Evolution of the ASSERT Computer Security Lab



Similar documents
Applications of Virtualization to Digital Forensics Education

Intro to Virtualization

Promoting Digital Forensics Awareness through the University of Alaska Fairbanks ASSERT Center

Microsoft Exchange Solutions on VMware

BLACK BOX. Quick Start Guide. Virtual Central Management System (VCMS) Works with LES Series Console Servers. LES-VCMS. Customer Support Information

Virtual Switching Without a Hypervisor for a More Secure Cloud

Parallels Plesk Automation

Replicating and Sharing Computer Security Laboratory Environments

- Brazoria County on coast the north west edge gulf, population of 330,242

Virtualised MikroTik

Best Practices for VMware ESX Server 2

System Requirements and Server Configuration

Windows Server 2008 R2 Hyper V. Public FAQ

How to Guide: StorageCraft Cloud Services VPN

Overview Customer Login Main Page VM Management Creation... 4 Editing a Virtual Machine... 6

Information Services hosted services and costs

IOS110. Virtualization 5/27/2014 1

CSG Windows Support Policy

RED HAT ENTERPRISE VIRTUALIZATION

Building a Virtual Desktop Infrastructure A recipe utilizing the Intel Modular Server and VMware View

Install Guide for JunosV Wireless LAN Controller

AKIPS Network Monitor Installation, Configuration & Upgrade Guide Version 16. AKIPS Pty Ltd

LaCie 5big Backup Server

MedInformatix System Requirements

CMPT 471 Networking II

ClearPass Policy Manager 6.3

Taking the Disaster out of Disaster Recovery

Bringing the Eko VM Home (302)

OS Installation Guide Red Hat Linux 9.0

PassTest. Bessere Qualität, bessere Dienstleistungen!

The VMware Administrator s Guide to Hyper-V in Windows Server Brien Posey Microsoft

A Project Summary: VMware ESX Server to Facilitate: Infrastructure Management Services Server Consolidation Storage & Testing with Production Servers

Parallels Server 4 Bare Metal

Intro to Virtualization

Professional and Enterprise Edition. Hardware Requirements

Balancing CPU, Storage

AKIPS Network Monitor Installation, Configuration & Upgrade Guide Version 15. AKIPS Pty Ltd

Hypervisor Software and Virtual Machines. Professor Howard Burpee SMCC Computer Technology Dept.

1.. Know the capabilities of the network system you are going to be adding cameras and/or DVR s to. Meaning, know if the present LAN has the

Optimize VMware and Hyper-V Protection with HP and Veeam

Addendum No. 1 to Packet No Enterprise Data Storage Solution and Strategy for the Ingham County MIS Department

Microsoft Hyper-V chose a Primary Server Virtualization Platform

How To Manage An Iscsi Vsa With An Hp Storevirtual Storage With An Iscsi Vsa

Cloud n Service Presentation. NTT Communications Corporation Cloud Services

Datto Whitepaper: Business Continuity Built from the Ground Up. Business Continuity Built from the Ground Up THE ONLY CONTINUITY

DS NVR Prospective Network Configurations

Virtual Desktop Infrastructure (VDI) made Easy

General system requirements

Expert Reference Series of White Papers. Visions of My Datacenter Virtualized

AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT THREE. Computer Basics and Virtual Machines.

Altor Virtual Network Security Analyzer v1.0 Installation Guide

Stratusphere Solutions

Issues in Information Systems Volume 16, Issue I, pp , 2015

Before we can talk about virtualization security, we need to delineate the differences between the

CLAS Linux Team Linux Support Policy

Virtual Computing and VMWare. Module 4

Setting up Windows Phone 8 environment in VMWare

Data Center Op+miza+on

Xen Virtualization: Xen (source) and XenServer

Download Virtualization Software Download a Linux-based OS Creating a Virtual Machine using VirtualBox: VM name

Running Windows on a Mac. Why?

VMware Training for the Future

Aerohive Networks Inc. Free Bonjour Gateway FAQ

VIDEO SURVEILLANCE WITH SURVEILLUS VMS AND EMC ISILON STORAGE ARRAYS

Creating a Linux Virtual Machine using Virtual Box

Workstation Virtualization Software Review. Matthew Smith. Office of Science, Faculty and Student Team (FaST) Big Bend Community College

DESIGN OF A LABORATORY FOR INFORMATION SECURITY EDUCATION

Building a SQL Server Test Lab. Ted Krueger SQL Server MVP Data Architect

FINANCIAL SERVICES BOARD

Emulex OneConnect 10GbE NICs The Right Solution for NAS Deployments

Desktop U-M. September 28, 2011 Ryan Henyard ITS Desktop Infrastructure

Analysis of VDI Storage Performance During Bootstorm

Bosch Video Management System High Availability with Hyper-V

Real World Cloud Infrastructure with Red Hat Enterprise Virtualization and Red Hat Network Satellite

Enabling Technologies for Distributed Computing

NetBoot Fundamentals and Customizations

SETTING UP AND USING A CYBER SECURITY LAB FOR EDUCATION PURPOSES *

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5

VMware vsphere 5.0 Evaluation Guide

Windows Server 2012 Hyper-V Virtual Switch Extension Software UNIVERGE PF1000 Overview. IT Network Global Solutions Division UNIVERGE Support Center

