ITS began implementing components of a greatly enhanced network security threat detection and mitigation system in late June. This approach combines cutting edge technologies, open source tools, and U-M’s MITN threat intelligence framework to provide a security solution that scales across U-M networks. It will allow ITS to:
- Detect and mitigate network threats across more U-M networks.
- Extend baseline network security protections across the university, while allowing existing network security tools to provide another layer for more targeted protection.
Early this year, ITS Infrastructure and Information Assurance worked together to develop the system as a proof-of-concept for evaluation purposes. Now staff are testing the use of the system in production to block the same malicious traffic at the Ann Arbor campus border that is already blocked on a subset of university networks.
This shifts the location of where the network traffic detection and mitigation takes place and will lead to more comprehensive protection for UM-Ann Arbor networks. Discussions and planning are in progress for use of the new system for Michigan Medicine, UM-Dearborn, and UM-Flint networks.
The university’s approach to privacy when implementing these and other security tools is embodied in Privacy and the Need to Monitor and Access Records (SPG 601.11), which states, “The University of Michigan respects the privacy of its employees and seeks to foster a climate free from arbitrary or capricious monitoring of employees and the records they create, use, or control.”
Learn more at Network Security Threat Detection.