Building Cyber Range in Cloud for higher Education Institutes

In today’s digital era, cybersecurity training has become crucial for preparing students and professionals to combat cyber threats effectively. One powerful tool that aids in this training is a Cyber Range, which provides a simulated environment for practicing cybersecurity techniques and responding to various cyber-attacks.  

Whether you’re an educational institution aiming to strengthen your cybersecurity curriculum or a student seeking hands-on experience, understanding how to build a Cyber Range is essential. 

In this blog, we will explore the process of building a Cyber Range tailored to the needs of higher education institutes, with a specific focus on leveraging cloud technology. Cloud-based Cyber Ranges offer several advantages, including scalability, flexibility, and accessibility, making them an ideal choice for educational institutions. 

Your read summarized: 

What is Cyber Range 

Use of Cyber Range in higher education 

What should a Cyber Range include? 

How to build a Cyber Range in the Cloud? 

Planning and Preparation for Building a Cyber Range in the Cloud for Higher Education 

What is Cyber Range 

A Cyber Range (CR) is a simulated environment designed for cybersecurity training, simulation, and development of cybersecurity technologies. It offers a controlled space to replicate real-world scenarios, enabling individuals to practice and refine their skills. 

Within a Cyber Range, a diverse array of scenarios can be simulated, including network attacks, data breaches, malware infections, denial-of-service attacks, and social engineering attacks. This versatility allows learners to gain exposure to different types of cyber threats and develop effective strategies to counter them. 

For building a Cyber Range there are a variety of options, such as buying a commercial product, developing your own solution, or using a hybrid approach. Each option has its own advantages and disadvantages, depending on your budget, resources, goals, and needs. 

Use of Cyber Range in higher education 

Here are the uses or benefits of Educational CRs:  

• A state-of-the-art Cyber Range serves as a powerful tool for attracting bright and curious students seeking a challenging and meaningful educational experience in cybersecurity. 
• By offering advanced simulation capabilities and incorporating hands-on labs for Cyber Range into degree programs, the Cyber Range becomes an exciting and immersive experience that resonates with tech-savvy students who have high expectations. 
• The extensive hands-on experience gained through the Cyber Range sets your graduates apart from their peers, making them highly desirable to employers who value practical skills and real-world proficiency. 
• With a comprehensive Cyber Range, students are well-prepared to defend against a wide range of emerging cyber-attacks on any type of network, using popular and in-demand security tools. 
• By leveraging Cyber Range, you can grow enrolment in all your cybersecurity degree programs, including traditional, online, and executive programs. 
• Incorporating the Cyber Range into online degree programs expands accessibility and flexibility for students pursuing distance learning while maintaining its effectiveness for on-campus courses. 
• The Cyber Range serves as a dynamic asset that enhances the overall reputation and appeal of your cybersecurity programs, attracting more students and meeting the increasing demand for skilled cybersecurity professionals. 

Educational Cyber Ranges are like immersive academies for cybersecurity education and training. They offer a structured learning environment where students can delve into various cybersecurity subjects and gain hands-on experience in the realm of cyber defense. 

What should a Cyber Range include? 

A Cyber Range platform is a collection of hardware and software in a controlled virtual space that mimics an organization’s network, systems, and traffic for cybersecurity training and technology development. 

According to NIST (National Institute of Standards and Technology), the core technological components that come together to form a cohesive Cyber Range include: 

1. Range Learning Management System (RLMS): Serving as a central feature, the RLMS combines the standard functionalities of a Learning Management System (LMS) with the unique characteristics specific to a Cyber Range. 
2. The Orchestration Layer: This layer takes input from the RLMS and orchestrates the seamless integration of the infrastructure, virtualization or isolation layer, and target infrastructure. Whether developed in-house or utilizing commercial products, the Orchestration Layer enables dynamic extensibility across public and private cloud, and dedicated hard-wire infrastructures, enhancing the adaptability and effectiveness of the Cyber Range ecosystem. 
3. Underlying Infrastructure: Cyber Ranges rely on the underlying infrastructure, which includes network, server, and storage components. While dedicated ranges may be built on physical infrastructure, this can be costly and limited in scalability. To address these challenges, many range providers are transitioning to software-defined virtual infrastructure, such as OpenStack-based orchestration layers like Quali’s CloudShell. This shift involves utilizing Open vSwitch as the virtual switch and OpenFlow as the management protocol. The selection of infrastructure depends on supporting legacy hardware and software and accommodating client use cases. Additionally, traffic generation and attack emulation play a significant role in Cyber Range operations, although they are not strictly part of the underlying infrastructure. 
4. Virtualization Layer: The Virtualization Layer is essential in Cyber Ranges, providing the means to reduce physical space through virtualization. Hypervisor-based solutions and software-defined infrastructure are commonly employed. The level of disintermediation between physical and target infrastructure impacts the range’s realism but is crucial for economic viability. Additionally, the Virtualization Layer acts as a firewall, separating the target infrastructure and its attack vectors from the underlying infrastructure, which can be dedicated public cloud or private cloud based. 
5. Target Infrastructure: The target infrastructure refers to the simulated environment where students receive training. It can closely resemble the students’ real-world IT and security infrastructure in some instances. Sophisticated Cyber Ranges include profiles of commercially available servers, storage, endpoints, applications, and firewalls. Through student interaction, the RLMS generates scripts that guide the orchestration layer in creating the target infrastructure. These scripts may include client-specific configuration details like IP address ranges, routing information, server stacks, and endpoint software 

How to build a Cyber Range in the Cloud? 

When deploying a Cyber Range (CR) in the cloud, there are three options to consider: public cloud, private cloud, or a hybrid approach combining both. 

