Enhancing cyber infrastructure security with virtual sandboxes and cyber ranges
- By Shashi Kiran
- Nov 01, 2016
With cyber-attacks on the ascent, the
need to strengthen the security posture
and be responsive is top of mind for CIOs,
CEOs and CISOs. Security is closely interlinked
to all aspects of the business and
has a direct bearing on business reputation,
privacy and intellectual property. Unfortunately,
the IT stack continues to get complicated even
as attacks continue to get sophisticated. Further artificial
simulations undertaken without a real-world replica or a
virtual-only scenario can often overlook vulnerabilities that
could not be seen in a simulated environment. And, in the
cases where an investment is made in building the complex
testing infrastructure, it can often be cost prohibitive aside
from the time spent to set up and tear down infrastructure
This is where traditional security test beds run into bottlenecks,
as they require significant, costly investments in hardware
and staffing and even then cannot scale effectively to address
today’s growing network traffic volume and ever-more-complex
attack vectors. Government, military and commercial organizations
are deploying “cyber range,” test beds that allow war games
and simulations to strengthen cybersecurity defenses and skills.
It is integral to make these test beds highly efficient, cost-effective
and scalable. Over the last few years there has been a need to
replicate large scale, complex and diverse networks. One that can
orchestrate a hybrid sandbox containing both virtual and physical resources needed for the assessment of cybertechnologies.
Because cyber ranges are a controlled sandbox, a smart solution
needs resource management and automation features that provide
the ability to stand up and tear down cyber range sandboxes
as needed in a repeatable manner.
Operational conditions and configurations are easily replicated
to re-test cyber attack scenarios. This sandbox uses resources such
intrusion detection, malware analyzers, firewall appliances and
common services such as email and file servers. The sandbox resources
are isolated into white, red and blue team areas for cyber
warfare exercise scenarios in a controlled sandbox.
The industry is now demanding containerized portable infrastructure
to support virtual sandboxes and cyber agents with
on-demand containerized infrastructures to create and manage
cyber ranges and private cloud sandboxes. Through full infrastructure
and IT environment virtualization and automation, security
conscious enterprises can save millions of dollars in costs
associated with creating, delivering and managing the full stack
of physical compute, network and storage resources in highly secure
One such customer is the United States Defense Information
Systems Agency (DISA) the premier combat support agency of
the Department of Defense (DoD). According to Ernet McCaleb,
ManTech technical director and DISA Cyber Range chief
architect this solution provided them with the means to fulfil their
mission without sacrificing performance or security and deliver
their MPLS stack at a fraction of the cost.
Cyber Ranges are not just for federal defense establishments
alone. They have broader applicability across the Enterprise.
Top 3 reasons to use Cyber Ranges
- Lower costs of simulating Security testing.
- Increase agility and responsiveness by combining automation
with cyber ranges.
- Harden security posture.
Three questions to Consider Choosing
Cyber Ranges or Sandbox Infrastructure
- How flexible is the Cyber Range solution?
- Does it allow modeling of physical, virtual and modern containerized
- What’s the cost of building and operating one?
As enterprises bring newer security tools into their arsenal
against cyber-attacks, the modern cyber ranger solutions should
definitely be on top of their consideration list.
This article originally appeared in the November 2016 issue of Security Today.