Publications

2 Results
Skip to search filters

Performing cyber security analysis using a live, virtual, and constructive (LVC) testbed

Proceedings - IEEE Military Communications Conference MILCOM

Van Leeuwen, Brian P.; Urias, Vincent U.; Eldridge, John M.; Villamarin, Charles; Olsberg, Ronald R.

Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed new methods to combine these evaluation platforms into a cyber Live, Virtual, and Constructive (LVC) testbed. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a target system, it is critical to represent realistically the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber LVC testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single computing platform. This provides an "experiment-in-a-box" capability. The result is rapidly produced, large scale, relatively low-cost, multi-fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations.

More Details

An evaluation of Access Tier local area network switches

Eldridge, John M.; Olsberg, Ronald R.

This reports tabulates the Test and Evaluation results of the Access Class Switch tests conducted by members of Department 9336. About 15 switches were reviewed for use in the enterprise network as access tier switches as defined in a three tier architecture. The Access Switch Tier has several functions including: aggregate customer desktop ports, preserve and apply QoS tags, provide switched LAN access, provide VLAN assignment, as well as others. The typical switch size is 48 or less user ports. The evaluation team reviewed network switch evaluation reports from the Tolly Group as well as other sources. We then used these reports as a starting point to identify particular switches for evaluation. In general we reviewed the products of dominant equipment manufacturers. Also, based on architectural design requirements, the majority of the switches tested were of relatively small monolithic unit variety.

More Details
2 Results
2 Results