One of the challenges of computer network operations research and development
is how to test and train with network and Internet technologies and systems when
scenarios, vulnerabilities, and exploiting and attacking tools are too sensitive
to be used on the Internet. These technologies cannot be developed, tested or
demonstrated on standalone computers. It takes a complete network with Internet
services and protocols.
A Robust Internet Environment
Northrop Grumman addresses this challenge with its Cyber Test Range – a
robust Internet environment for emulating, attacking and evaluating information
technology, network operations and cybersecurity defense. The facility has grown
exponentially since its inception in 1999, keeping up with state-of-the-art
Highly Controllable and Configurable
Unrestricted and unconstrained, the Cyber Test Range is highly controllable
and configurable. The test range has a capacity of thousands of hosts with
client/server systems and configurations using best commercial practices. Today,
it houses more than 1,200 hosts, with networking, image management, traffic
generation, network instrumentation, information assurance and power management.
Reconfigurable Network Architecture
In the Cyber Test Range, hosts communicate through a reconfigurable network
architecture that supports dynamic routing and core enterprise services. The
test range is highly instrumented and performs packet capture and
reconstruction, protocol analysis and network monitoring. Its information
assurance technologies include firewalls, intrusion detection, anti-virus and
vulnerability management software.
A Wide Variety of Complex Logical Architectures
Based upon user scenarios, a wide variety of complex logical architectures
can be programmed. The Cyber Test Range’s data center is optimized for dense
hosting of test range systems with controlled power and environmental systems.
Its layer 2, 3 and 7 routing and switching architecture includes core and
network routers. These routers also manage bandwidth. User domains are populated
and connected to multiple Internet service providers, all connected through core
Internet routing infrastructure and enterprise services.