one of the most topical issues and trends worldwide. In response to the advocacy of campus energy conservation, early this year the Computer and Information Networking Center (C&INC) of National Taiwan University (NTU) launched a three-year virtualization project, assisting elementary schools, high schools, colleges and universities to move their dedicated servers to the cloud operated by NTU Network Regional Center. This initiative aims to reduce energy consumption of server rooms at all schools and colleges, which can in turn contribute to energy conservation and carbon reduction. To encourage more schools to participate in the project and move their servers and applications to NTU Network Regional Center’s cloud, C&INC decided to add web application firewall features to its cloud environment. Schools can now conserve energy, have better performance and security of their applications all at the same time.

The cloud infrastructure of NTU Network Regional Center currently has six x86 servers, each of which can build in 20 virtual hosts, and two 48TB storage facilities, serving as each other’s back up. Till date, 19 elementary schools, high schools, colleges, universities and research institutions, including the renowned “Taipei CooC Cloud,” directed by the Taipei E-learning Education Center of the Taipei Department of Education, have applied to move to NTU’s cloud, taking up a total of 102 virtual hosts.

Apart from server virtualization, NTU Network Regional Center also provides academic institutions with its core services including management, security, user authentication, storage, networks, etc. For example, the center can offer RAID and back up mechanisms to ensure information security as part of their storage service; the center can adjust a network’s bandwidth in accordance with the demand of the corresponding institution for network services; and with assistance of F5’s Web Application Firewall (WAF) solution, the center can offer greater protection while institutions run web application.

 

SQL injection has become the biggest threat for academic institutions

Traditional firewalls and intrusion prevention systems (IPS) are no longer effective to withstand the sophistication of cyber attacks, which have become one of the biggest security threats to web applications provided by both the public and the private sectors. SQL injection, in particular, has the greatest impact on academic institutions. After Google launched encrypted search, web attacks have become even more rampant. HTTPS suddenly become the main trend on the Internet after Yahoo, Facebook and Twitter joined the cause. Despite the fact that HTTPS protects Internet users by ensuring data security during transmission, it also gives hackers the convenience of anonymity. To resolve the abovementioned issues, WAF is the only way out, serving as the best security solution for HTTPS websites and web applications.

However, due to limited budgets and resources, not all schools and colleges can afford WAF solutions, making it hard to address various web attacks, such as the most rampant SQL injection. NTU’s cloud infrastructure provides web security services via WAF deployment. This is, without a doubt, the most cost-effective solution for schools and colleges often affected by SQL injection attacks. C&INC recently demonstrated mitigating situations of hackers tempering with school systems to alter test scores. This provided schools and colleges with an understanding of the importance of WAF deployment, which helped to drive participation to the cloud.

 

Provide premium web protection to key virtual hosts at schools

To provide better web security and protection services, C&INC evaluated three major WAF solution providers, including F5. F5 BIG-IP ASM successfully passed 16 Proof of Concept (PoC) tests on simulated attacks, including SQL injection and hacking. BIG-IP ASM turned in results showing high efficiency, great stability, impeccable price-performance ratio and flawless web protection ability to effectively withstand DDoS, SQL injection, XSS, session hijacking, brute-force attack and active botnet infiltration. Together with its compliance report and the implementation of its professional security policy, F5 BIG-IP ASM became the WAF solution adopted by NTU.

After completing the PoC test on WAF this May, the center has formally initiated the migration of BIG-IP ASM in September. Currently, the number of virtual hosts applied has reached 102. In the initial stage, BIG-IP ASM will be set up to protect virtual hosts engaging in external services or having high risk of being hacked.

Each institution has different demands for different kinds of services, and hence a need to tune intelligence learning and security policy respectively. With F5’s professional technical support, the problem of public IP distribution was successfully overcome and many functions are set up via F5 iRules. Different from deploying traditional firewalls and NAT, which use application policy as their main source of security and protection, under the guidance of F5’s technical advisors, C&INC has successfully adopted reusable security policy and a standard deployment model for its end users and over 80% of its applications. It is estimated that C&INC will be able to complete all of its virtual hosts’ web security settings by the end of this year.

 

Combine F5 WAF log with big data analytics and establish SOC

Through the deployment of BIG-IP ASM, web attacks such as SQL injection can be blocked effectively, securing all key web applications and personal information on virtual hosts at NTU’s cloud. This is especially beneficial to schools and colleges where funding and human resources are limited. Now, schools and colleges only need to apply for virtual hosts in the cloud and they will be able to enjoy the long-desired benefits brought by WAF deployment. This way, more and more schools will follow suit and, more and more campuses can become greener and more energy efficient.

In the future, C&INC and F5 will collectively build a big data analytics platform for security log analysis. Based on website access reports on Internet user behavior, hacker behavior and Internet traffic vulnerability collected for BIG-IP ASM’s daily operation and maintenance, C&INC and F5 can develop academic research ideas on security that can be put into action later on. Moreover, C&INC and F5 can also establish a security operation center (SOC) providing professional security consulting services to assist schools and colleges to combat known and new emerging threats.