Extensive, Evolving Threats Require Extended Detection and Response
By Nick Lewis, Internet2 Program Manager
An update on the August 2021 NET+ Palo Alto Networks Community Call
As higher education moves into another school year, institutions are bracing for what comes next. And, even as we work to understand the potential long-term impacts of the last 18 months on higher education’s mission, we know one thing for sure: bad actors aren’t waiting to see what the next ‘new normal’ looks like.
They’re busier than ever, using advanced tactics and techniques to probe defenses, identify vulnerabilities, and plot their next attack.
During a NET+ Palo Alto Networks Community Call on August 19, we got a sneak peek into the new Cortex XDR 3.0 that was officially released on August 23. David Falcon, Cybersecurity Solutions Architect and Systems Engineer from Palo Alto Networks, provided a tour of the new interface and demonstrated some new and enhanced features.
Visually, version 3.0 offers an even cleaner pane of visibility into an institution’s operations. Community members on the call were very enthusiastic about the updated interface. If you haven’t seen it, you can review the demo in the call archive.
XDR and Modern Campus Cybersecurity
One of the reasons the NET+ service evaluation campuses and Internet2 worked with Palo Alto Networks to bring the Cortex XDR solution to the community was sheer urgency. Even schools that had managed to build and scale secure remote learning, research, and operations before the onset of COVID realized they needed to do more.
As Matt Nappi from Stony Brook University shared, they needed to “hit the gas pedal” on protecting the new hybrid campus. Advanced security solutions like Cortex XDR are a foundational part of this modernization.
“At the outset of COVID, we essentially had to spin up a virtual student computer lab in Azure extremely quickly. We are already going down that road, but we needed to adequately protect it,” Nappi said. “We are already using Palo Alto for our firewalls, both within Azure and also on prem. So when we were choosing an EDR solution, we wanted to deploy quickly and start seeing benefits quickly. It was pretty clear that Cortex was the way to go for us.”
The Palo Alto Networks and Stony Brook University teams worked together to ensure they could hit the ground running, realizing value immediately with strong technical resources.
And it’s not just the product as delivered today that’s so important to Nappi, but an ongoing partnership with Palo Alto Networks that is focused on helping shape a better future for cybersecurity inside higher education.
“One of the things we’ve noticed is continual product improvements, a welcome cadence of updates. Because they really take our input—they consider it if something’s not already on the roadmap, they talk about how we can better serve not only our use case, but the higher education community, and they take that into their planning very seriously,” Nappi added.
“We’ve already started to realize the benefits of buying through the program. We already had part of our environment licensed. But that didn’t cover all of our domain-joined Windows computers and non-Windows computers,” Nappi said. “The funding that we got for this was based on emergency circumstances. Now that this new bundle became available via Internet2, we’re able to practically double our license count. So we’re able to really cover all the endpoints that we wanted to cover through the program.”
Reviewing the state contract for New York, Nappi realized that the Internet2 contract pricing was much lower than the state contract. That made the procurement process much faster for Stony Brook University. “When there is something the higher ed community needs or wants, it’s really nice to have Nick and the Internet2 team to advocate on behalf of not only Stony Brook, but also for the higher education community as a whole,” Nappi said.
Let’s Collaborate on What’s Next
The NET+ Palo Alto Networks solutions are just the starting point for what we hope to help higher education accomplish. As we work with institutions across the community, we are learning more about what we need to do to secure the future of higher education. That collaboration makes our community calls so valuable. We hope you can join our next call on September 16 at 1 p.m. ET, where we will be talking about security operations automation.
We want to make this a dialogue, so please share your questions and cybersecurity challenges with the NET+ team at firstname.lastname@example.org. If your campus wants to learn more about configurations and pricing, please contact the Carahsoft team at email@example.com.