Virtualization with Windows

The Octagon. Computer Support Group

In order to upload a VM you need to have a VM image in one of the following formats:

Custom Integration Solutions

Red Hat Enterprise Virtualization - KVM-based infrastructure services at BNL

Virtualization Management the ovirt way

Microsoft SMB File Sharing Best Practices Guide

HP SN1000E 16 Gb Fibre Channel HBA Evaluation

Citrix XenServer 5.6 Feature Pack 1 Quick Start Guide. Published Monday, 17 January Edition

Windows 2003 Server Installation Guide

Remote PC Guide Series - Volume 1

ISERink Overview. Version 1.1. February 1, 2015

How To Build A Cloud Server For A Large Company

Building a cost-effective and high-performing public cloud. Sander Cruiming, founder Cloud Provider

Network Infrastructure

Configuration Maximums VMware Infrastructure 3

Migrating to ESXi: How To

DELL. Dell Microsoft Windows Server 2008 Hyper-V TM Reference Architecture VIRTUALIZATION SOLUTIONS ENGINEERING

VMware vsphere-6.0 Administration Training

Transcription:

Evolution of the ASSERT Computer Security Lab Brian Hay Kara Nance University of Alaska Fairbanks Agenda n Motivation n Initial Configuration n Virtualization Host Based Images n Virtualization Network Based Images n Network Isolation n Alternative Approaches 1

Motivation n Need for an environment which allows students, faculty, and staff to gain hands-on experience with IA concepts. n Need for a controlled research environment. n General purpose labs are typically illsuited for this use. Needs so you want to build a lab n Space n Equipment n Champion 2

Proof of Concept Lab n General purpose CS lab moved to Windows/Linux dual boot, freeing some space for a dedicated IA Lab. n However, there was little funding available for lab equipment. Proof of Concept Lab So, we looked for alternate sources of equipment! 3

Surplus Equipment n Many institutions maintain a surplus warehouse. n Good source of older, but still useful, equipment. n For example, 30 identical 1GB hard drives (computer forensics exercises). n Extra NICs and RAM. n Lab upgrades were also a good source of multiple identical computers. Surplus Equipment n Initial configuration n 10 homogenous systems (surplus) n 1 server with extra HDD (surplus) n 10 monitors (surplus) n Basic switch (~$50) n Ethernet Cable (~$50) 4

Initial Configuration n Workstations n 20 GB HDD split into four 5GB partitions. n Different OS loaded on each partition (2 Windows, 2 Linux). n Base images stored on server. n Script allows user to reload any partition with base image. n Server n DHCP, DNS, Web, Mail, and base images. Initial Configuration n Advantages n Gives user full control of system. n Ability to restore base configuration. n Lots of basic IA exercises possible. n Disadvantages n Not easy to save configurations. n Limited network configurations. n User tied to particular workstation. n Only one system per physical machine. 5

Initial Configuration n Major Advantage Proof-of-concept lab was used to generate momentum n Credibility n Fundability n Excitement Virtualization Host Based Images n NSF Capacity Building grant and UAF Technology Advisory Board provided some funds for new equipment. n Workstations with more RAM and larger HDD to support virtualization. n Network equipment router and managed switch. n VMware workstation software. 6

Virtualization Host Based Images n Malicious activity confined to VMs on VM network. Virtualization Host Based Images n Advantages n Gives user full control of VMs. n Ability to snapshot (save) and restore VM configuration. n Multiple VMs per physical machine (and use of virtual networks). n Disadvantages n Limited network configurations. n User tied to particular workstation. 7

Virtualization Host Based Images n Major Advantage Generated further momentum n More credibility n More fundability n More excitement Virtualization Network Based Images n UAF internal grant provided some funds for new equipment. n Server with additional storage (~1.5TB). n VM Images moved from individual workstations to server. 8

Virtualization Network Based Images n Malicious activity confined to VMs on VM network. n VM image traffic confined to User network. Virtualization Network Based Images n Network determined to be performance limiting factor. n Replaced 100Mb user switch with Gigabit switch. n Workstations had existing Gigabit NIC. n 3Gb/s bonded channel from server to switch. n 1 Gb/s link to each workstation. 9

Virtualization Network Based Images n Malicious activity confined to VMs on VM network. n VM image traffic confined to User network. Virtualization Network Based Images n Advantages n Gives user full control of VMs. n Ability snapshot (save) and restore VM configuration. n Multiple VMs per physical machine (and use of virtual networks). n User no longer tied to particular workstation. n Improved VM performance (no lag during normal use, and acceptable performance during start/stop/snapshot operations). n Disadvantages n User required to physically be in ASSERT Lab. 10

External Network Connectivity n ASSERT Lab is physically isolated from external networks. n Makes updating/patching and new software installation more challenging. n However, no opportunity for accidental impact on external networks. Alternate Configurations n Boot existing general purpose lab system with: n Live CD n Limited ability to save current state. n User can easily compromise physical system. n Alternate partition n User tied to physical machine. n User can easily compromise physical system. 11

Conclusions n Extended to Montana State University n Continually evolving n NSF Planning Grant n Research Partnerships 12

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information