Central New Mexico Community College
Since its inception, Central New Mexico (CNM) Community College has delivered strong career-technical programs. It offers focused curriculum in math, science, and engineering; business and information technologies; applied technologies; and communication, humanities and social services to prepare students for rewarding careers upon graduation.
With eight locations around Albuquerque, CNM has a large attack surface to defend. The IT and security teams work closely to protect users, data, and other assets from cyberthreats. Even though threats continue to proliferate, a higher education institution’s budget cannot increase at the same rate. When it was time to refresh the college’s firewall, the IT and security teams looked for a way to improve defenses while simplifying operations.
“We wanted to combine firewall, IPS, and web security capabilities into one solution and manage them through a single pane of glass,” said Luis Brown, IT Chief Operations Officer/Chief Information Security Officer for CNM. “Having multiple interfaces and systems not only obscured visibility into threats across the infrastructure, but supporting multiple systems was time-consuming and costly.
The team began evaluating possible solutions from Check Point, Cisco, Fortinet, and Palo Alto Networks. Their first consideration was effectiveness in identifying and stopping threats. However, ease of management was also a priority. After conducting proof of concept tests with the solutions, CNM chose Check Point SandBlast Zero-Day Protection with Threat Emulation and Threat Extraction.
“Check Point has delivered great protection, performance and value for the challenges we were facing at CNM,” said Brown. “Management is seamlessly integrated, and we gained features that we never had before, such as application control and identity awareness, which allowed us to maintain better security and prevent attacks.”
Check Point SandBlast Zero-Day Protection increases network security with evasion-resistant malware detection and comprehensive protection from the most dangerous attacks. Check Point SandBlast Threat Emulation monitors CPU-based instruction flow for exploits attempting to bypass operating system and hardware security controls. The Threat Extraction component removes risky content, such as macros or embedded links, and reconstructs documents using only known safe elements and provides sanitized “clean” files in a very quick time without interrupting the business flow.
The team deployed Check Point gateways across its locations to protect the college’s web browsing and Internet traffic. Currently, email traffic is encrypted and goes directly to Microsoft Office 365.
“We worked with the Check Point engineering team to deploy the management console,” said Johnny Garcia, Senior Network Security Administrator. “Check Point’s commitment from presales through deployment was fantastic.”
Stopped Unknown Threats
SandBlast Zero-Day Protection blocks cyberthreats coming from the Internet and malicious websites. Check Point SandBlast Threat Emulation sandboxing stops attacks before they have a chance to evade detection and infect systems.
“Check Point protects us from threats that we didn’t even know about,” said Brown. “With Threat Emulation and Threat Extraction, we can now see exactly what Check Point is stopping. We never had that ability before.”
Delivered New Capabilities
Integrated blades for application control, IPS, and identity awareness give the CNM team even deeper visibility into users and traffic. The Check Point Application Control blade delivers granular control over social networks, applications, and features within applications. The Check Point Intrusion Prevention System blade provides industry-leading protection and performance. The Check Point Identity Awareness blade enables the team to easily add user, user group, and machine identity intelligence to their defenses—and all capabilities are managed through the single pane of glass.
“One of my goals was to implement identity awareness policies,” said Brown. “Check Point Identity Awareness gives us granular access to data centers, applications, and network resources for better, intelligent control over college assets.”
Check Point SandBlast Zero-Day Protection is fully integrated with Check Point Security Management, one of the main selling points for CNM. Instead of having to manage three different systems and management consoles, now the team creates security policies, profiles, and configurations from a unified platform for eight Check Point gateways. Brown said that management requires only minimal input, because SandBlast Zero-Day Protection is keeping threats out— reducing or eliminating time needed for investigating and remediating problems.
“Check Point SmartEvent and SmartLog are amazing features,” said Johnny Garcia, Senior Network Security Administrator at CNM. “They give us immediate visibility into any security-related events and collect data on issues that come up so we can resolve them quickly.”
Prepared for What’s Next
The CNM team is just beginning to unleash the full power of Check Point. They are migrating to the Check Point R80 security management platform, which will further simplify management across network and cloud deployments. Check Point Advanced Technical Account Management (ATAM) services will provide dedicated Check Point engineering support to help maximize the solution’s capabilities for their needs. The CNM team also can proactively perform threat hunting, remediation, and response instead of reacting to multiple, diverse alerts.
“Security in any organization has to simply work,” said Brown. “Check Point does that and more.”