Iowa State Opens Security Testing Lab
The U.S. Department of Justice is funding a lab at the university to let businesses and others conduct security tests on simulated IT environments.
As more companies keep their IT infrastructure running around the clock, it can be hard to find time to back up data, check out software patches, and conduct tests for security vulnerabilities. Iowa State University on Monday unveiled a federally funded test lab that's under development to help companies check the security of their IT systems without causing downtime.
The U.S. Department of Justice is providing the funding for the Internet Simulation Event and Attack Generation Environment, which is slated to open this summer. It will be available for a fee to businesses, government agencies, and research companies to conduct experiments that mimic all types of security events, such as attacks from Trojan horses, viruses, and worms. The lab will hold a variety of hardware systems and software applications so participants can set up a test system that matches their own IT environment.
Doug Jacobson, director of the information assurance center at Iowa State University and founder of the test lab, calls his environment a "virtual playground" and says it will have enough equipment to conduct as many as five security events or tests at once.
Jacobson wrote a proposal for the lab around 18 months ago, and the Justice Department awarded the program $500,000 because of the growing number of cybersecurity threats and associated crime. Jacobson teaches classes that are part of Iowa State's master's degree program in computer security. Classes include hacking into a dummy company and then reviewing the attacks, how they're done, and how they could have been prevented.
The test lab will use, among other technology, a deep-packet-inspection appliance called Packet Sure from Palisade Systems, a company founded by Jacobson. The professor developed the proposal for the security-testing environment after spending years trying to accurately mimic real network environments for cyberattack tests. "It was always difficult to try out new security paradigms," he says, "when test beds were very simple, and the networks are so complicated."
About the Author
You May Also Like