Network Security fights the unseen battle against outside attacks
These protected resources include high-profile, mission critical and sensitive assets such as Carolina’s main website, computers that process financial transactions, computers used to process academic work and computers integral to research performed by researchers, professors, doctors and other leaders within the campus community.
The Information Security Office follows best practices by engaging in “defense in depth,” which is the use of multiple layers of different security technologies to maximize protection from hostile activity. This means that, in addition to the 30 billion connections blocked by firewalls, the Information Security Office’s other network security resources identified an additional 40 billion potentially malicious actions targeting UNC-Chapel Hill resources. Furthermore, Information Security’s resources prevented users behind University firewalls from going to phishing sites more than 750,000 times. These numbers translate to 1,000 hostile or unwanted connections being identified and blocked every second.
Analysis of network security logs over the last year have provided an opportunity to educate network security stakeholders, such as Information Security Liaisons, clients of the Information Security Office and other groups within ITS, on the ways attackers uniquely target UNC-Chapel Hill, said Michael Williams, Network Firewall Lead with Information Security.
For instance, more than 70,000 phishing links were blocked on two specific days in August 2017: student move-in day and the first day of classes. This reflects that those who seek to compromise the University’s resources know what sort of institution Carolina is and they know the University’s calendar well enough to target the campus when new users join the network.
Network security systems on the campus network draw on databases of known attacks provided by vendors and on lists of known aggressors on the internet to protect the University in multiple ways using complementary technologies. By doing this at different points within the network and largely invisibly, the Information Security Office’s network security tactics support the larger strategy of integrating security into the University community’s day to day use of the campus network.
Key Partner(s): ITS Telecommunications