Founded in 1988, the University of Technology Sydney (UTS) is a multi-campus tertiary institution in Sydney, Australia. The college was placed fourth across the country in the Centre for Science and Technology Studies (CWTS) Leiden Ranking 2015 and 14th global young university, based on universities less than 50 years old.
UTS began to undertake a strategic development program of its IT infrastructure in late 2015, to consolidate existing core load balancing, web application firewall (WAF) and remote virtual private network (VPN) services onto a single platform – all of which were provided by three different vendors. The point solutions lacked automation, high availability, appropriate security, separate maintenance contracts and required specialist IT administrator skills.
UTS’ load balancing, web application firewall (WAF) and remote virtual private network (VPN) services were entirely independent of one another. This lack of integration was highly inefficient and unable to scale effectively to support university’s expansion. Consolidating all solutions into a single accessible platform was necessary to create cohesion, smooth flow of information and align with the UTS IT strategic vision.
UTS has dated F5 load balancing and Juniper VPN gateway products due for refresh for its new co-location data centre. UTS re-designed the IT architecture ensuring all production workloads can work seamlessly across its two data centres.
UTS had limited web application firewall (WAF) service capabilities. With increasing sophisticated cyber threats, it was a priority to secure the university’s web services and users’ access to data.
“We had limited web application firewall services in place and in today’s world that was a risky position for a university to be in – and also a key driver for the deployment,” said Steve McEwan, IT Technical Services Manager, University of Technology Sydney.
F5 collaborated with UTS to architect an Integrated Application Management and Security infrastructure. This transformed UTS’s IT infrastructure into an integrated and secured platform ready to scale, with F5 BIG-IP Local Traffic Manager (LTM), Global Traffic Manager (GTM), Application Security Manager (ASM), and Access Policy Manager (APM), Advanced Firewall Manager (AFM) and vCMP instances to ensure applications are highly availabile and secured.
“With the infrastructure consolidation, we know we can deliver better, more efficient services to users. It’s been transformational for the university and I do sleep better at night knowing this solution is in place,” said McEwan.
Implementation of the solution was specifically tailored to the needs of the university. F5 Professional Services engineers worked closely with UTS infrastructure team of Cameron Paton, Kumesh Naidoo, Andrew Lai, Christine Lee, Vitaly Sokolov, Toan Bui and Alessandra Liverani to configure the setup, stress test the solution and communicate with internal application teams to confirm it ran optimally within the UAT environment.
Once each application was fully tested, UTS’s team performed simple DNS change to migrate each of the 150 applications over to the new F5 devices.
UTS enjoys better user experience, improved infrastructure efficiency and availability, stronger security posture, decreased maintenance support and downtime costs.
The greatest benefit from the consolidation has been the optimisation of IT infrastructure network and implementation of cybersecurity policy. UTS achieved the goals of continuous high availability, balanced security posture and seamless user access to applications and data.
“We consolidated a lot of old infrastructure into the new platform provided by F5. We have less products to manage, less maintenance, less support needed, and more meaningful tasks for our staff, which is of great benefit to us,” said McEwan.
The implementation of Resiliency and High Availability design enabled the IT team to access multiple service points and have near-instantaneous geo-redundant application failover between our two data centres facilitating essential business continuity.
BIG-IP ASM protects UTS’s web services and mitigates threats, provides DDoS protection for all layers: network, DNS, SSL, and application. Early SSL termination/SSL Server Offload feature helps to analyse content and mitigate any SSL attacks.
Complexity of managing multiple vendors and the need for compatibility fixes between different vendor products are gone, after the consolidation of remote access VPN services into F5 BIG-IP APM. UTS now have centralized control over users’ access to network, applications, and the devices and locations from which users can access those applications.