Established in 1911, the University of Western Australia (UWA) is a public university consistently ranked in the top 1% of academic institutions worldwide. The university maintains two campuses and over 75 research and training centres across Australia. In addition to 22 schools offering undergraduate and graduate degrees in everything from medicine to music, UWA receives over $71 million of external research income annually.
As a multifaceted institution with many external partners, UWA faced a variety of challenges. One is straddling a thin line between enabling access to sensitive data and systems while still protecting it from unauthorized parties. โIn a corporate environment, digital assets can be locked away behind a firewall, but some of our systems and data must be left open to enable global collaboration,โ explains Warwick Calkin, Chief Digital and Information Officer.
Another challenge was complex, outdated infrastructure. โUWA had about 1,200 different legacy systems, about half of which were unknown or not managed very well,โ explains Cam Marshall, Associate Director, Infrastructure & Platforms. This complexity made it harder to comply with the cybersecurity standards needed to compete for defence research projects with the Australian government. It also complicated the universityโs response to the COVID-19 pandemic.
โFor years, our tech landscape had been significantly under-invested, and then COVID-19 fundamentally changed the way we needed to deliver education and perform research,โ says Peter Seddon, Assistant Director of Strategy, Architecture, Portfolio & Business Intelligence. โA campus no longer refers to a physical place, but a collection of people.โ
For several years, UWA had been using Cloudflareโs CDN on a few subdomains. Faced with an urgent need to phase out their legacy technology and secure their externally facing systems, UWA chose to expand the relationship.
Cloudflare DNS enabled UWA to transform its entire DNS infrastructure, decommission its legacy DNS hardware, consolidate thousands of DNS records into a single source of truth, and radically simplify its internal legacy DNS by removing all external sites and focusing exclusively on on-campus services. These external sites included over 130 web properties run by UWA affiliates and associates. Once UWA moved all of those sites behind Cloudflare DNS, the university was able to implement WAF protection for them, use common Cloudflare Certificates to transform SSL security certificate management, and establish governance policies and processes for those affiliates and associates to follow moving forward.
โCloudflare enabled us to consolidate over 18,000 DNS records and significantly simplify our landscape,โ Seddon says. โItโs difficult to convey the extreme magnitude of this change. Prior to implementing Cloudflare, some of our project managers told us that theyโd never seen this level of complexity before, in any educational institution or business.โ
Additionally, with its DNS structure simplified, UWA is now able to provide better, more secure WiFi to students, faculty, and guests
Using Cloudflare WAF, UWA implemented a firewall allowlist to block all website access except for a nominated set of IPs, greatly reducing the universityโs attack surface and establishing a foundation for the safe, progressive migration of all remaining services behind Cloudflare WAF.
โCloudflare WAF has moved our risk outside of UWA,โ Marshall adds. โPrior to Cloudflare, we had unmanaged systems that were at risk for DDoS and other cyberattacks. With the WAF in place, if we have a problem, our internal business operations can continue uninterrupted.โ
Prior to implementing Cloudflare WAF, UWA lacked visibility into its data environment. As a result, the university took a proactive approach to security, responding to cyberattacks instead of acting to prevent them. Implementing Cloudflare WAF and integrating it with Splunk has transformed UWAโs approach to cybersecurity.
โIntegrating the Cloudflare WAF with Splunk has provided us with a thorough understanding of our infrastructure and complete visibility into our threat environment,โ Marshall says. โWe can now engage in preemptive security measures.โ
Seddon notes that the infrastructure changes Cloudflare have enabled create opportunities for further improvements, such as implementing processes to use Cloudflareโs network security capabilities to identify, triage, and block external network cyberattacks.
โAt the outset, no one at the University of Western Australia fully estimated the positive impact of implementing Cloudflareโs security and performance solutions,โ Seddon notes. โCloudflare enabled The University of Western Australia to achieve far more than we originally anticipated and put us in a stronger position to securely manage our Internet-facing network.โ
Calkin appreciates the investment in local support that Cloudflare provides in Western Australia, which is unique to Cloudflare. โWestern Australia is the countryโs most remote province,โ he explains. โVendor presence is poor on this side of the country, and some services simply arenโt available here. Cloudflare has made local investments in Western Australia that other vendors havenโt. We get local support provided by local people. I wish all of our vendor engagements were like Cloudflare.โ
Used Cloudflare WAF to implement an allowlist to block all website access except for a nominated set of IPs, greatly reducing its attack surface.
Cloudflare DNS enabled UWA to decommission an on-premise DNS server and consolidate over 18,000 DNS records.
UWA moved over 130 third-party website services behind Cloudflare DNS and implemented security protection for most of them.
โCloudflare has made local investments in Western Australia that other vendors havenโt. We get local support provided by local people. I wish all of our vendor engagements were like Cloudflare.โ
Warwick Calkin
Chief Digital and Information Officer
โCloudflare enabled University of Western Australia to achieve far more than we originally anticipated and put us in a stronger position to securely manage our Internet-facing network.โ
Peter Seddon
Assistant Director - Strategy, Architecture, Portfolio and Business Intelligence
์์