Sting taken out of security, threats: Georgia Tech switches to a comprehensive solution for running best-of-breed applications - Network Security

Communications News,  June, 2003  

• E-mail
• Print
• Link

The Georgia Institute of Technology, in the heart of downtown Atlanta, is one of the country's premier research universities, and, like other universities, needs to protect the security of its network. With its reputation to uphold, a robust network security infrastructure is paramount.

Georgia Tech has an active network that moves between five and six terabytes of data each day during the academic year. The institution had previously been running Enterasys' Dragon and an additional intrusion-detection application on purpose-built appliances, which did not provide the performance and scalability to effectively handle the network's traffic. The solution also did not provide granular monitoring for intruders.

Most Popular Articles in Technology

An overview of continuous data protection

Why all those current ratings?

Many countries now have a mobile penetration rate above 100%, report says

The Tata Group's big telecom gamble: VSNL's recent acquisition of Tyco ...

MEASURING BANK BRANCH EFFICIENCY USING DATA ENVELOPMENT ANALYSIS: MANAGERIAL ...

More »

Last year, Georgia Tech's Office of Information Technology decided to upgrade the university's intrusion-detection system (IDS) as part of its more proactive stance on network security. Brian Culver, Georgia Tech's technical project director, spearheaded this effort.

"We needed a more complete solution for our intrusion-detection application that was both robust and easy-to-use," says Culver. "We had previously been developing our entire IDS setup by hand, but there were no appliances on which we could run the application that could handle the tremendous speeds that we require."

Culver considered purchasing several load balancers to improve the speed of the IDS, but soon discovered another option--the Crossbeam X40, a single-box security services switch that replaces a host of servers, devices and load balancers to provide a single, comprehensive solution for running security applications.

Georgia Tech placed an X40 running Enterasys' Dragon IDS at the network's demarcation point, a wide border that includes two OC 12 links to Internet 1, and an OC 48 link to Internet 2. Professional services teams from Crossbeam Systems and Enterasys Networks provided the configuration and operational support to get the solution running.

The solution couples the performance necessary to handle the significant traffic flowing into a typical academic network with self-regulating and self-healing technologies that allow it to provide "five nines" high availability. The university also can equip it to provide bulletproof security with the latest best-of-breed antivirus, firewall and VPN applications from a growing list of name-brand application providers. In addition, Georgia Tech will be able to add additional applications to the X40, without investing in additional infrastructure, or compromising the speed of the network.

The solution features redundant network and control-processing modules and up to 10 application processing modules. The school's X40 was equipped with Dragon running across multiple application modules, each equipped with either single or dual Pentium processors with up to 4 GB of RAM. With the redundant application modules, should one fail, the device's network-processing module intelligently routes traffic to an open module. The solution's load-balancing technologies intelligently route traffic across the application-processing modules (APMs) without the need for additional software, load balancers or switches.

Culver notes the solution's complete Linux compatibility and scalability as key features. "The throughputs on each of the APMs are solid, and I can easily scale up performance by adding more APMs to the box."

Georgia Tech pays only a fraction of what it would have paid had it purchased the dozens of servers, load balancers and other devices that the solution replaces. Also, should Georgia Tech eventually decide to add a firewall, VPN, Web filtering or additional IDS applications to its network, it will not need to add any additional infrastructure to the network.

"The biggest benefit is not having to purchase a separate load-balancer and not having to purchase and individually manage multiple appliances," Culver says. "Instead, I only have to manage one device that can load balance all of our traffic internally to this device."

For more information from Crossbeam Systems: www.rsleads.com/306cn-258

COPYRIGHT 2003 Nelson Publishing
COPYRIGHT 2003 Gale Group

Find Research Guides for:

• Abortion
• ADHD
• AIDS
• Alternative Energy
• Alternative Medicine
• Cancer
• Capital Punishment
• Cloning
• Hate Crime
• Cryonics
• Drug Abuse
• Eating Disorders
• Gay Issues
• Global Warming
• Holidays
• Immigration
• Medical
• Men's Health
• Mental Health
• Real Estate
• Stem Cells
• Women's Health

Find Featured Titles for: Technology

• Advanced Battery Technology
• America's Network
• BT Catalyst
• Baseline
• CADalyst
• Cable World
• Channel 3
• Channel Insider, The
• Communications News
• Computer Technology Review
• Dev Source
• PC Magazine

Most Popular Articles in Technology

• An overview of continuous data protection
• Why all those current ratings?
• Many countries now have a mobile penetration rate above 100%, report says
• The Tata Group's big telecom gamble: VSNL's recent acquisition of Tyco ...
• MEASURING BANK BRANCH EFFICIENCY USING DATA ENVELOPMENT ANALYSIS: MANAGERIAL ...
• More »

Most Popular Publications in Technology

• Computer Technology Review
• Japan, Inc.
• Communications News
• Internet Business News
• Macworld
• More »