IT News

WCU adds web filter to fight against malware

Swartzentruber_Scott

By Scott Swartzentruber, Director of Networking and Communications

WCU has added another tool in the ongoing fight to protect the campus from the harmful effects of malware: a web malware filter. Malware is the generic term for all forms of malicious software (viruses, spyware, Trojans, etc.) that are designed to interfere with a computer’s normal functioning.

Last year, IT began seeing a sharp increase in the number of student, faculty and staff computers that were infected with some form of malware. Malware cleanup and removal can be a lengthy process, and this increase in infections was having a negative impact on the quality of the service that IT was able to deliver to the campus. Students were particularly affected as the surge in malware infections caused a large backlog of support requests. As a result, they had to wait many days to get their computers repaired.

The majority of this malware was arriving via the web. Students, faculty and staff would visit infected websites and their computers would become infected by these sites. It is difficult to tell when a website is hosting malware that will infect a computer, and with the amount of advertisements and other links seen on a single page not even the web content providers can be sure their sites are free from this sort of malware. Many respected companies have unwittingly hosted web-based malware.

IT began to investigate options to address this issue during this past summer. It was decided that the campus needed a tool that would evaluate all web traffic and filter out the bad content. IT evaluated and selected a tool that compares all inbound and outbound web traffic against sites that are known to have been compromised. If the site is known to be a host for malware, the content from that site is blocked.

The system was installed in early August and since that time it has filtered over three million requests that it categorized as spyware, malware or otherwise suspicious sites. The early indications are that the system is having a positive effect on the quality of service that IT can deliver. Incidents of malware-infected computers are down compared to this same time last year, and IT is spending much less time cleaning up infected computers.

An added benefit of the system is that it has the capability to cache requested web content. The first time a campus user clicks on a website, the system will store a copy of the page content so that when someone else clicks on the same website the content can be delivered from the system’s cache. It is important to note that the system can’t cache everything—password-protected or rapidly changing content does not get cached, for example. Even with these limitations, the system has decreased the campus’ Internet connection usage by an average of 20%. These savings translate directly into cost savings for the university as it delays the need to increase the amount of Internet connection bandwidth that the university pays for.

For more information on WCU’s web malware filter, contact Scott Swartzentruber at scotts@wcu.edu.