Three 2U Express5800/120Rc-2 units (1U = 4.44 cm) are mounted neatly in a single rack, operating as Firewall server, virus check server, and Proxy server.

Advanced security system constructed using the Express Server, as a countermeasure against unauthorized hacker access and new viruses that can cause serious damage to the University system.

Fukuyama University is a private university that covers five academic fields, with Faculties of Economics, Engineering, Pharmacy and Pharmaceutical Sciences, Biotechnology, and Human Culture. Over 1,000 PC/Workstations are used as Internet terminals within the campus, allowing around 5,500 students to freely access the University network. In the latter half of the 1990s, however, the University was troubled by security-related problems; there were frequent cases of unauthorized access or "hacking" mainly originating outside of Japan, and also became a platform in a DDoS attack(*1). In order to counter these problems, the University installed a security system in the spring of 2001 to provide powerful protection for its internal network. It has taken the initiative, and is facing up squarely to major threats that could shake the very foundations of the University's operations.

(*1)DDoS..."Distributed Denial of Service": A type of Internet-based attack in which large numbers of server machines with weak security systems ("intruders") are made the platforms from which huge volumes of packets are sent simultaneously to a targeted "victim."

"During a DDoS attack, millions of concentrated access hits were generated in one day.
The University's internal network was shut down..."

Prof. Hajime Tsuboi Faculty of Engineering Manager, Information Processing Center Fukuyama University

In the late 1990s, Fukuyama University became a target of server attacks, as hackers and virus creators took advantage of the open characteristics common to university networks. "We had implemented measures such as router filtering(*2) and internal ID checks for each server," says Hajime Tsuboi, a Professor in the Faculty of Engineering and Manager of the University's Information Processing Center, "but looking back on it now, our network security measures at the time were really insufficient."
"At one point," adds Norio Sejima, an assistant in the Information Processing Center, "someone outside of Japan hacked into and vandalized one of our University Laboratory homepages."
Then, at the end of 1999, the University's system was damaged in a DDoS attack. The University was not targeted directly, but rather became the platform for an attack on an overseas site. Even so, the damage suffered was substantial. "In a DDoS attack," explains Yasuo Mitani, Professor of Engineering and Deputy Manager of the Information Processing Center, "broadcast functions(*3) are manipulated to cause the system to generate millions of concentrated access hits in a single day. Our router was unable to sustain the load, and the University's internal network was shut down."
As this type of damage became more frequent, increasing numbers of complaints were received from within the University, and the decision was made to direct concerted efforts, led mainly by the Information Processing Center, to strengthen network security. "IIS(*4), which is the standard Web server for Windows environments, is currently the most popular type of server, and is also very susceptible to such attacks," says Sejima. "We thus sent out requests to a number of vendors, specifying different server software, and asking for system proposals that assured stronger security and also took cost performance into account."

(*2) Filtering: A process by which information from the Internet is received selectively according to levels set by the receiver.
(*3) Broadcast functions: A function that automatically searches out license servers
(*4) IIS (Internet Information Server): WWW server software for Windows NT (by Microsoft Corp.)

There are just as many port scans from overseas searching for security holes, but absolutely no penetrations or virus damage

Norio Sejima Assistant, Information Processing Center Fukuyama Universi

As a result of its investigations, Fukuyama University adopted a system that placed a firewall server between the Internet environment and the internal University network to offer powerful protection against unauthorized access and other attacks. The proposal for this system was presented by Futaba Koki K.K. (a specified agent for NEC products). Because the University adopted Red Hat Linux, which can be expected to offer better security and lower cost than UNIX, the system is comprised of a total of three Express servers (rack models); in addition to the firewall, which was the original intention, there is a virus check server and a Proxy server. The proposal received high marks for its content---which allowed all of Fukuyama University's information security requirements, including internal and external access control, log analysis, contents and security, and real-time virus detection, to be met within budget limitations---and for the ample post-implementation maintenance system. Sejima elaborates:
"We adopted an arrangement in which a check PC is placed in between the Internet and the firewall; check results are tabulated once each hour, and sent by mail to the system manager. The system has been in operation since March, and we have had absolutely no penetrations or damage from viruses. According to the log and analysis results, however, there has been no decline in the number of port scans from overseas looking for security holes---in other words, in the number of attacks. That means the effects of implementation are very clear."
Kazuhiro Tsutsumoto is an assistant professor in the Department of Environment and Information Sciences, Faculty of Human Culture, and also works in the Information Processing Center. He commented: "I teach a regular course in 'Information Processing,' and I have had to cancel classes on several occasions when the network has gone off line as a result of DDoS attacks. With the new security system, this type of situation has been eliminated, so I'm very relieved."
The Proxy server, which was installed at the same time, strengthens client security by acting as proxy or "agent" for the client PCs so that these clients are not connected directly to the Internet. Furthermore, the cache function makes it possible to cache file data when referencing Web contents outside of the University, thus increasing access speed when the same location is accessed later on.

Considering construction of a fast, safe GB network based on current achievements

achievementsThe current situation could be described as a kind of vicious circle: Educational institutions and government agencies strengthen their defenses against new viruses, and the virus creators target these institutions and agencies with newer and more powerful viruses, such as "Code Red," is both highly contagious and highly destructive. Fukuyama University too is of course currently continuing its unceasing battle in the arena of information security with a strong determination, and at the same time is promoting anti-hacker measures and surveys of weaknesses in the current network infrastructure in cooperation with vendors, so as to enable quick responses in the event that a failure should occur. In addition, according to Prof. Mitani, "By strengthening information security, we intend not only to improve the University's image in terms of network operation, but at the same time to enlighten future students in what could be called 'information ethics.'"
A clear vision has already been formed with regard to the future of the University's internal network, based on the results of the recent security improvements. "Streaming video and other contents that place a huge burden on networks are increasing, as is the number of PCs connected to the network," says Prof. Tsuboi. "We are currently using FDDI, but we are considering the construction of a GB network. ADSL and other related technologies are becoming increasingly popular, and we can't very well have the speed of our University network being outclassed by common household connections, can we?"
"From this point on," adds Sejima, "we intend to have our administrative divisions make the shift to digital and network-based processes. We will change the current situation, in which the administrative divisions are using networks and PCs intended for education and research purposes, and establish a clear distinction between these applications."
Fukuyama University, which is constantly taking the initiative and facing up squarely to major threats that could shake the very foundations of the its operations, is working to reduce TCO, and at the same time is actively promoting the reconstruction of its campus LAN in keeping with the changes in the times.