Want to improve the security of your ecommerce website?

Learn how

CrowdSec Protects the IUT de Bordeaux against Breach Attempts Using the Power of the Crowd

Bordeaux IUT has 4000 students, employs 500 permanent staff, and maintains campuses in Agen, Bordeaux, Gradignan and Périgueux. The IUT’s IT department oversees the provision and maintenance of Information Systems (IS) for students and faculty and an infrastructure of 2200 PCs on Agen and Gradignan campuses, 18 servers, 110 VM servers — running on Windows and Linux Debian — and around 150 manageable switches.

The challenge

With such a massive infrastructure to oversee and maintain, the IT department faces multifaceted challenges in safeguarding the institution’s digital infrastructure. In May 2022, Bordeaux IUT encountered a significant security setback when a massive attack targeted its Windows infrastructure. The ensuing challenge was not only to restore functionality promptly but also to address underlying security vulnerabilities. 

“The challenge was to reopen as quickly as possible by fixing the security flaws that had enabled the attack. After two months, it was partially reopened. VDI infrastructure was to be completely overhauled, VMWare Horizon, and reopened one year later,” said Marc Leforestier, Head of IT at Bordeaux IUT.

This incident underscored the critical need for robust security measures to protect against future threats.

Protecting the IUT Bordeaux infrastructure using the power of the crowd

To fortify their defenses, Bordeaux IUT audited various security tools, including TrendMicro and DarkTrace. And although DarkTrace was chosen to oversee the Virtual Desktop Infrastructure (VDI), it was CrowdSec’s open source nature, comprehensive documentation, and collaborative approach that stood out and was the solution of choice to protect the wider network. Within a week of discovery, CrowdSec was seamlessly integrated across all Linux servers, substituting Fail2Ban’s protection on servers in the DMZ.

For Marc Leforestier, what really made CrowdSec different was its alignment with the ethos of openness and collaboration ingrained within Bordeaux IUT. Unlike previous solutions, CrowdSec offered unparalleled transparency, eliminating false positives and providing actionable insights. Notably, the CrowdSec Security Stack aided in identifying and rectifying issues on Bordeaux IUT’s WordPress site, enhancing overall security posture.

“Open source is in the DNA of the IUT. Naturally, this aligned perfectly with CrowdSec’s openness, meticulous documentation, and collaborative approach, as well as zero false positives. Basically, everything that Fail2Ban lacks, CrowdSec offers.”

The outcome

Since January 2024, CrowdSec has blocked over 300,000 requests in pfSense, showcasing its efficacy in mitigating threats. The open source nature and user-friendly interface of CrowdSec have significantly bolstered day-to-day operations and enhanced the institution’s security posture. Bordeaux IUT now operates with greater confidence, knowing that its digital infrastructure is fortified against evolving threats.

The integration of CrowdSec into Bordeaux IUT’s digital infrastructure exemplifies the transformative impact of innovative security solutions. By leveraging CrowdSec’s open source solution and collaborative approach, Bordeaux IUT has not only mitigated security risks but also fostered a culture of transparency and resilience. As cybersecurity threats continue to evolve, institutions like Bordeaux IUT stand prepared, equipped with the tools and strategies needed to safeguard their digital assets.

You may also like

Le Monde Uses CrowdSec to Automate Protection of Internet-Facing Resources and Maximize Operational Efficiency
Use Case

Le Monde Uses CrowdSec to Automate Protection of Internet-Facing Resources and Maximize Operational Efficiency

Le Monde, one of the most prestigious news organizations, utilizes CrowdSec to enhance their security, reduce operational costs, and supercharge efficiency.

scalecommerce plummets operational costs and skyrockets efficiency with crowdsec
Use Case

ScaleCommerce Uses CrowdSec to Plummet Operational Costs and Skyrocket Efficiency

ScaleCommerce, a leading provider of high-performance and secure online shop solutions, uses CrowdSec to reduce operational costs and supercharge efficiency.

Scalable and Low-Friction Authentication for MSSPs with the CrowdSec IDPS
Use Case

Scalable and Low-Friction Authentication for MSSPs with the CrowdSec IDPS

Scaling can be an issue for smaller teams. See how we helped an MSSP user achieve scalable & low-friction authentication in 30 minutes with the CrowdSec IDPS.