Cisco Cyber Range – Shall We Play a Game?
Were you around in 1983? Remember the movie “Wargames”? For many (me included), this was my first introduction to the world of hacking - although back then everything was analogue and slow dial-up which made things a real challenge finding the modems that would answer (which made it fun for some) – a little security by obfuscation if you like?
Step forward 31 years (ouch!) and we see all too often the reality of the cyber threat. The challenge is maintaining a high level of security without inhibiting our respective organizations ability to operate and prosper.
One big problem is that, the majority of the time, we are protecting against what is essentially the theoretical. How can any security team prepare itself and ensure it can deal with that significant targeted threat, stop it early and minimize the impact?
Our StealthWatch solution allows an organization to get complete visibility of their network and continuously monitor all host-to-host communications. Combined with advanced security intelligence the StealthWatch system helps organizations find the proverbial “needle in a haystack” and shut down security and performance issues before they impact day-to-day operations.
At Lancope we’ve been working with Cisco for many years and the StealthWatch system is now part of Cisco’s Cyber Threat Defense Solution and part of Cisco’s Cyber Range Service.
Cyber Range is, in essence, a war-gaming environment to help organisations improve their skills and lets all levels of an organization’s security team really understand thier challenges. It was developed by a team of Cisco Engineers based in Australia.
Essentially the core of Cyber Range is an infrastructure that simulates a typical organisation with an internet gateway, data center and application service and a local and remote user access network.
Organisations using Cyber Range can be part of the “Red Team”, attacking the network using the latest tools and techniques from both the perimeter and from within the network or the “Blue Team” who use an array of systems, including the StealthWatch system to detect and respond to the threats.
Various attacks can be generated including DDoS, “Day 0” and application attacks, network reconnaissance, data loss, malware (including mobile malware) and botnets.
In addition to StealthWatch, the “Blue Team” have an array of technologies at their disposal: endpoint protection, firewall, IPS/IDS, web and email proxy, identity and access management and SIEM.
The infrastructure includes virtualized, wireless and wired infrastructure including SDN (Software Defined Networks)
Cisco themselves provide the “Green Team” to control the infrastructure and evaluation the overall simulation.
If you are attending Cisco Live! In Melbourne (18th-21st March 2014) checkout the Cisco Cyber Range Techtorial (https://www.ciscoliveaustralia.com/connect/sessionDetail.ww?SESSION_ID=1359) and hear from the team that built Cyber Range or contact the team via firstname.lastname@example.org.