University of Michigan Director of Networks Eric Boyd says it’s one reason the tool still plays an important role in securing his campus today. “By giving us that additional context, they can help us better detect new forms of threats,” he says.
According to Boyd, one of the major benefits that NGFWs and IPSs provide is visibility and scale. “They provide a single console that allows us to view multiple firewalls at once,” he says.
Getting Visibility into Higher Ed Cloud Environments
As hybrid learning and work become permanent fixtures in higher education, more institutions are migrating to the cloud. “One thing the pandemic has taught us is you might want your servers, services or applications in a cloud environment,” Biever says.
Through Software as a Service, universities can run Office 365, Google Workspace, Canvas, Slate and other application in the cloud, which allows schools to benefit from cloud resiliency. With redundant workloads in the cloud, many servers and storage systems can continue operations even if a network goes down.
“Even when building apps internally, we don’t have to run it on a sever internally. We can push those workloads into the cloud and have more resilience, more capabilities,” Biever says.
Virtual IPS solutions also play an important role in bringing visibility to higher education’s cloud environment. “If you’re spinning up resources in Azure, Amazon Web Services or Google Cloud, you can take Cisco, Palo Alto Networks, or Fortinet — whatever your favorite IPS vendor is — and spin up a virtual instance of it in the cloud,” Biever says.
CYBERSECURITY AWARENESS: Explore data security issues, tools and solutions.
The downside is it may not always be cost-effective to do so. “The more of these you deploy, the more licensing costs you could incur. You have to find that balance,” Biever says.
To do so, it is important to identify and classify an institution’s most sensitive data.
“You have to go back to the idea of identify, protect, detect and respond,” Biever says. “Do you have an inventory of the resources you’re putting out in the cloud? Do you know what data you are pushing to cloud environments?”
Once the data flow is mapped out, universities can place microperimeters around their most sensitive data and use NGFWs to enforce them.
At the end of the day, however, no solution is a silver bullet.
“We know we’re going to be targeted so we plan and prepare to respond to attacks,” he says. “One way to do that is to have good log information about what’s touching and hitting your network, whether it’s on-prem, or in a cloud environment.”