Security
Safeguarding Education Through Innovation
MERLIN delivers enterprise-grade cybersecurity solutions tailored for Manitoba’s education and public sectors — from threat detection and firewalls to DDoS protection and proactive scanning, we keep your networks safe so learning never stops.
All email accounts hosted by MERLIN are scanned for spam and viruses. This service is also available for an annual fee to any school division that runs and maintains its own email server.
Highly targeted phishing campaigns are the top concern as spammers are utilizing improved techniques for evading IP reputation-based and traditional anti-virus tools. MERLIN continues to use new and novel methods to keep users from receiving unwanted or malicious email.
All Internet traffic through MERLIN is protected from DDoS attacks. MERLIN currently sees over 100 Distributed Denial of Service (DDoS)
attacks per month. MERLIN leverages a DDoS Mitigation Service from our Internet Service Provider which continues to be very effective. Tools for DDoS attack protection and mitigation are also implemented and built into our core networking infrastructure.
CIRA has leveraged their expertise in DNS to offer a suite of cybersecurity services to protect Manitoba educational organizations from cyberattacks. These include Anycast DNS infrastructure, DNS Firewall (enterprise level protection) and Cybersecurity Awareness training platform. Currently, 25 domains are using CIRA’s Anycast service through MERLIN.
MERLIN, in collaboration with CANARIE, is a participant in the Canadian
Shared Security Operations Centre (CanSSOC) project to identify and share security threat intel with institutions across Canada. This threat intel is integrated into MERLIN security services to provide protections to our client.
Based on a Palo Alto Networks firewall and currently serves 34 educational organizations. It includes all the protection of MERLIN’s vulnerability protection service and provides the following additional benefits:
- Layer 7 next-generation firewall technology which provides application visibility. Clients can identify and classify application traffic from applications such as Facebook, YouTube, Dropbox, iTunes, X (formerly known as Twitter), FaceTime, Pinterest, Instagram, BitTorrent, and Netflix.
- User identification through the firewall’s User ID functionality. This connects to a division’s user directory and provides the ability to apply application control rules to the appropriate users and groups.
- Application control by user or group which provides flexibility on how, when, and to what destinations they are allowed. Applications can be blocked, allowed, or limited based on the application’s category and the educational need.
- Visibility of internal device addresses which increases the client’s ability to track down and identify the source of malicious traffic and unwanted applications.
- Content filtering by user or group allows for multiple unique content filtering profiles within a single school or site.
- Secure VPN with MFA access to internal systems for staff.
- Advanced vulnerability, anti-virus, and spyware protection
Internal network security scans help protect your organization by regularly checking your internal systems for potential vulnerabilities—like outdated software, weak spots, or misconfigurations.
These scans work behind the scenes to detect issues early, so they can be fixed before they lead to serious problems like data breaches or downtime.
Our Off-Site Immutable Data Backup service keeps your most critical files safe, secure, and tamper-proof—no matter what happens.
By storing backups in a separate physical location and locking them against changes, we ensure your data remains untouched and available when you need it most. Even in the event of a cyberattack, accidental deletion, or system failure, your backup stays clean and recoverable.
MERLIN has implemented a number of security scanning tools to actively scan and monitor our education client’s public facing service for security vulnerabilities and potential exposure.
Security-as-a-Service utilizes our groundbreaking cybersecurity mesh architecture (CSMA) to deliver a decentralized security solution while creating a flexible and adaptive security perimeter.
CSMA advanced AI and ML are in constant communication with the key tools we use to deliver Stratejm-Bell K-12 Security-as-a-Service including:
- A managed SIEM – Security Information and Event Management (powered by FortiSIEM)
- Vulnerability Management – a continuous, proactive process of identifying, evaluating, treating, and reporting on security vulnerabilities in systems and software (powered by Qualys)
- Threat Intelligence Sources – ongoing threat awareness and alert updates along with security advisories (powered by Anomali)
- SOAR – Security Orchestration, Automation, Response (powered by FortiSOAR)
- Configuration Management Database (CMDB) – providing a comprehensive view of your IT assets.
MERLIN provides protection from known vulnerabilities, spyware, and viruses by utilizing a Palo Alto Networks firewall. Non-hosted firewall client traffic passes through this firewall and is:
- Scanned for client and server-based vulnerabilities – Vulnerabilities classified as critical, high, and medium severity are automatically blocked.
- Scanned for viruses – Web, FTP, IMAP, POP3, SMTP,
and SMB traffic is analyzed. Traffic containing
viruses is blocked and the connections are reset. - Examined for spyware – Spyware categorized and
classified as critical, high, and medium severity are
automatically blocked and connections are reset.
MERLIN also makes use of Palo Alto’s Advanced Wildfire service for all client traffic. This service uploads unknown executables and portable apps to its Cloud sandbox. Files are executed and all activity is monitored to determine if the file contains malware or behaves in a malicious way. Future downloads of any files identified as malicious are blocked.
MERLIN provides blocking or filtering of undesirable Internet web content.
Contact Us
For more information about Security