Published on 21-Dec-2011
"The security products from IBM give you a good return on your money. From my perspective, it saves me a lot of time, and it saves my team a lot of time, which I can say is very well worth it." - —Chris Polkinghorne, Security Technical Lead, Melbourne IT
Security: Identity and Access Management, Security: Governance, Risk and Compliance
Chris Polkinghorne of Melbourne IT discusses the challenges of managing security at a school system in Australia.
Melbourne IT faces the challenges of managing security at a school system in Australia. The organization supports approximately 480,000 students and about 1,300 schools. Web traffic alone measures about 20 terabytes a month.
The organization uses IBM Security Network Intrusion Prevention System at the borders of its hosting platform, on high-risk servers. The data is fed back to a central site protector system, which collects the information, and provides reporting and log correlation. The system can automatically block network access based on the organization’s rules.
Increased visibility by automatically monitoring an immense about of traffic; Helps shut down attacks automatically; Saves staff time to provide an excellent return on investment
Addressing school system security challenges
· IBM® Security Network Intrusion Prevention System
“Our position is that we do managed IT services for every single school in Queensland,” says Chris Polkinghorne, security technical lead for Melbourne IT. “That gives us a massive range of challenges. The biggest and most interesting one is probably the fact that we essentially have two networks that we need to work with: one is the Internet and one is the school system. We have to border off these zones and keep those two forces away from each other as best we can.”
“We're supporting approximately 480,000 students, about 1,300 schools,” says Polkinghorne. “Just web traffic alone, we're doing about 20 terabytes a month. Students are inquisitive by nature, and you don't want to discourage that. Unfortunately, sometimes that learning takes them to places which are not the best for them to go to.”
“We're using IBM® network IPSs [IBM Security Network Intrusion Prevention System] at our borders of the hosting platform,” says Polkinghorne. “We're using the host IPS agents on high-risk servers, and all that feeds back to a central site protector system, which is collecting the information, and doing reporting and log correlation. It's all automatic. When it picks something up, it'll sort of look and check your rule system. And if we've defined it as block this, then it'll go and block it. So when we see these attacks coming in, it'll shut them down automatically.”
“The network IPS [IBM Security Network Intrusion Prevention System] has given us a great level of visibility; it’s sitting on our borders, and so it sees an immense amount of traffic,” says Polkinghorne. “It's been great for hosting websites because it gets the view, like when the SSL traffic's decrypted, that a network IPS doesn't get. It's been fantastic for that.”
“The security products from IBM give you a good return on your money,” says Polkinghorne. “From my perspective, it saves me a lot of time, and it saves my team a lot of time, which I can say is very well worth it.”
For more information
To learn more about IBM security solutions, please contact your IBM sales representative or IBM Business Partner, or visit the following website: www.ibm.com/tivoli/security
Products and services used
IBM products and services that were used in this case study.
© Copyright IBM Corporation 2011 IBM Corporation Software Group Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America December 2011 IBM, the IBM logo, ibm.com, and Tivoli are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml Other company, product, or service names may be trademarks or service marks of others. The information contained in this documentation is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this documentation, it is provided “as is” without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this documentation or any other documentation. Nothing contained in this documentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM (or its suppliers or licensors), or altering the terms and conditions of the applicable license agreement governing the use of IBM software. TIC14211-USEN-00