Search:

• Technology Services at MSU
• Guidelines & Policies
• Help & Support
• MSU IT Exchange
• Network
• SecureIT
  (Safe Computing)

Quick Links

• E-mail
• ANGEL - Course Management
• LON-CAPA
• Computer Repair
• Computer Store
• Computer Labs
• Training Classes
• Library Catalog

• Libraries, Computing & Technology
• Institutional Memberships & Associations

Protection for the MSU Network

05/31/2006

Michigan State University uses intrusion detection and prevention (IDP) systems to protect the campus network from known attacks. IDP systems have been placed at the border, and at select locations within the campus network.

How it works
The IDPs examine every data packet that flows between MSU’s campus network and the global Internet and at strategic junctures on the campus network. The devices inspect data packets flowing through the campus network, looking for known attack signatures and protocol anomalies. When an IDP encounters a packet that matches a known threat, the packet is not delivered, and the IDP logs the event.

During normal operations the detection process adds about 3 milliseconds of latency. The operation of the IDPs should be virtually invisible to users of the campus network under normal conditions. On a typical day, the IDPs block hundreds of thousands of potential attacks on the campus network. Visit Network Security for statistics on IDP activity.

Possible network interruptions and false positives
From time to time the campus network undergoes particularly extreme attacks. At such times one or more of the IDPs may find its resources taxed, interrupting communications across the campus network, or to or from the Internet. Once the attacks are identified and the sources are blocked, network performance will return to normal.

Sometimes a device on the campus netowrk may emit traffic that is not malicious but that fails to follow protocol specifications in a potentially dangerous manner. On extremely rare occasions, it is possible that an IDP will register a “false positive” and interrupt benign network activity. In either event it may be necessary to update user software or hardware to prevent the offending condition.

More information
As with any ACNS service issue, network outages and performance issues are reported on Service Status.

Individuals and units having questions about the MSUnet IDPs or who believe their systems or regular network usage may be adversely affected by the IDP should contact the Academic Computing & Network Services (ACNS) Help Desk at (517) 432-6200.

by Rich Wiggins, Academic Computing and Network Services

Computing News & Events Archive

• Accessibility
• Contact Us
• MSU Home Page