Re: What is a cyber-range?

["Dobbins, Roland" <rdobbins () arbor net>]

On Jul 7, 2011, at 6:40 AM, J.A. Terranson wrote:

> These old virtual routing platforms are cheap, easy to find on ebay or ebay-like sales arenas, and if stacked in the 
> hundreds could *easily* 
> simulate many hundreds of thousands of routers, while server farms cab be injected at appropriate points to simulate 
> the "local networks" residing 
> on these routers.


What they don't allow one to do is to launch attacks and test their effects on actual, modern, hardware-based routers 
and layer-3 switches.  

The viability of software-based Internet edge routers ended 7-8 years ago; any organization still relying on 
software-based edge routers can be taken down with a trivial DDoS attack, so no stress-testing of such architectures is 
really required, heh.

Also, the use of software-based routers/switches limits the attack bandwidth (bps) and throughput (pps) which can be 
utilized; this seriously limits the scope of resilience testing with regards to DDoS attacks.

On a side note, I've generally found that non-ironic use of the appellation 'cyber-' to be inversely proportional to 
actual security clue.  Therefore, I'd urge the really smart folks at Breakingpoint and other knowledgeable folks to 
avoid using the term 'cyber-range'; 'attack lab', 'testbed', et. al. are more descriptive and accurate, and don't carry 
the taint of Big Security hand-waving.

;>

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

                The basis of optimism is sheer terror.

                          -- Oscar Wilde

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave