Large University Fortifies Security with F5 to Deliver Seamless Higher Learning Experience

The higher education institution deployed the full suite of F5’s application security solutions to protect its web and mobile applications from cyber-attacks, while delivering a borderless and personalized experience for its instructors, domestic and international students.

Business Challenges

As one of Australia’s leading tertiary education providers, the University delivers personalized learning experience enhanced by innovative digital platforms to more than 60,000 students each year.

Over the years, the number and proportion of international students have grown in the country, with nearly one in four students in Australian universities coming from overseas. This internationalization of Australian universities steered the University to become a globally connected institution, and its Cloud Campus platform—consisting of course reading materials, real-time or recorded lectures and more—gives students the flexibility and convenience of online learning without compromise. As such, staff and students expect teaching and learning applications to be available at all times.

Having suffered a distributed denial of service (DDoS) attack on its public-facing website, the downtime impacted not only the University’s core business operations, but also the delivery of a high-quality experience for its students.

Today’s digital solutions are also revolutionizing the nature of the higher education business. Students have come to expect digital services (IT, library, academic, health and wellbeing support) and delivery to be on-demand across platforms. During the pandemic, students expect seamless access to content as they rely on independent learning via technology. Committed to driving higher education’s digital frontier, the University’s IT team started to increase the number of API calls, challenging its aging hardware’s capacity. The University needed a security-enabled infrastructure to keep pace with business demands for speed with uncompromising protection across all campus services.

The Solution

The University has over 1,000 applications on its on-premises data center that needed to be migrated and deployed across multiple units and vCMP guests. Recognizing the need to secure its web and mobile applications, the University selected F5 to deploy a modern and programmable platform that would eliminate IT bottlenecks, improve internal processes and speed up workflows.

Organizations are increasingly exposed to a variety of potentially malicious attacks from automated and fast changing threat vectors. Inbound and outbound botnet traffic such as DDoS and malware activity easily penetrate security layers and consume valuable processing power. With the powerful combination of F5 IP Intelligence and F5 Advanced Web Application Firewall (WAF), the University is able to employ more active application security controls to mitigate today’s threat landscape.

F5 IP Intelligence enhances the visibility into threats and malicious activity by drawing on the expertise of a frequently updated global threat-sensor network and IP intelligence database. By identifying and blocking IP addresses associated with threat sources such as DDoS, web attacks, proxy, phishing and Windows exploits, the service enables the University to enhance automated application delivery with stronger, context-based security. Furthermore, the automated blocking eliminates the effort to process bad traffic, hence increasing the institution’s data center efficiency.

F5 Advanced WAF also integrates behavioral analysis and dynamic code injections to thoroughly assess the threat associated with any given client session. Malicious automated traffic and bots make up 30-40 percent of traffic on a typical site and the solution’s proactive bot defense stops automated bot attacks by identifying and differentiating friendly bots from malicious ones. By profiling a baseline of normal application traffic behavior with advanced analytics and machine learning, anomalous traffic patterns become easier to spot and block—without administrator intervention. This prevents sophisticated Layer 7 Denial of Service (DoS) attacks, web scraping, and brute-force attacks before they affect the University’s web and mobile applications.

In addition, business requirements are driving the need for organizations to deploy critical applications on shorter timelines. As the processes and toolchains for developing and delivering applications evolve, F5’s application delivery services are necessary to ensure that the applications remain fast, secure and available in production environments.

To respond to the demands of the dynamic marketplace, the University needed its API-enabled platforms to be equipped with end-to-end automation from provisioning to application deployment. F5’s collaboration with Ansible allowed the University to configure multiple F5 BIG-IP devices and other network devices with ease and consistency, enabling its IT team to become more agile and better respond to business demands. The University’s networking team also attended several F5 Super-NetOps training sessions—an F5-driven industry training and community-based program aimed at evolving network operations functions.

With F5 Virtual Clustered Multiprocessing (vCMP) technology, the University is able to host a multi-tenant architecture that supports a variety of BIG-IP versions and product modules on a single device. The platform is also able to accommodate multiple guest instances, each with a dedicated allocation of CPU, memory, and other resources. This solution enabled the institution to scale performance, virtualize, or horizontally cluster multiple BIG-IP devices, creating an elastic Application Delivery Networking infrastructure that can efficiently adapt as needs change. Meanwhile, the F5 Traffic Management Operating System (TMOS) provides total visibility, flexibility, and control across all application delivery services. With F5 TMOS, the institution can intelligently adapt to the diverse and evolving requirements of applications and networks. These solutions, managed from a single point of control, equips the education provider with the necessary visibility and the contextual, behavioral-based capabilities the organization needs to protect its web and mobile applications from threats and preserve the teaching and learning experience of its users.


With F5, the education provider enhanced its technological infrastructure to ensure reliability and improve agility across more than 80 percent of its applications, providing seamless experiences to its staff and students.

Enhanced Visibility and Application Protection Against Automated Attacks

Automated threats drive today’s attacks—DDoS attacks, data breaches, credential stuffing, vulnerability scan and other attack types. Following a recent DDoS incident, F5 Security Incident Response Team (SIRT) proactively assessed and identified the need for the institution to deploy more active and intuitive security countermeasures against such attacks.

With F5 Advanced WAF, the University is able to ensure maximum uptime of its external-facing assets and the majority of its teaching and learning applications. Layered with F5 IP Intelligence services, the institution further strengthened its security infrastructure against malicious and dynamic internet hosts—keeping the University’s data and resources, not to mention its reputation, safe.

The full suite of application security offerings has equipped the institution’s web and mobile applications to be less susceptible to application-layer DDoS attacks. Putting the new security-enabled infrastructure to the test, the University underwent a DDoS testing and insider-threat simulation with a remote DDoS testing service, and successfully survived the real world-based cyber-attack. The University also gained centralized visibility of its application environment, which simplified management to reduce capital and operating expenses.

Seamless Migration to New Hardware

Cloud, automated deployment and DevOps practices are reshaping IT, and developers bypassing internal IT teams to meet business demands for speed is increasingly common.

As a partner to the University since 2009, F5 also provided Super-NetOps training sessions designed to help evolve network operation functions. The initiative has broadened the University’s network professionals’ knowledge to deliver critical network operations through continuous improvement and deployment practices. This saw the University utilizing Ansible to automate the deployment and migration to the new F5 BIG-IP iSeries platform. 

Boost Web and Application Performance, and User Experience

With all its applications visible on a single unified platform, the IT team was able to rely on automation to simplify the deployment and replicate policies across all its applications, significantly reducing their workload while reducing the human errors during migration. In addition, the institution can now run application programming interface (API) calls and get an output almost instantaneously. This capability also helped ensure all applications meet performance standards. 

The suite of solutions ultimately improved the University’s page load times and reduce bandwidth utilization, while protecting its critical assets from threat actors. This ensured maximal uptime of the University’s assets, and optimized teaching and learning experience for its teachers and students at all times, from anywhere. 

  • Aging hardware infrastructure
  • Business demands speed and agility
  • Increase in automated threats

  • Enhanced application protection
  • Seamless migration
  • Heightened performance and user experience