• Public cloud: In a public cloud Cyber Range infrastructure, the cloud service provider (e.g., Amazon, Microsoft, Google) manages the entire infrastructure, and users access services without engaging in infrastructure management. However, limitations arise concerning control over data transfers, flexibility in scenario development and configuration, and adherence to technological restrictions imposed by the cloud provider. 
• Private cloud: In a private cloud Cyber Range infrastructure, the infrastructure is created and managed by the CR organizers. They assume the costs of installation, maintenance, and operation. This approach offers complete control over deployed applications, data, and information circulating within the cloud infrastructure. 
• Hybrid cloud: A hybrid cloud Cyber Range infrastructure combines elements of both public and private clouds. It provides the advantages of public cloud scalability and control over CR data security offered by a private cloud. This approach allows for flexibility and customization while leveraging the resources and services of public cloud providers. 

Hardware and OS Requirements: 

Please note that the following hardware and OS details are the minimum requirements for your Cyber Range Setup. However, you have the flexibility to utilize any desired number of CPU cores, RAM, and other things for optimal performance. 

Hardware: To build a Cyber Range, a minimum of 4 cores on a CPU that supports VT-x instructions, such as an Intel Core i5-2300 series or higher is required. Adequate RAM, with a minimum of 16GB, and sufficient hard drive space, preferably a few hundred GB, are essential for hosting multiple virtual machines (VMs). Opting for an SSD as the hard drive can significantly enhance performance. 

Operating System: When setting up a Cyber Range, it is important to consider an operating system that is both lightweight and resource-efficient. Ubuntu, being a free and open-source Linux-based OS, is an ideal choice for such a setup. While Windows OS or MAC can also be considered based on personal preference, Linux-based operating systems are generally more resource-efficient for Cyber Range usage. 

Virtualization: Virtualization technologies have revolutionized the creation of cost-effective Cyber Ranges, enabling efficient simulation of various digital infrastructures. These technologies utilize hypervisor software to ensure that virtual machines (VMs) operate independently and access the necessary physical resources.  

Hypervisors can be obtained as commercial software (e.g., VMware, Parallels, Microsoft Hyper-V, IBM z/VM) or open-source software (e.g., KVM, VirtualBox, QEMU). Additionally, container technology has gained popularity, enhancing application portability and execution speed by bundling application code, libraries, and dependencies into a single software component. 

The benefits of virtualization encompass dynamic resource allocation to VMs, system restoration through snapshots, flexible reconfiguration of network infrastructures, and easy addition, cloning, modification, and removal of elements. 

How Spektra Builds a Cyber Range in Cloud for Educational Institutes?  

Let’s explore how Spektra leveraged cloud technology to build a dynamic learning lab environment for various educational institutes in North America in Cyber Range.

• Utilizing Spektra’s virtualization and cloud infrastructure expertise, the construction of the Cyber Range begins with the migration of existing virtual machine images to the cloud platform. 
• Next, the on-premises architecture of the Cyber Range is replicated in a self-contained manner within the cloud, encompassing diverse networks, subnets, virtualization layers, and servers. 

This cohesive setup can be effortlessly deployed, deleted, and re-deployed as a unified unit, ensuring scalability and efficiency. To optimize user experience, a GUI is configured for the virtual machine, facilitating smooth and intuitive interaction and navigation. 

• Every virtual component in the Cyber Range is fine-tuned to replicate real-world scenarios, providing students with an immersive learning environment. Through these tailored lab environments, students could bridge the gap between theory and practice, gaining invaluable hands-on experience. 

Leveraging the synergy of Spektra’s expertise and cutting-edge cloud technology, we have enabled numerous institutions to establish dynamic Cyber Ranges that transcend traditional cybersecurity education boundaries. 

Planning and Preparation for Building a Cyber Range in the Cloud for Higher Education 

Understanding the objectives and desired outcomes of the Cyber Range project:  

Before embarking on building a Cyber Range in the Cloud, it is crucial to clearly define the objectives and desired outcomes of the project. Understanding these objectives helps shape the overall design and scope of the Cyber Range. 

Assessing the unique training requirements and skill levels of students

Conduct a comprehensive assessment of training needs and student skill levels to identify specific cybersecurity skill development requirements, incorporating curriculum evaluation, student surveys/interviews, and industry standards. 

Identifying the necessary resources, budget allocation, and timeline

Evaluating hardware, software, networking, and cloud provider capabilities, while allocating a suitable budget and setting a realistic timeline for successful execution. 

Collaborative approach with the educational institution in the planning phase 

Effective planning of the Cyber Range project requires a collaborative approach between the provider and educational institution, involving close communication, alignment with goals and curriculum, and engagement of key stakeholders for tailored implementation. 

Conclusion: 

In today’s rapidly evolving digital landscape, if you consider implementing a Cyber Range for your institution, Spektra emerges as the ideal partner. 

With the expertise, experience, and tailored solutions, we can help you design and implement a state-of-the-art Cyber Range in the Cloud, specifically tailored to meet the unique needs of your educational institution.  

Don’t miss out on the opportunity to empower your students with practical cybersecurity skills. Take the next step and reach out to Spektra today for a demo and embark on a journey towards a robust and effective Cyber Range in the Cloud. Together, let’s shape the future of cybersecurity education. 

Amit Malik

Amit Malik is the COO at Spektra Systems, known for his expertise in Microsoft Cloud and digital transformation. He drives strategic planning and operational initiatives, reshaping the cloud landscape to deliver superior business outcomes. He is a recognized thought leader and speaker on Cloud, AI, and IoT, and holds a position among the Leaders Excellence at Harvard Square.