Re: Training or lab environments for cybersecurity programs at institutions

["Johnson Akse, Terri" <Terri.JohnsonAkse () PPCC EDU>]

We work with our ITSS group – they originally separated us off the physical network, but with the approval of our new 
cyber degree path they invested in building us a VMWare ESX infrastructure that is isolated but reachable from our 3 
(soon to be 4)  cyber classrooms.

Since you are in Colorado, you might be able to come visit us  – I’m sure that our ITSS VP would be happy to talk with 
you about the specifics. You can email me directly at terri.johnson () ppcc edu<mailto:terri.johnson () ppcc edu>, and 
I’m happy to set you up with him!!

Terri Johnson
CCNA Security, CCNA R&S
PPCC Faculty
719-502-3077

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Dennis 
Bolton
Sent: Monday, January 22, 2018 11:13 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Training or lab environments for cybersecurity programs at institutions

Hi,

We have also followed the air gap approach with the program's network limited to a specific classroom or classrooms.  
Instructors also have students sign an Ethical Hacking agreement.  In some labs students also purchase their own hard 
drives to use during the course period and must remove the drives at the end of each class session.    As an FYI we are 
seeing a lot of removable media being shuffled between the air-gap network and regular lab\classroom computers, which 
has not been an issue so far, but is something we are keeping an eye on.

--
Dennis Bolton
Information Security Officer
Dodge Hall Rm 220
118 Library Drive
Rochester, MI 48309-4401
248-370-4803

On Mon, Jan 22, 2018 at 12:29 PM, Barton, Robert W. <bartonrt () lewisu edu<mailto:bartonrt () lewisu edu>> wrote:
Morning,

We isolate them physically from the remainder of the university (network).  The ‘gentleman’s agreement’ we have is that 
all labs, or work that the students do must be benign in nature.  We’re currently setting up our virtual Cisco, 
PaloAlto, and VM learning environments.  I just ran a hands on 9 hour firewall workshop for our Cyber Defense Club 
(they attend competitions in the area).  The administration is a little bit of a mix between the departments, and us in 
the centralized organization.  We are hoping to move to a “we handle the hardware, and OS, and you handle your 
applications, and teaching,” in the near future.  We do have a tech side, and management side to our program.

Robert W. Barton
Director of Information Security
Lewis University
One University Parkway
Romeoville, IL  60446-2200
815-836-5663

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>] On Behalf Of Rhonda Johnson
Sent: Monday, January 22, 2018 10:49 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Training or lab environments for cybersecurity programs at institutions

Aims Community College is interested in hearing from other institutions which offer cybersecurity programs for their 
students.  We'd like to hear what type of environment you have set up, how much you have isolated these programs from 
your other student environments and how you're controlling security for those programs.
Thanks for this information!

--
Rhonda Johnson, MS-CIT
Director, Network and Telecom
Aims Community College
970-339-6350

This message (including any attachments) is intended only for the use of the individual or entity to which it is 
addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from 
disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you 
are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. 
If you have received this communication in error, notify us immediately by telephone at (815)-836-5950 and (i) destroy 
this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.



--
Dennis Bolton
Information Security Officer
Dodge Hall Rm 220
118 Library Drive
Rochester, MI 48309-4401
248-370-4803