Waseda University, which will celebrate the 150th anniversary of its founding in 2032, formulated the "WASEDA VISION 150" as its medium-and-long-term plan to build a firm position as one of Asia's most prestigious universities. To realize this plan, the University’s IT Strategies Division determines goals and measures to be achieved by maximizing the value of computerization, by accelerating implementation of all measures such as migration to the cloud, and by strengthening security measures.
“Waseda University’s Information Planning Department has stipulated management reforms, collaboration enhancement, disaster control measures, and security as our top priorities, which makes having consistently reliable, high-performing websites and applications essential,” stated Tomohiro Takahashi, Associate Administrative Director, IT Strategies Division Administrative Director, IT Strategies Section.
Complicated on-premise management in rapidly changing environment and high workloads under cyberattacks
The amount of peak web traffic increases year by year as Waseda University hosts significant events such as university admissions tests or open campus sessions. In the past, Waseda’s website, built on on-premise solutions, has experienced random DDoS attacks causing visitors to complain about slow response times. To investigate the root cause and resolve the issue, IT staff was forced to work late into the night or on weekends. Not only was development cost high, but also server sizing was very difficult since there was a big gap of server load between normal access and peek access. Disaster control measures were also urgently needed since all facilities were provided on-premise and would be unable to keep serving when damaged by disasters such as earthquakes. Waseda University’s team came to believe that new services qualified with customer requirements could be quickly and more cost-effectively developed using a cloud or managed service as a replacement to its existing on-premise approach.
Fully integrated, rich feature set on a massive platform
"Cloudflare delivers all the functionality on one, integrated platform and covers everything we want to do," said Tomohiro Takahashi. Cloudflare’s 30-Tbps capacity network spans 194 cities in over 90 countries, including China, and Cloudflare delivers all functions on each point-of-presence (PoP) including CDN (Content Delivery Network), WAF (Web Application Firewall), DDoS mitigation and Bot mitigation. As a result, the Cloudflare network handles user traffic quickly and securely and, in addition, customers can easily configure, manage and use all functionalities as a service. As Waseda University also accepts students from overseas, it was necessary to deliver stable web services to China users as well.
Simple pricing structure and flat rate
Cloudflare pricing is mainly based on the total amount of traffic and number of target TLDs (Top Level Domains) such as ‘.jp’ or ‘.com’. This contrasts with other CDN vendors whose price is based on number of target subdomains, not TLDs. “Budgeting is difficult for us, since the University has all kinds of education and research projects which effect website utilization and can increase or decrease the number of subdomains accordingly. Cloudflare’s pricing structure is very simple, allowing us to plan a budget with peace of mind,” continued Tomohiro Takahashi. In addition, when a customer is attacked by DDoS, other vendors may charge for attack traffic. Cloudflare does not charge for such burst traffic as its service is provided at a flat rate.
Everything we need is offered as an all-in-one package at low cost
“We compared several CDN vendors as part of a multi-phased vendor selection process. Cloudflare has launched new and exciting features one after another and is an influential vendor. Cloudflare’s partner, GlobalDots, offered a service which can store and analyze raw data for more than 3 months. We were convinced that by selecting Cloudflare and GlobalDots, we would be able to deliver our required functionalities, including operation and incident support and long-term log analyzing as an all-in-one package,” explained Hitoshi Kusunoki, Project Leader, IT Strategies Division at Waseda University.
Service stability and easier operations
“The production phase started a few months after the trial. To avoid a false positive, we used simulation functionality included in WAF policy options to check the behavior of the new WAF policy with actual traffic. WAF policies are provided by default and we found them very easy to configure. If we need a custom signature, as soon as we send a request from the platform, it will be reflected on the platform by Cloudflare and can be operated almost maintenance-free. In the past, there were inquiries from users that web access was extremely slow at large events such as open campus. However, we never heard such complaints again after Cloudflare was installed,” explained Hitoshi Kusunoki. "By using Cloudflare, service stability has been strengthened and operations have become much easier,” concluded Tomohiro Takahashi.
“The initial target scope of Cloudflare was 2 websites: the main website of Waseda University that has the greatest user access, and the website used by the University’s Information Planning Department. With the success of the initial implementations, the scope has been expanded to other websites including the University’s Learning Management System (LMS). GlobalDots will optimize WAF policies for LMS website protection. We considered adding more servers to handle the ever-increasing number of user access requests. With Cloudflare, however, we could reduce the server usage to almost half. As the result, further cost reduction could be expected,” mentioned Hitoshi Kusunoki.
In addition, as the next stage of migrating web servers to the cloud, Waseda University is planning to take measures to reduce disasters across the entire system by utilizing Cloudflare's DNS Firewall. The authoritative DNS servers that hold the actual DNS records of main web servers are currently running on an on-premise environment, and it is difficult to move to a cloud model without service impact. Cloudflare DNS firewall caches the DNS response from the authoritative DNS servers, and if an authoritative DNS server goes down, the DNS firewall continues to provide DNS service by using the cached response until the DNS server comes back online.
"Cloudflare has launched one innovation after another such as Cloudflare Access, which allows students or professors to securely access internal web resources such as the intranet without an agent. Or Cloudflare Magic Transit, which distributes the global IP address pool held by Waseda University via BGP and provides cyberattack protection for on-premise and cloud platforms. We look forward to hearing of more Cloudflare innovations and new solutions to come." concludes Hitoshi Kusunoki.
Reduced server loads by half and no need for server sizing
Zero complaints from users with automated protection
Rapid service deployment with zero initial cost
“We were convinced that by selecting Cloudflare and GlobalDots, we would be able to deliver our required functionalities, including operation and incident support and long-term log analyzing as an all-in-one package.”
IT Strategies Division