TU Chemnitz

Success Story downloaden
Maximum security for 12,000 mailboxes at a university

Maximum security for 12,000 mailboxes at a university

Chemnitz University of Technology has opted for the eXpurgate solution in its search for a high-performance solution to secure its email traffic. It reliably fends off spam and malware – especially phishing and ransomware attacks – and thus significantly reduces the workload of the university’s data center team.

Basic motivation

Cyberattacks are no longer just an issue for companies of all sizes and industries – universities are also increasingly being targeted by criminals and the number of attacks is steadily increasing. Most recently, two neighboring universities of Chemnitz University of Technology were affected by major IT failures and were subsequently offline for weeks.

Chemnitz University of Technology’s internal IT is caught between the increasingly threatening security situation and decreasing staffing levels, making it increasingly difficult to adequately prevent and respond to security incidents. In addition, it must meet the high expectations of students, staff and other employees in projects for worldwide availability of IT systems and immediate access to internal data repositories, regardless of location and time.

Initial situation

With the solution previously used, the recognition rates for Chemnitz University of Technology were not high enough, which, given the total volume of emails, drove the support costs to unmanageable levels and also entailed considerable risks.

After two users of the university’s mail system fell victim to particularly perfidious BEC attacks (Business Email Compromise, also known as CEO fraud) last year alone and lost money in the process, it was particularly important to Chemnitz University of Technology when selecting a new security solution that these sophisticated attacks – as well as emails with dubious or dangerous attachments – could also be reliably detected and blocked. In addition, the solution had to integrate seamlessly into the university’s existing on-premises system infrastructure and meet the high data protection requirements.

“Our aim was to avoid having to repeatedly warn our users about new waves of fraud, because the dangerous emails are already rejected by our security solution and don’t even reach the users in the first place.”

Frank Richter

Data communication working group at the University Computer Center of the TU Chemnitz

The challenge

  • Increasing number of IT security incidents and attacks on universities
  • High user expectations regarding the availability and security of IT systems
  • Inadequate staffingto cope with security requirements
  • Need to protect both employees and students from spam, malware and fraud attempts
  • Integration of the solution into the existing on-premises IT landscape

Targeted defense against suspicious and dangerous emails

Chemnitz University of Technology now uses eXpurgate.Inhouse on-premises with Additional Protection for all of the approximately 12,000 mailboxes on its incoming mail server todefend against spam and malware, as well as sophisticated phishing and ransomware attacks. On weekdays, the university receives around 40,000 emails per day, of which around 20,000 are delivered. In the case of targeted attacks, however, this figure can rise to 200,000 emails in one day. “If this amount of emails were to get through unchecked, it would be quite a catastrophe,” says Frank Richter, administrator at the TU’s computer center, commenting on the threat situation.

The various filter functions and the Intelligence Hub, in which all the information gathered by eXpurgate worldwide is collected centrally and analyzed and evaluated in multi-stage test procedures, now ensure a very high detection rate for suspicious emails and, depending on the individual settings, their defense.

Technische Universität Chemnitz dataglobal Group

The eXpurgate Core Engine is the basis of every integration. It uses a variety of technologies such as fingerprinting and hashes to classify emails into more than 15 different email categories – allowing granular handling according to individual requirements. The bulk check, for example, distinguishes between individual communication and mass emails. Chemnitz University of Technology has decided at this point to deliver the bulk emails, as this also includes newsletters that users want to receive. By setting up personal filters, users can then decide for themselves what should happen to their mailboxes. Spam emails and those containing viruses, on the other hand, are rigorously rejected and the sender is informed that they have not reached the recipient. The IT staff at Chemnitz University of Technology find the detailed assignment of incoming emails to the various categories and the options for analyzing and dealing with them accordingly very informative and useful.

For added security, eXpurgate’s Malware Outbreak Protection uses the Intelligence Hub and a comprehensive view of global email traffic to detect malware outbreaks based on their distribution patterns before they become a problem for the university and can quickly take appropriate action.

Simple integration into existing infrastructure

The quick and uncomplicated technical implementation of the solution on the university’s Linux mail server also speaks in its favor, according to administrator Frank Richter: “The biggest thrill for me as a technician is that eXpurgate could be integrated so seamlessly into our existing infrastructure, we didn’t need any new hardware for it and the resource requirements for the software are also very low.”

In addition, availability is very high and response times are short. Downtimes of the Intelligence Hub service are either announced in advance by the dataglobal Group or proactively communicated and explained afterwards. “We are impressed by the very transparent handling of problems that occur in the IT environment,” explains Richter.

Fast and efficient support

Another plus point, according to the data center team, is the exceptionally good, fast and, above all, accessible support, which helped to solve teething problems during implementation within a few days. The necessary contract for order processing (AV contract) in accordance with the GDPR with the special requirements of a German university could be concluded quickly and transparently with the support of the support team. As a fully German provider, the dataglobal Group is subject to the same legal requirements as the university.

“You hardly ever experience this at software companies, where you can get access to developers who can look directly into the system. This allows any problems to be solved quickly and effectively.”

Frank Richter

Data communication working group at the University Computer Center of the TU Chemnitz

TU Chemnitz dataglobal Group

After the introduction of eXpurgate

  • Significantly improved protection against spam, malware & co.
  • Highest detection rates relieve the burden on internal IT by fending off problematic emails
  • Simple implementation on-premises on the existing Linux infrastructure and reliable support
  • The highest data protection requirements are met

Key figures at a glance

  • 12,000 mailboxes
  • 40,000 incoming e-mails daily, of which around 50% are rejected
  • Peaks in incoming mail up to 200,000/day

Improved protection and relief for internal IT

The introduction of eXpurgate went just as smoothly and straightforwardly for Chemnitz University of Technology as hoped. The high detection rate and the resulting significant reduction in suspicious emails has noticeably reduced the amount of support required from the data center team, allowing them to focus on other important tasks.

For the future, Richter can imagine expanding the solution and extending it to outbound emails in order to further increase security and better control hacked accounts.