Completing network security strategy with anomaly detection

Industries:
Education
Products:
Flowmon

Challenge

  • A large number of potentially vulnerable access points and BYOD devices
  • DDoS attacks, malware, ransomware, cryptolocker attacks
  • High pressure on IT-system administrators
  • Transformation from passive to proactive monitoring

Solution

  • Flowmon ADS
  • Flowmon Collector (deployed in aaZoo cloud)
  • Flowmon DDoS Defender
  • Flowmon Probe

Result

  • Non-invasive installation
  • Fast and cost-effective DDoS detection
  • Real-time and long-term network monitoring
  • Quick return of investments

Full Story

Challenge

A data-rich environment, multiple access points, culture of open sharing of information. All of this makes universities and high-schools an extremely vulnerable environment for breaches. Keeping this on mind, Bornego College has built a multi-layered security architecture. Nevertheless, its administrator was still missing a network insight. This gap was fulfilled by Flowmon which shortly after the deployment uncovered a good number of devices infected by malware, suspicious connections and even hack attacks.

Due to previous experience with external and internal DDoS attacks, resulting in the school's network to no longer function, Bornego College was forced to take precautionary measures.

"Due to insufficient insight in the Bornego College's internal network traffic, the IT team noticed an increase in incidents, and consequently a growing risk to security. In combination with current stringent laws and regulations, the consequences may have had far-reaching consequences such as economic and reputational damage and even claims," said GertJan de Boer, Chief Technology Officer at aaZoo, a Flowmon partner.

In consultation with aaZoo, proof of concept with Flowmon was successfully carried out. The results showed an alarming number of infected mobile devices, with over 80% infected with malware. These devices made direct contact through the wireless network and were completely ignored by installed security solutions. As a result, Bornego knew there was a need for more ‘visibility’ to ensure a secured network.

 

Together with our partner aaZoo we have been working hard on our security policy in recent years and have done so successfully. We discovered that a firewall with IPS does not provide sufficient coverage. The integration of hardware and multiple security solutions, consisting of combined layers, such as Flowmon, provide the most efficient and manageable security platform.

Atze Zandstra

System and Application Manager

Solution

To monitor network traffic for multiple customers, aaZoo developed a complete cloud service based on the Flowmon solution. This Smart Network Monitoring Service (SNMS) offers customers a cost-effective way to get the best network monitoring that reduces downtimes and operational costs, detects and alerts on abnormal behaviors, reports anomalies and advanced persistent threats and detects intrusions and attacks. SNMS not only monitors the network traffic, but also detects, signals, reports and supervises incidents.

This service was also selected by Bornego College due to its features, costs and fast deployment. Within the first two weeks after the implementation, 54 notifications were generated by Flowmon Anomaly Detection System (ADS). The most notifications applied to suspicious connections from BYOD’s, such as smartphones, followed by hack attempts to the electronic learning environment. Bornego’s network is also protected against volumetric attacks because of the Flowmon DDoS Defender deployment.

Learn more
about the products

Flowmon

Keep exploring
stories like this one

Read Next Story