The University of Naples Federico II, founded in 1224, is the oldest public university in the world and the third in Italy by number of students. It currently has over 30 offices distributed between the metropolitan city of Naples and the other provinces of Campania. In this context, its thematic network is managed which consists of five main nodes connected via dark fiber (Iru): Monte Sant’Angelo (MSA), Centro Storico (Cs), Engineering (Ing), Policlinico (Poli) and finally the Polo San Giovanni a Teduccio (Sgat). The University is also a founding member of the Garr community (Group for the Harmonization of Research Networks) and as such is part of the national research network, which guarantees connected structures and users a cutting-edge connectivity service for the bandwidth available, for the quality of the service portfolio and for effective support for research and training activities throughout the national territory.
The traffic generated is clearly very high (just think that the daily users are around 20,000/25,000 and the sessions per second exceed one and a half million) and the need to effectively protect the network from the risk of cyber attacks has, over time, become increasingly stringent.
Therefore, the challenges that the Federico II University intended to respond to were essentially two: the lack of visibility, which led to the inability to adequately protect the network, and the substantial complexity of the infrastructure, specifically regarding what was installed. “Fortinet was chosen after examining various solutions proposed by competing brands, by virtue of the wide range of features available, as well as the convenience of the offer displayed. The relationship of trust created with the contact person who followed the operation and subsequent implementation was also of great importance”, says Carmine Piccolo, Head of the University Network of Federico II.
After an initial phase of analysis and planning, in which the main points of weakness and suffering of the ‘legacy’ architecture were highlighted, it was decided to move from a Routed model to a Spine-Leaf model and at each connection point of the ‘leaf’ nodes, a pair of firewalls suitable for managing the traffic generated by the specific node has been installed. This transition from a legacy Routed topology to a Spine-Leaf resulted in the multiplication of network speed.
A further challenge in creating this architecture was to rationalize and analyse, and where possible filter, the enormous amount of internet/intranet traffic generated. Through the use of FortiAnalyzer, a solution that automatically collects, stores and analyzes logs from all Fortinet security devices, it was possible to gain visibility into the security posture of the entire university and its users.
Once the information was collected, it became natural to manage the process of any security incident detected in the log thanks to FortiSiem, Fortinet’s security information and event management system, which offers capabilities ranging from automatic resources to apply cutting-edge behavioral analytics to quickly detect and respond to threats. Last but not least, thanks to FortiMail it was possible to enhance the level of anti-spam offered by the mail service manufacturer. The result achieved in terms of the volume of spam emails processed has drastically increased as has the rate of false positives and false negatives encountered.
The implementation of Fortinet solutions has resulted in an improvement in the overall stability and security of the network. In particular, the main benefits obtained concern the manageability of the entire structure and the possibility of applying security, filtering and protection controls at the point closest to traffic generation.
This choice also optimizes the load in terms of bandwidth of the entire network and distributes the work necessary to inspect the traffic generated by the thousands of users who frequent the various campuses on a daily basis. The project, started within the Hospital, was subsequently expanded to the various campuses, and soon all 5 Points of Presence (Pop) will be equipped with the same Spine-Leaf configuration and there will be a homogenization of the entire infrastructure . For the future, the objective is to further make the network efficient, implementing two levels of security within it and obtaining greater depth and punctuality in isolating cyber threats directly in the bud.
© ALL RIGHTS RESERVED
Read the full article at
The morning
