Security Lab Debuts
Real-time setting lets companies check on security vulnerabilities in preparation for cyberattacks
As more companies keep their IT infrastructures running around the clock, it can be hard to find time to back up data, check out software patches, and conduct tests for security vulnerabilities. Iowa State University last week unveiled a federally funded test lab that's under development to help companies check the security of their IT systems without causing downtime.
The U.S. Department of Justice is providing the funding for the Internet-Simulation Event and Attack Generation Environment, which is slated to open this summer. It will be available for a fee to businesses, government agencies, and research companies to conduct experiments that mimic all types of security events, such as attacks from Trojan horses, viruses, and worms. The lab will hold a variety of hardware systems and applications so participants can set up test systems that matches their own IT environments.
Doug Jacobson, director of the information assurance center at Iowa State and founder of the test lab, calls his environment a "virtual playground" and says it will have enough equipment to conduct as many as five security events or tests at once.
Jacobson wrote a proposal for the lab around 18 months ago, and the Justice Department awarded the program $500,000 because of the growing number of cybersecurity threats and associated crime. Jacobson teaches classes that are part of Iowa State's master's degree program in computer security. Classes include hacking into a dummy company and then reviewing the attacks, how they're done, and how they could have been prevented.
The test lab will use, among other technology, a deep-packet-inspection appliance called PacketSure from Palisade Systems Inc., a company founded by Jacobson. The professor developed the proposal for the security-testing environment after spending years trying to mimic real network environments for cyberattack tests. "It was always difficult to try out new security paradigms when test beds were very simple," he says. Now, "the networks are so complicated."
Jacobson points to John Deere & Co. as an early participant in the lab. The tractor-manufacturing company also has financial-services operations, increasing its need to be vigilant about customer data security. "As a target of criminal activity," Jacobson says, "John Deere has ever-increasing concern and interest in security."
About the Author
You May Also Like