Auckland University of Technology
Key Business Needs
AUT needed to upgrade its current system to accommodate rapidly growing security requirements and limited staff resources. In addition, the university was having difficulty acquiring a macro view of its security posture, so an upgraded system would enable better scheduling control, reporting capabilities and distribution mechanisms.
Tenable Products Selected
AUT selected SecurityCenter Continuous View™ (CV), which provided superior workflow automation and vulnerability management and met or exceeded its criteria regarding price, capabilities and performance. In addition, Nessus scans, the Passive Vulnerability ScannerTM (PVSTM) and the Log Correlation EngineTM (LCE®) helped AUT consolidate data and share reports with a wider audience through email distributions.
The AUT security team now has more control and better visibility into cybersecurity across the university, and can run dozens of scans with fewer people. In addition, with a macro view of AUT’s entire security posture from one console, the team can reduce incident response times and proactively monitor its network. And Tenable’s custom reports and dashboards help generate relevant and timely analytics and reporting.
Auckland University of Technology, one of the fastest growing universities in New Zealand, is faced with rapidly increasing system security demands. While Nessus® had met AUT’s needs for many years, it was felt that AUT should move up to SecurityCenter Continuous ViewTM to:
- Better manage the increasing number of vulnerability scans
- Reduce the time to perform each scan
- Gain a more holistic view of the university’s security posture
- Better manage and share reports
Auckland University of Technology
Auckland University of Technology (AUT) is the second largest university in New Zealand. Established in 1895 as the Auckland Technical School, it was renamed Auckland University of Technology in January 2000 when it was granted university status.
AUT has three teaching campuses located in south Auckland, Auckland’s CBD and on the North Shore; and three specialist facilities: the Centre for Refugee Education, the Radio Astronomy Observatory in Warkworth and AUT Millennium.
With more than 28,000 students enrolled in undergraduate and postgraduate programmes, AUT has consistently been a leader in enrollment growth for both New Zealand and international students across a wide range of professional disciplines.
AUT has been using Tenable’s Nessus vulnerability scanner for a number of years. During that time, they have augmented Nessus with in-house developed tools that feed reports into AUT’s monitoring system for wider visibility. This configuration worked fine for asset management and discovery; the AUT security team was able to look at common high impact vulnerabilities that could be addressed quickly, and they have been able to track the status of patching levels easily.
However, AUT’s growing security requirements have been stretching their operational staff resources. They felt the need to upgrade for several reasons:
- The increasing amount of manpower required to perform and manage more and more active scans
- The difficulty in acquiring a macro view of the university’s security posture
- The need for better scheduling control
- The need for better reporting capabilities and distribution mechanisms
While AUT was a satisfied Nessus customer, they were looking to expand its use and capabilities. So the security team performed a market survey to establish a baseline for vendors in the vulnerability management category. AUT was fortunate to be able to take advantage of a collective licensing agreement between Tenable and a consortium of APAC higher education institutions (CAUDIT) 1.
“Together with AUT’s excellent experience with Nessus and the CAUDIT pricing model,” said Brian Green, AUT Security and Access Manager, “we felt confident that moving up to SecurityCenter Continuous View provided the best overall solution and outcome.”
The Tenable Solution
AUT now enjoys superior workflow automation and vulnerability management with SecurityCenter Continuous View (SecurityCenter CVTM). SecurityCenter CV met or exceeded AUT’s evaluation criteria in price, performance and capabilities.
From a technology perspective, AUT has consolidated data from across the university through Nessus scans, the Passive Vulnerability ScannerTM (PVSTM), and the Log Correlation EngineTM (LCE®). Reports will be shared with a much wider audience through email distributions, providing greater business value for all security personnel. “Productivity has improved with SecurityCenter’s superior scan management capabilities,” explained Green, “providing greater visibility into our university-wide security posture and vulnerability management.”
From a business and financial point of view, having a local reseller in Australasia reduced the sales cycle and got AUT up and running in a shorter timeframe. And according to Green, “the Tenable customer experience was painless.”
With SecurityCenter CV, the AUT security team has better control of and visibility into university- wide cybersecurity, including:
- Centralized management over dozens of scans and scan schedules
- Reduced manpower to run scans
- A macro view of the entire university’s security posture from one console, enabling proactive monitoring
- Enhanced reporting capabilities to provide seamless distribution of reports to the appropriate systems teams
- Improved visibility and reduced incident response times
- Custom reports and dashboards which provide greater flexibility for generating more relevant and timely analytics
The AUT security team has used all the SecurityCenter CV components – Nessus, LCE, and PVS – to great advantage. “SecurityCenter fosters insight, collaboration, and efficiencies across all systems,” said Green.