University IT security infrastructure consists of a multi-layer security system including firewalls and antivirus products that protect devices, personal information, and sensitive data. The team manages the centralized firewall system at Ashoka University and implements the user-level rules in order to provide access to departmental resources or new systems. Firewalls can help protect against a wide range of security threats. Firewalls can block unauthorized remote logins, denial of service attacks, and viruses and worms that are spread over a network.

Firewall

IT infra Team deployed Fortinet Network Firewalls for centralized management of sensitive information, research data, and support of critical University operations. This firewall service control network access to services on protected University computers/Desktops/laptops.

Fortinet provides automated visibility into cloud applications, and IoT devices and automatically discovers an end-to-end topology view of the enterprise network. Fortinet is a core part of the Fortinet Security Fabric and protects the enterprise network from known and unknown attacks.

Key features of Fortinet are as follows;

  • End-to-end security across the full attack cycle.
  • Top-rated security validated by third parties.
  • Internal segmentation firewall deployment for additional protection.
  • Centralized management across physical, virtual, and cloud deployments
  • Best price-per-performance
  • Cloud-readiness: multi-tenancy and quick integration with public clouds

IT Infra team defines the firewall policies on Fortinet that matches traffic and applies security by referring to the objects that are identified such as addresses and profiles.

  1. Objects used by the policies;
      • Interface and Zone
      • Address, User, and Internet service object 
      • Service definitions 
      • Schedules 
      • Nat Rules 
      • Security Profiles

2. Policy Types;

      • Firewall Policy (IPv4, IPv6) 
      • Firewall Virtual wire pair (IPv4, IPv6) 
      • Proxy 
      • Multicast 
      • Local-in Policy (Origin and Destination is FortiGate itself)
      • DoS 
      • Traffic shaping

Antivirus

The IT Team recommends the Ashoka community to protect their Desktops/Laptops by installing antivirus software and using it in conjunction with anti-malware (Sophos) protection. The IT Team installs Shopos on University-owned devices and advises users to install an antivirus to protect their devices.

Sophos is a cybersecurity solution that offers detection and response, firewall, cloud, and managed service solutions for network security and unified threat management. Its software provides critical malware, phishing websites, and ransomware prevention.

Sophos Anti-Virus can scan for Suspicious Files that contain certain characteristics that are common to malware but not sufficient for the files to be identified as a new piece of malware. With Suspicious File scanning enabled in scheduled scans, Sophos Anti-Virus will detect the files before anyone attempts to open them.

Benefits of Antivirus Software;

  • Detects and protects against malware, viruses, and other harmful software in real time 
  • Contains proactive anti-ransomware and anti-exploit detection and response components
  • Blocks hacking and phishing attempts
  • Offers flexibility through manual and scheduled scan modes
  • Provides a layered approach to securing your computer