NAME Cyber-Range Laborategia

DESCRIPTION

Cyber-range-a, langileen prestakuntzarako eta zibersegurtasuneko teknologiaren ikerketa eta garapenerako erabiltzen den ingurune birtual bat da. Cyber-rangek IT / OT sistemen egonkortasuna, segurtasuna eta errendimendua indartzen laguntzen duten tresnak biltzen ditu. Ikuspegi fisiko batetik, cyber-rangek kontrolatzen duen Security Operations Center (SOC) bat antolatzeko gela bat dugu eta baita ere prestakuntza/trebakuntza eta ikerketako ariketak egiteko beste gela bat.SOCek, IPS IDS eta SIEMS erasoak monitorizatzeko eta prebentziorako software bat du, ziber-ariketen eta cyber-rangeak gainbegiratzeko. Bigarren aretoak ariketetan parte hartzen duten pertsonen ”(ikasle edo ikertzaile) konputagailuak, pantailak, eta sistemako informazio duten bideos-sistemak-ak dauzka hormetan eta baita lanean ari den IT / OT sareko eszenatoki desberdinak errepikatzeko erabili nahi den ekipamendu fisikoa ere. Heziketa/prestakuntzari dagokionez, cyber rangek, Capture The Flag (CTF) edo Red-VS-Blue motako ariketak egiteko aukera ematen du. CTF bat taldetan oinarritzen den erronka zibernetiko bat da; normalean, 10-20 talde (talde batek lau lagun inguru izaten ditu) zerbitzariei eraso egiten lehiatzen dira eta kontrolatzea lortuz gero puntuak lortzen dituzte. Red-VS-Blueko ariketetako kasuan, talde bi sortzen dira: sistema erasotzen duena eta defendatzen duena. Ariketetako gelaren konfigurazioa beraz malgua da era bateko zein besteko ariketetarako, konfiguratu izan ahal dadin.

FIELDS OF APPLICATION

Asset protection

Asset recovery

Attack detection

Attack response

Identification of threats and risks

MOST OUTSTANDING EQUIPMENT AND COMPONENTS

  • CYBER RANGE MASTER ROOM

    The Cyber Range Master room is the place where Cyber Ranges are held. It allows to carry out Cyber Ranges in which up to a maximum of 10 people can participate. Each participant has a Workstation with a double screen to carry out the Cyber Range.
    The Cyber Range is monitored on a wall screen consisting of 10 screens of 55 "model Dell 55 Conference Room.
    It also has equipment to create the Cyber Ranges scenarios as:
    -2 3D printers with different technology: FDM FlashForge Dreamer Printer and SLA Wanhao duplicator 7 printer
    -Virtual Reality Equipment (VR)/Augmented Reality (AR) composed by:
    * Alienware Area-51 with Monitor
    * Virtual reality glasses brand OCULUS
    * Virtual reality glasses brand HTC Live
    The Cyber Range supports the use of different software for the execution of Cyber Ranges.

  • SECURITY OPERATIONS CENTER (SOC)

    It is composed by the equipment from which the Cyber-range is controlled. It has monitoring, supervision and prevention software for IPS, IDS and SIEM attacks. It is composed by:
    - FortiSIEM FSM-2000F: SIEM-specific hardware with perpetual licensing for monitoring 100 devices and 1,000 events per second.
    - 3 workstations with Dell equipment, model Optiplex 3050 Mini Tower XCTO, with Dell 22 "monitors, with the following features each workstation:
    * Intel Core i5-6400 processor, 4Cores 2.7 GHz
    * DVD +/-RW
    * 4GB (1x4GB) 2400MHz DDR4
    * hard drive 3.5 "500GB 7200rpm SATA
    * extra 1GB AMD Radeon R5 430 graphics card (DP/VGA)
    * USB keyboard Dell KB-522
    * Dell MS116 USB Optical Mouse
    * O.S. Español Windows 10 Pro (64bits)
    * 2 monitors Dell 22 "S2218H-54, 6cm (21.5 ") Black

SERVICES OFFERED BY THE ASSET

Cyber range training

Introduction to the concept of cyber range, existing types and exercises that can be performed, carrying out cyber-exercises in the environment of cyber range.

Cybersecurity test environment and product and/or process demonstration in a controlled environment

Performing cybersecurity testing of new products and/or processes by defining and executing cyber range scenarios, using Red Team, Blue Team, White Team and combined types. Cyber ranges can be carried out on the cybersecurity asset in the Electricity Network and on the Blockchain asset.

Practical training in cybersecurity

Carrying out cyber-exercises in a cyber range environment for practical training in cyber-attack tactics, cyber-defence and forensic tactics at individual, group and competitive levels.

Test and demonstration environment for new cyber range products

Testing new products with the aim of defining and executing cyber range scenarios in industrial environments, using Red Team, Blue Team, White Team and combined types.

Test and demonstration environment for new security products

Testing of new cybersecurity products for detection, response, resilience and recovery.

ENTITY MANAGING THE ASSET

ENTITY MANAGING THE ASSET
FUNDACIÓN TECNALIA RESEARCH & INNOVATION
Contact person:
Ana Isabel Ayerbe Fernandez-Cuesta
ana.ayerbe@tecnalia.com