West African Examinations Council Nigeria, Africa
Cyberoam Provides Internet Security to West African Examinations Council
About West African Examinations Council, Education / Non-Profit Organization

The West African Examinations Council (WAEC), a non-profit-making organization, with its head-quarters in Accra, Ghana, was established in 1952 after the Governments of Ghana (then Gold Coast), Nigeria, Sierra Leone and The Gambia enacted the West African Examinations Council Ordinances in 1951. Liberia became the fifth member of the Council in 1974.

The Council has the responsibility of ascertaining examinations required in the public interest in the English-speaking West African countries, comparable to those of equivalent examining authorities internationally, and to develop syllabuses, arrange and administer examinations and to award certificates. The Council consists of 60 members, representing the Governments, the Universities, Secondary Schools and other interested parties in the five member states. The West African Examination Council (WAEC) has also launched new online services aimed at helping thousands of private candidates in the country register for the examination.

Internet is used as a lifeline as it is the principle business enabler and there can be no compromise when it comes to Internet connectivity and security is the most productive resource. Thus, business cannot be run without Internet connections. Also, they needed to ensure connectivity to remote application servers outside their network.


Content filtering was one of the major factors when deciding on a security solution, which was needed to protect the staff from accessing potentially harmful, Phishing and Pharming websites.

Mr. Oforha D. Chukwumaeze
Deputy Director
WAEC


According to Mr Oforha D. Chukwumaeze, Deputy Director, Facilities at WAEC, the company was facing the following security and connectivity challenges related to its business activities.

Battening the Fringe

Mr. Oforha wanted a solution that would control the entire Internet traffic and provides a level of protection from network-based attacks by allowing good traffic and denying bad traffic as defined by a security policy. They needed to protect the network against intentional and unintentional intrusion attempts, and Denial of Service attacks.

Supervising Website Access

Content filtering was one of the major factors when deciding on a security solution, which was needed to protect the staff from potentially harmful, Phishing and Pharming websites. In case of blended threats, the Deputy Director was looking for a solution that could block all illicit download over the Internet.

Phishing, Pharming and nasty Websites need to be plugged away. “As an Examination Council, we required appropriate content filtering for all the staff members,” said Mr. Oforha.

The company wanted to monitor and restrict its users from accessing unproductive sites such as music, video, social networking, etc to help them in their work. Opening up access to these sites for all users resulted in bandwidth getting “choked”. They were not able to allocate bandwidth to individual users and groups of people from different departments and units. Bandwidth needed to be managed and prioritized to achieve maximum business advantage. They wanted to ensure productive use of bandwidth. They wanted a suitable content filtering solution with reporting feature for showing graphs and traffic results on specific sites accessed by staff.

VPN Connectivity

West African Examination Council has evolved into an organization with independent networks at 28 sites supporting a large number of users. “Connectivity and central management of all 28 sites from the headquarters was not possible.

Additionally, to connect to our application server outside the network, we used Managed Private Network (MPN) but it was very expensive”, said Mr. Oforha. The primary challenges for WAEC were to provide access to sensitive data across a more secure and stable VPN and to improve the management reporting on Internet usage and accessibility.

The Cyberoam Solution

After tracing the market for the right solution, WAEC purchased twenty-eight (28) units of Cyberoam CR50ia enterprise-class UTM appliance, which were soon deployed in gateway mode across all the locations. The locations were:

No Location No Location
1 ABEOKUTA 15 PORT-HARCOURT
2 ABUJA 16 UMUAHIA
3 AKURE 17 UYO
4 ASABA 18 YOLA
5 AWKA 19 MAIDUGURI
6 BAUCHI 20 JOS
7 CALABAR 21 SOKOTO
8 ILORIN 22 OWERRI
9 KANO 23 KADUNA
10 KATSINA 24 ENUGU
11 LOKOJA 25 OGBA
12 MAKURDI 26 BENIN
13 MINNA 27 YENEGOA
14 OSHOGBO 28 IBADAN

After deploying the solution, the following benefits were noted:

  • The Barricade of Fire – Firewall

    Cyberoam firewall is ICSA and Checkmark certified - provides granular access controls over Internet traffic and the network resources. This helps to determine if a data packet should be permitted or discarded through the firewall to the internal LAN. The LAN contained separate internal zones related to student’s data, examination results, and student’s private details which were now protected. Also, staff employees were able to seamlessly continue to access Internet resources ensuring that no security loopholes are left open.

  • Controlled and Secure Browsing + Enhanced Reporting

    The organization needed to know who was accessing what sites and as such needed an identity based filter and reporting system that would include a users’ online behavioural audit. It would also be required to block harmful spyware/malware infested sites. One of the most important vectors of worry was the employee productivity. The productivity might be affected while spending precious time in unproductive surfing and messaging. Cyberoam UTM’s web content filtering feature controls Internet access in the entire organization by blocking inappropriate and unsafe Web content, including phishing and other malware-laden sites. Moreover, Cyberoam’s identity-based filtering allows sets individual user Internet access policy, surfing quota, time limits and bandwidth restrictions.

    Mr. Oforha adds, “We were definitely very pleased with this reporting module. Gaining simple view into applications with user name, source, destination and the extent of usage, enabling them to zero in on knave users and systems easily is the best part of Cyberoam UTM.”

  • Flexible Internet Connectivity

    The CR50ia appliance deployed at the Head Office was used to ensure IPSec VPN connectivity along with the 27 CR50ia appliances at branches. This allowed remote office users to flawlessly access their work without any uncertainties of collapses in Internet traffic. Mr. Oforha said, “Cyberoam was the wisest choice after looking at various options. This is because we can connect to our various zonal and branch offices most securely through IPSEC VPN and connections are now seamless. Creation of the VPN is also easy and straight forward. Moreover, MPN is now a thing of the past as we do not pay the normal recurring charges on the MPN.”

    Threat-free Tunnelling (TFT)-driven VPN ensures that all such traffic is securely encrypted. Highly encrypted traffic enforced security over the Internet and ensures that no malware sneaks through.

  • To Wrap it Up

    “Cyberoam has turned up very constructive for our organization. It has aided us to accomplish what we desired. In one line we can say "Cyberoam is a rock-hard product with some exceptional features - very trouble-free to set up and direct."”, Mr. Oforha concluded.