CyberSecurity LAB Building Proposal


CyberSecurity LAB Building Proposal

Trevor Shi V 1.0  10/17/19

*This is the CyberSecurity Lab building proposal I made for my employer, for the personal home Lab building, should have a similar infrastructure.


1.    What is a CyberSecurity lab?
A  CyberSecurity Lab is any combination of networks, servers, and infrastructure that maintain within the testing network environment. It can provide services, do practical tasks like detecting and monitoring, and provide an environment from which to launch new projects and learning opportunities.

2.    Purposes and functions
2.1 Emulate a company infrastructure in one computer
2.2 Network/System Administration, Engineering, Design
Virtualization, networking, Secure architecture, Operating systems
2.3 Prevention, Detection & Response
Firewalling &OS hardening
2.4 NSM(IDS, SIEM)
2.5 CSM (Log Collection, Vulnerability Scanning/Analysis)
2.6 Offensive/Attack
One on one type attacks
2.7 Malware reverse engineering and Forensics


3.  Network Diagram

44.    Key Components
3.1 Hardware
high performance Server( > 64G Memory, > 4T HDD, need to support > 30 VMs)
Recommendation :Dell PowerEdge C6220 24B 4 Node 8x E5-2640 Six Core 2.5Ghz 128GB 8x 500GB
3.2 Hypervisor
Vmware vSphere ESXi
            3.3 Network
                        Reserved IP address segment(around 100 IPs.)
3.4 Firewall
Pfsense
3.6 IDS
Snort / Suricata / Bro IDS
Sguil / Squirt IDS front-end
3.7 Network Monitoring/Network Security Monitoring
TIG Stack
ZABBIX
Security Onion
3.8 Security Information and Event Management (SIEM)
ELK
OSSIM
3.9 Vulnerability Management
OpenVAS
3.10 Forensic
HoneyNet
Sandbox
3.11 Pentesting
Kali Linux
3.12 vulnerable system
DVWA
Metasploitable
OWASP



Comments

Post a Comment

Popular posts from this blog

To Be A CyberMan: Installing PfSense on a WatchGuard Firebox

Image
OX01 Preface My company recently upgraded its firewall to FortiGate Firewall.  They eliminated 3 of the licenses expired WatchGuard Firebox Firewalls. The WatchGuard FireBox models are XTM5 Series, M400, and M470. I was wondering if I can install the opensource Firewall application such as PfSense on FireBox to use as Testing Lab Environment. 0X02 Information      XTM5 Series comes with a 1GB CF card, free space is not enough for the lastest Pfsense,  need to add additional Hard Disk as PfSense system booting drive.     M400 comes with a 4 GB CF card, can use CF card as a PfSense system booting drive.     M470 comes with mSTAT SSD.  can SSD as a PfSense system booting drive. 0X03 Installing PfSense on M400 1. Preparation:           WatchGuard Firebox M400 Appliance          A USB Flash Drive          A CF Card USB reader          A co...
Read more

How I passed the CSX Fundamentals within one month

Image
  How I passed the CSX Fundamentals within one month Hi Guys, My name is Trevor Shi. I just passed the CSX within one month. I would like to share some experience maybe it will help you guys to prepare the exam. One of the funny things was, I used one month to learn it. But I spent the other one month to book the exam. I re-booked 5 times of exam as ISACA PSI online exam application has lots of issues.  I met every situation you can imagine. The first-time ISACA website down, the second-time they canceled my booked without excuse, the third-time application couldn't open, and the Fourth time was my fault, I just missed the exam. Finally, I got this certificate. We had a small group named CyberRookie, It just like an unorganized cyber knowledge self-studying group, we are trying to be more organized. So t he purpose of this article is as a guideline of the CyberRookie Project CSX certification learning method . A. The Cybersecurity Fundamentals Certific...
Read more

To Be A CyberMan: Set Up SFTP Server On Azure VM behind FortiGate Firewall

Image
1. Business request     S et up a file transfer server with public internet access.  2. security concern      The common ways are FTP, FTPS, or SFTP:     The FTPS requires applying the certificates to the FTP service,  So I deceived to go for SFTP.       SolarWinds SFTP & SCP Server is a Free SFTP server App. 3. Deployment     3.1  Set up SFTP on VM          Download the software to Server and install it                https://www.solarwinds.com/free-tools/free-sftp-server          Redirect the Root Directory           Create user to login           verify the SFTP service is running on localhost     3.2 Config Host firewall and  Azure NSG to allow SFTP service           Add Port 22 TCP into host firewall ...
Read more