As a national key university directly under the Ministry of Education, China University of Petroleum (Beijing) has been dedicated to building an advanced informatization campus to enhance teaching and management while facilitating the daily work and study life of faculty and students. Establishing a simple, intelligent, and secure campus network is crucial for supporting the university's informatization infrastructure. DPtech, leveraging the current trends in educational informatization, has developed a campus network gateway security solution tailored to the specific needs of China University of Petroleum (Beijing), addressing many shortcomings of traditional solutions and safeguarding the school's informatization efforts.
Challenges of Traditional Solutions
As the informatization of universities progresses, there is a growing need for load balancing, access control, internet behavior management, and protection against viruses and attacks.
Issues with Traditional Solutions:
Security Demands: The internet gateway, as the first line of defense, facing numerous security requirements such as access control, intrusion prevention, and virus protection, especially against mining and ransomware viruses that spread laterally within the intranet. Due to the dispersed nature of terminals Within the campus, installing and managing antivirus software on all devices is a challenge, and once a security breach occurs, it will damage the reputation of the university.
Management Complexity: Managing security devices and policies is another challenge for school Administrators. Devices cannot be centrally managed, policies cannot be uniformly configured, logs and traffic cannot be comprehensively and timely analyzed. This usually requires separate management or simple log reviews of each device, making the process more complex.
Bandwidth Expansion: With the development of university, the bandwidth of campus network gateway has increased, peaking at 30G, which exceeds the capabilities of the original equipment's 10G interfaces. There is a need for 40G interfaces for interconnection, and future plans require reserving space for 100G interfaces.
DPtech's Internet Gateway Security Solution
DPtech's integrated solution deploys a comprehensive security gateway at the campus network gateway to meet protection and supervision needs. By integrating security service layers through virtualization technology, the solution simplifies network architecture, enhances efficiency, protects existing security investments, and ensures future needs. Combined with a unified management platform, which provides comprehensive network security event analysis, traceability, and traffic monitoring, helping the university achieve unified visibility and rapid operation and maintenance.
Key Features:
High-Performance Throughput: Utilizing a "chassis + security service board" approach, DPtech ensures high-performance throughput at the gateway. License-based features address specific security needs, supporting firewall, intrusion prevention, threat intelligence, and more. All functions can be managed via a single IP and interface, with flexible policy definitions to route traffic through relevant security modules, blocking illegal mining activities and preventing unauthorized access.
Intelligent Scheduling: The integrated security gateway facilitates domain-based traffic scheduling, addressing the issue of frequently changing IP addresses for educational resources while ensuring stable operation of key links.
Unified Operations Management: The unified security management center provides security event analysis and traceability, with real-time attack monitoring to help administrators understand network threats. It displays attack trends, top risky IPs, and commonly attacked servers, aiding in accurate source tracing and log recording for effective post-event analysis.
High-Speed Stability: The chassis-based security gateway features redundant design for key components like the main control board, switch board, and power supply. Virtualization capabilities of cloud boards allow linear performance scaling, and the system has been running stable for over 200 days. The current setup includes 12x40G interfaces with expandable slots for future 100G interfaces and performance upgrades, ensuring security device performance grows with the business needs.
Broader Impact
DPtech has already served over a hundred key universities, including Tsinghua University, Peking University, Fudan University, and Nankai University. As digital education advances, DPtech will continue to explore comprehensive campus network needs, providing simple, intelligent, and secure network environments. Through Constant innovation and progress, DPtech aims to enhance informatization in universities, empower education with digital technology, and offer superior network solutions to more institutions, contributing to the modernization of education.