Queen’s University FEAS

Maintains high performance in secured virtual desktop environment

 

Overview

Founded in 1841, Queen’s University is one of Canada’s oldest degree-granting institutions. Located in Kingston, Ontario, it is a mid-sized university with several faculties, colleges, and professional schools, including the Faculty of Engineering and Applied Science (FEAS). Today, the university’s FEAS includes more than 3,500 students, over 100 faculty and staff members, and is spread across 10 buildings on the Queen’s campus.

The university supports a federated IT model, which allows interoperability and information sharing between colleges, students, and faculty members. While the university administers Microsoft® Exchange and Microsoft® Office 365®, the FEAS uses complex engineering applications, which require a higher level of dedicated support from the FEAS IT team. Five years ago, FEAS moved to a virtual desktop infrastructure (VDI) to reduce the costs of leased computers and support, and to resolve application distribution issues. The new VDI environment allows FEAS more flexibility and helps reduce risks.

Challenges

Queen’s University FEAS faced three key challenges with their VDI environment: 1) maintaining a high level of security, 2) ensuring high performance, and 3) efficiently managing more than 220 virtual desktops — with some located in remote buildings. Security was particularly challenging because all FEAS assets were accessible via public IP addresses, making them vulnerable to cyberattacks.

“Since the university has public IP addresses, we’re inundated with malicious probes continuously trying to find their way into our system. We needed a security solution that could withstand those attacks,” said Stephen Hunt, IT Director at Queen’s University FEAS.

Queen’s University FEAS supports an array of engineering software that is extremely resource intensive, making VDI performance another major concern. “We knew we’d have performance issues with our engineering software, and we didn’t want to run clientbased anti-malware that slowed our virtual machines and created management issues,” said Hunt.

With plans to grow to 300-400 virtual machines over the next five years, the FEAS lacked the resources to monitor each machine and perform necessary upgrades. “With students logging in to the system for classes every hour, there was no room for downtime — we needed a security solution that was rock-solid and reliable,” said Hunt.

"Deep Security has been a highly successful security solution for our VDI environment."

Stephen Hunt,
IT Director, Queen’s University FEAS

Why Trend Micro

Based on the FEAS’s requirements for effective VDI security, high performance, and efficient management, a Queen’s University partner recommended Trend Micro™ Deep Security™. “Deep Security was the only solution that plugged into a VDI environment, making it an easy decision for the university,” said Hunt.

As a major university with sensitive research information and personal student and faculty information, the FEAS wanted a world-class security solution for its VDI. “We understood the importance of picking a leading security provider that was progressive — Trend Micro has a global reputation for innovation, development, and proven solutions,” said Hunt.

Solution

Queen’s University FEAS deployed Trend Micro™ Deep Security™ five years ago. The solution currently provides anti-malware protection for their virtual machines, but offers additional capabilities such as intrusion prevention, web application protection, host firewall, and more that the FEAS IT team can turn on as needed.

Deep Security™ provides comprehensive protection for virtual desktops while preserving performance and consolidation ratios. Built specifically to handle the rigors of virtual desktop environments, Deep Security maximizes protection for a broad spectrum of virtual desktop scenarios.

Optimized for VMware VDI environments, Deep Security ensures no extra footprint from a security agent to impact the virtual desktops and the underlying host. “Since we installed Deep Security, we rarely talk about security issues because it’s always working and protecting our VDI environment,” said Hunt.

Results

Trend Micro™ Deep Security™ delivered the capabilities Queen’s University FEAS needed to provide VDI for its engineers — world-class security, high performance, and easy management. “The university Security Officer considers our VDI system protected by Deep Security to be a key component of our secure environment,” said Hunt.

In addition to securing the environment, the agentless anti-malware of Deep Security™ did not impact performance, so engineering applications ran smoothly. The solution was also painless to manage, with simple monitoring from a single pane of glass, and easy upgrades — even when the system is running. “Deep Security has been a highly successful security solution for our VDI environment. It provides a responsibly priced, easy-to-administer system that reduces risk in a very simple way,” said Hunt.

What's Next

As a leading engineering school, Queen’s University FEAS understands the need for security that stays a step ahead of ever-changing threats. For example, the IT team is currently looking at the bidirectional host-based firewall component of Trend Micro™ Deep Security™, which allows them to write rules to restrict web traffic. “We were installing Microsoft Windows 10 and within 24 hours we realized malicious probes were infiltrating the system. With the Deep Security firewall, we can detect and stop these reconnaissance scans,” said Hunt.

In addition to moving critical research servers to Deep Security™, Queen’s University FEAS is making a big push for creating a secure bring-your-own-device (BYOD) environment for students and faculty. “In the future, we expect students will be running individual applications on their own laptops, and we need to ensure those personal devices and our system remain protected,” said Hunt.