Getting Smart About Campus Security

University of North Carolina at Charlotte has deployed a secure platform that integrates tools and technology for improved visibility and intelligent security.

close up programmer student man hand typing on keyboard at computer picture id1170935904
iStock

The University of North Carolina at Charlotte (UNC Charlotte), just like many organizations, has to provide a lot of security with few resources.

UNC Charlotte’s five-person IT security team must protect 30,000 students, 5,000 faculty and staff members, more than 13,000 endpoints, over 700 servers, plus thousands of pieces of networking equipment.

“Like many universities, we're under-staffed and under-resourced,” said Jesse Beauman, Assistant Vice Chancellor for Enterprise Infrastructure at UNC Charlotte. “So, we try to leverage intelligent security, which to us means products and services that mesh with our campus and how our people work.”

That’s why the university has deployed the Cisco SecureX platform. The solution seamlessly integrates all of UNC Charlotte’s Cisco tools—including AMP, Email Security, Stealthwatch, and Umbrella—as well as other third-party systems, including logging analysis tools, identity management technology, and network directory services.

“Our head of security likes to tie in as much stuff as he can,” Beauman said. “All of this now goes through SecureX and the security tools cross-talk. They see what’s going on and detect anomalous behavior.”

The Value of Intelligent Systems

The benefits are significant; Beauman listed visibility, scalability, adaptability, cost effectiveness, and intelligent security—the last of which has multiple knock-on impacts. To illustrate the point, he described how the UNC Charlotte security team prepared for the first day of classes this fall semester:

“A lot of people had started turning on machines that hadn’t been on in months, and they were trying to reach out to command-and-control servers because they were infested with malware,” he said.

“We were able to use SecureX with all of its various integrations to figure out what these machines were, who had logged into them, and what type of malware was on them. From there, the security team was able to put blocks into Umbrella, leverage AMP to clean the malware, then see if any of the malware came from email and tie those blocking agents into Cisco Email Security.

“The team did all that in about 10 minutes—all working remotely,” he continued. “Without SecureX, it would have taken about half of a week. We’ve been able to amplify our staff by a factor of three or four. So having five full-time people with these tools, it’s now like having 15 or 20 people on staff.”

The value reaches beyond the benefits to staff. Beauman estimates that on average:

  • AMP blocks around 1,000 compromises per day
  • Cisco Email Security blocks about 1.3M bad emails per day, including spam and phishing attempts
  • Stealthwatch blocks around 300 command-and-control attacks per day
  • Umbrella, which UNCC is just rolling out, is already blocking 11,000 malicious URL attempts per day

Beauman stresses that another benefit is visibility. “SecureX brings together all this traffic that we otherwise wouldn’t have been alerted to.”

Next Steps

“The bad actors are moving, as my boss says, at the speed of computers,” Beauman says. “We need to respond at that same speed. Solutions like Secure X, with its integration and orchestration, allow us to do that.”

Asked what advice that he’d give to his peers, Beauman said:

“You just have to get started. Security sounds difficult, but it’s not an impossible task. It does need to be adaptable and intelligent. Your solutions must be tied to your organization and its workflow. If you meet that criteria, you’re going to be successful with deploying a security solution.”

Discover how Cisco SecureX works, including its many features and capabilities. 

Related:

Copyright © 2020 IDG Communications, Inc.