This document outlines plans for setting up a secure cybersecurity lab with three main goals: 1) Support both Windows and Linux systems to emulate a real-world environment, 2) Be able to isolate the lab network from the campus network for exercises, and 3) Provide a mixed-use space for both security exercises and general usage. Key aspects of the lab setup include using virtual machines on physical systems to lower costs, purchasing a managed switch to isolate student workstations, and configuring older or vulnerable operating systems on student systems to simulate real-world targets.
Report
Share
Report
Share
1 of 10
More Related Content
Secure lab setup for cyber security
1. SECURE LAB SETUP
FOR CYBER SECURITY
Prepared By :
Birju Tank
GTU PG School, BISAG
GANDHINAGAR.
2. Main Messages
Developing a good cyber security laboratory and related
exercise takes:
Planning
Thought
Resources
Helps to think about goals and structure
3. Goals
Mixed use laboratory
Not enough space to dedicate to
security
Need to be able to connect/disconnect
from campus network quickly
Support both Windows and Linux
IUP only supported Linux, real-world
environment is heterogeneous
Be able to emulate a real-world enterprise
computing environment
5. One Way to Lower the Cost
Purchase one many-port switch to act as physical
switch, all hubs
Can isolate groups of ports
Can bridge groups where needed
Advantages
Significant cost savings
Reduced maintenance need
Disadvantage
Initial setup difficult
6. Cont’d
Use of Virtual Machines within Physical Machines
Products
Microsoft Virtual PC (used 2005)
Support discontinued for Mac environment in
8/2006
VMWare (used 2006)
Another possibility: Xen
Operating systems must be modified
Higher performance gained
7. Laboratory – Physical Issues
Want to provide some sense of physical security for
each station
Lab furniture is currently 8 cubicles with high walls
Problem: not good for general usage, students tend to
“hide” in lab and take over stations
Future: a more open physical environment?
8. INFRASTRUCTURE
Goals
Heterogeneous and Isolated Network
Same system for each student team
Replicating tool (e.g. Norton Ghost) saves much
time
Don’t forget to give each machine its own identity
9. Cont’d
Structure of Isolated Network
One zone (all systems off one hub)
Student Team Systems running older Windows
Server, Linux systems
Non-current OSs with known security holes
All tools used in lab exercises
Added several realistic-looking accounts (e.g.
backup, logwd, tomcat) with weak passwords
10. Cont’d
Structure of Isolated Network (continued)
Several Non-Student Systems
Other variants of Windows and Linux
1 Monitoring system
Additional Available Systems
Host systems can be used for internet access