The IT infrastructure of Masaryk University, with its nine faculties, three institutions and the campus, is located over whole Brno city and near surroundings. The network core is operated on 10Gbps by Institute of Computer Science. The security assurance is guaranteed by CSIRT-MU – accredited member of the European security community Trusted Introducer (TERENA). CSIRT-MU team is responsible for monitoring of in/out Internet traffic, connection of faculties and institutions to backbone, technology network, VPNs, eduroam and critical servers.
CSIRT-MU operates 25 Flowmon Probes to assure monitoring of all critical points in university network. Traffic statistics are stored on 6 different collectors to guarantee redundancy and separate development/student collectors from the operational ones. The total Flowmon Collector capacity is 40TB. Flowmon ADS processes the network traffic statistics from selected Probes (e.g. Internet traffic, selected faculties) and automatically detects security related events and policy violations. The incident handling process is automated so events are being reported to incident handling system Request Tracker operated by CSIRT-MU.
“Although we love to create new security monitoring tools, we also need a reliable cornerstone of the monitoring infrastructure for a routine operation of a university CSIRT. Furthermore, we welcome professional support that comes with Flowmon solution. It allows us to focus on the core of our business.”