Background 

Newcastle University has a student population of approximately 25,000 undergraduate and postgraduate students. A member of the Russel Group, Newcastle University has one of the largest EU research portfolios in the UK.  

Teaching and research are delivered in 24 academic schools and 40 research institutes and research centres, spread across three Faculties: the Faculty of Humanities and Social Sciences; the Faculty of Medical Sciences; and the Faculty of Science, Agriculture and Engineering. The university offers around 175 full-time undergraduate degree programmes in a wide range of subject areas spanning arts, sciences, engineering and medicine, together with approximately 340 postgraduate taught and research programmes across a range of disciplines. 

The University has a 50-acre campus in Newcastle city centre, and a further three campuses in London, Malaysia and Singapore extend the University’s international presence. The Newcastle campus is the hub for teaching, research and collaboration and is in close proximity to the University’s two datacentres. 

The Requirement 

In 2018 the University’s firewall solution was approaching the end of its 5-year planned lifespan.  The University embarked on a replacement programme which formed part of a larger project within the University. This included upgrading bandwidth of internet connections and moving termination of the second JANET connection to the University’s off-site datacentre. 

In the spring of 2018, the University publicly engaged with suppliers and vendors on the JISC Routing and Switching framework for the provision of new perimeter security appliances.  In the summer of 2018, the University released a tender for the replacement of its firewall solution to partners on the Jisc Routing and Switching framework. The framework, run by JISC in association with LUPC, was set up to supply a wide range of devices up to high-end carrier class type equipment supporting up to 100 Gigabit Ethernet and is open to higher education institutions, further education and specialist colleges and research council establishments in the UK. 

Following a tender submission European Electronique was awarded a contract for the supply of a new firewall solution, associated support, services and implementation which was signed late in November 2018 and implemented in the early part of 2019. 

The Solution 

The proposed solution comprised of a Fortinet firewall and associated products. Fortinet specialise in providing top-rated network and content security, alongside secure access products designed to share intelligence and work together to form a cooperative fabric. Fortinet’s flagship enterprise firewall platform, FortiGate, is available in a wide range of sizes and form factors to fit any environment and provides a broad array of next-generation security and networking functions. 

For the University European Electronique proposed a pair of FortiGate 6301F appliances with comprehensive UTM functionality to deliver IPS, DoS Mitigation, VPN, Application Control and NAT to the University. 

The 6301F appliances feature four QSFP28 interfaces supporting 40/100Gb connectivity and 24 SFP28 interfaces supporting 1/10/25Gb connectivity, providing the University with a highly connected and capable solution to support the University’s functional and bandwidth requirements both immediately and in the future. 

One of the compelling reasons for selecting Fortinet as the University’s preferred solution was the performance of the proposed units at a competitive price point. In traditional security appliances, multi-purpose CPU-based architectures become an infrastructure bottleneck. Even with multiple-core general purpose processors, network security devices cannot deliver the high performance and low latency needed for today’s networks.  

To accelerate the processing of security and networking functions, Fortinet design unique security processors. These purpose-built security processors radically boost performance and scalability to enable the fastest network security appliances available. Fortinet security processors can accelerate specific parts of the packet processing and content scanning functions. This technology also offers the ability to run multiple security applications without degradation in performance. 

Fortinet’s next generation firewall FortiGate security appliances are powered by combination of Content Processors and Network Processors where the Content Processor works outside of the direct flow of traffic, providing high-speed cryptography and content inspection services and the Network Processor works in-line with FortiOS functions delivering superior firewall performance for IPV4, IPV6, and multicast traffic with ultra-low latency. 

The final part of the solution was a smaller pair of FortiGate 500D appliances for the University’s team to be able to test functionality, code and future requirements.  

 As part of the wider tendered solution European Electronique supplied professional services from our highly accredited, in-house, team to deliver project management and technical services for design, consultancy, implementation assistance, migration assistance and training. The solution was signed off and fully accepted into operation in June of 2019.