ThreatSTOP Blog

ThreatSTOP + Juniper SRX Protects University of Baltimore Against Botnets and Criminal Malware

Written by kenliu54 | March 6, 2012

In another showcase for the ThreatSTOP + Juniper SRX solution, the University of Baltimore has deployed it to protect itself and 6,400 students against botnets and malware.  UB needed to solve 4 related problems:

  • Significant manual resources used to blacklist IPs and clean up malware infections.
  • Performance of hosts degraded by malware.
  • Data breaches posed major security vulnerabilities for university’s open environment.
  • It needed to upgrade functionality and capacity of the old Netscreen firewalls

All 4 problems were solved by deploying ThreatSTOP Botnet Defense Cloud + SRX Services Gateways. Other products such as OpenDNS were evaluated but didn’t satisfy UB’s need.  OpenDNS only blocks by domain names, which is not granular enough.  The selection criteria were:

  1. For Juniper: the SRX firewall provided the functionality and capacity for future growth.  Also, UB is familiar with Juniper’s technology and environment, and the upgrade caused minimal disruption.
  2. A major contributing factor to Juniper’s selection is that ThreatSTOP integrates very easily with it and it can support ThreatSTOP’s full functionality.
  3. For ThreatSTOP, it provided an automated IP blocking service with the highest malware catch rate, lowest false-positives, and fastest update times.

The solution worked immediately.  Most dramatically, it cut the number of malware-related help desk calls by 90%, from 10-18/month to only 1-2.  This released significant IT/security admin resources to perform higher-value tasks.  ThreatSTOP also eliminated the tedious and wasteful process of manual blacklisting done before ThreatSTOP was installed.  Read case study.