NAME Cyber-Ranges Laboratory

DESCRIPTION

A cyber-range is a virtual environment that is used for the training of personnel and for the research and development of cybersecurity technology. The cyber-range includes tools that help strengthen the stability, security and performance of IT / OT systems. From the physical point of view, there is a room to host a Security Operations Center (SOC), which is the one that controls the cyber-range, and a second room that is where training and training exercises takes place. The SOC has software for monitoring, supervising and preventing IPS, IDS and SIEMS for the supervision of cyber-exercises and cyber-ranges. On the other hand, the second room includes work stations for the people that will take part in the exercises (students or researchers), screens and video walls with information on the system, as well as the physical equipment needed to replicate the different scenarios of the IT / OT network for the cyber-ranges. Concerning training, the cyber range allows to perform exercises of the type Capture The Flag (CTF) or Red-VS-Blue type. A CTF is a cybernetic challenge based of about four people that compete to attack servers and, if they manage to control, get points. In the case of Red-VS-Blue exercises, two teams are created, one that attacks a system and the other that defends it. The configuration of the exercise room is therefore flexible, so that it can be configured for one type of exercise as well as for the other.

FIELDS OF APPLICATION

Asset protection

Asset recovery

Attack detection

Attack response

Identification of threats and risks

MOST OUTSTANDING EQUIPMENT AND COMPONENTS

  • CYBER RANGE MASTER ROOM

    The Cyber Range Master room is the place where Cyber Ranges are held. It allows to carry out Cyber Ranges in which up to a maximum of 10 people can participate. Each participant has a Workstation with a double screen to carry out the Cyber Range.
    The Cyber Range is monitored on a wall screen consisting of 10 screens of 55 "model Dell 55 Conference Room.
    It also has equipment to create the Cyber Ranges scenarios as:
    -2 3D printers with different technology: FDM FlashForge Dreamer Printer and SLA Wanhao duplicator 7 printer
    -Virtual Reality Equipment (VR)/Augmented Reality (AR) composed by:
    * Alienware Area-51 with Monitor
    * Virtual reality glasses brand OCULUS
    * Virtual reality glasses brand HTC Live
    The Cyber Range supports the use of different software for the execution of Cyber Ranges.

  • SECURITY OPERATIONS CENTER (SOC)

    It is composed by the equipment from which the Cyber-range is controlled. It has monitoring, supervision and prevention software for IPS, IDS and SIEM attacks. It is composed by:
    - FortiSIEM FSM-2000F: SIEM-specific hardware with perpetual licensing for monitoring 100 devices and 1,000 events per second.
    - 3 workstations with Dell equipment, model Optiplex 3050 Mini Tower XCTO, with Dell 22 "monitors, with the following features each workstation:
    * Intel Core i5-6400 processor, 4Cores 2.7 GHz
    * DVD +/-RW
    * 4GB (1x4GB) 2400MHz DDR4
    * hard drive 3.5 "500GB 7200rpm SATA
    * extra 1GB AMD Radeon R5 430 graphics card (DP/VGA)
    * USB keyboard Dell KB-522
    * Dell MS116 USB Optical Mouse
    * O.S. Español Windows 10 Pro (64bits)
    * 2 monitors Dell 22 "S2218H-54, 6cm (21.5 ") Black

SERVICES OFFERED BY THE ASSET

Cyber range training

Introduction to the concept of cyber range, existing types and exercises that can be performed, carrying out cyber-exercises in the environment of cyber range.

Cybersecurity test environment and product and/or process demonstration in a controlled environment

Performing cybersecurity testing of new products and/or processes by defining and executing cyber range scenarios, using Red Team, Blue Team, White Team and combined types. Cyber ranges can be carried out on the cybersecurity asset in the Electricity Network and on the Blockchain asset.

Practical training in cybersecurity

Carrying out cyber-exercises in a cyber range environment for practical training in cyber-attack tactics, cyber-defence and forensic tactics at individual, group and competitive levels.

Test and demonstration environment for new cyber range products

Testing new products with the aim of defining and executing cyber range scenarios in industrial environments, using Red Team, Blue Team, White Team and combined types.

Test and demonstration environment for new security products

Testing of new cybersecurity products for detection, response, resilience and recovery.

ENTITY MANAGING THE ASSET

ENTITY MANAGING THE ASSET
FUNDACIÓN TECNALIA RESEARCH & INNOVATION
Contact person:
Ana Isabel Ayerbe Fernandez-Cuesta
ana.ayerbe@tecnalia.com