When UTSA leaders set out to construct a facility that would house their School of Data Science and National Security Collaboration Center, they needed to create an environment that included layered physical and network security while embracing open collaboration among students, faculty, researchers and NSCC partners.
“We have created a space where UTSA students and professors have regular interaction with senior leaders from a national laboratory or publicly traded tech company just as easily as they could order a cup of coffee from a local café,” said Guy Walsh, founding executive director of the NSCC.
Nassos Galiopoulos, UTSA chief technology officer and deputy CIO, added, “We didn’t want silos. We wanted to merge these partners together for joint projects, but we had to address this from a technology perspective so as to not compromise security.”
To ensure the most robust and resilient infrastructure possible, UTSA University Technology Solutions focused on three main areas: mature cybersecurity practices (NIST-800-53), strengthened security posture/Zero Trust (NIST-800-207) and micro segmentation or the ability to segment and encrypt traffic on the network (NIST-800-171).
Supporting the work of graduate students and other researchers in the new building, San Pedro I is home to a Tier 3 Data Center with a 64-rack and a two-megawatt generator that can promote life safety during potential weather disruptions. To ensure the security of the data center, UTSA developed a sophisticated and proprietary security system. The university’s team derived inspiration from the airport industry for the architectural design of the data center and created multiple security zones, a deviation from the typical cage model. Each zone meets different controlled access standards and has enhanced audit capabilities.
Zero Trust framework standards assume that networks do not have a traditional edge and can exist anywhere—locally, in the cloud or elsewhere—both physically and otherwise. They uniquely address the modern challenges of today’s business, including securing remote workers, hybrid cloud environments and ransomware threats. Built to Zero Trust standards, UTSA’s unique infrastructure requires every user to be authenticated, authorized and continuously validated to gain access to applications and data.
Dozens of research areas are located in San Pedro I including the MATRIX: AI Consortium for Human Well-being, the Open Cloud Institute and laboratories specializing in bioinformatics, cyber-informed engineering, machine engineering, Internet of Things (IoT), robotics, smart transportation and related areas.
To protect the university’s most important asset, its network and the data stored within it, UTSA University Technology Solutions invested in micro segmentation technology as part of its Zero Trust build. This technology divides the data center in San Pedro I into smaller segments, down to the individual workload level, where security controls and services can be personalized to the user. This enables the university to segment traffic on the network and encrypt it in ways only specific devices can see.
Additionally, micro-segmentation allows the team to have specific security policies apply to each layer of the stack based on function, without installing multiple physical firewalls, while maintaining the integrity of the system in customized ways for each zone. This approach significantly bolsters a company’s resistance to attack.
“Watching the team design a zero-trust network while addressing all the federal and state requirements has been nothing short of inspiring. It truly speaks to innovation and collaboration on many levels,” said Kendra Ketchum, vice president for information management and technology. “The most anticipated outcome is reducing the time to science for our researchers and partners.”
To monitor online traffic and malicious activity, the first floor of San Pedro I includes a cybersecurity operations center with an attached war room. This area allows 15 agents to collaborate on threat intelligence activities and act accordingly. Special technologies enable UTSA to quickly highlight questionable activities—attempts to talk to sites that host malicious content—and respond accordingly.
The space will enable hands-on learning opportunities where UTSA students can experience, in a practical setting, how artificial intelligence and machine learning can be combined to advance cybersecurity practices.