Palo Alto Networks recently participated in U.S Pacific Command co-hosted event Pacific Endeavor 2014, an annual multinational, multiservice workshop in which independent countries learn how to support disaster relief operations by using a broad range of technologies to coordinate inter-country communications. Critical communication systems such as satellite, video, radio, telephone, and other technologies are included.
Pacific Endeavor 2014 was split into smaller sub-workshops where each focused on specific communications criteria to ensure preparatory measures are in place in the event of a major natural disaster. Cyber Endeavor is one of these sub-workshops, and focuses on developing core competencies and discusses in depth how to provide confidentiality, integrity and availability to communications.
Palo Alto Networks and partner Cyber Test Systems conducted an interactive Cyber test range Exercise for Participants of Cyber Endeavor. The purpose of the Cyber test range exercise is to let participants learn how to build, deploy and use a Cyber Test Range to train a team replicating a real environment in test lab environment. This team trains to defend against cyber attack scenarios such as infection by virus, trojans, worms, spyware, adware, malware, DOS attacks, DDOS attacks and also network attacks using combination of well-known vulnerabilities, zero day vulnerabilities or unknown vulnerabilities that would qualify as Advanced Persistent Threats (APTs). These real-world scenarios run by the Palo Alto Networks and Cyber Test Systems teams covered the following:
Blue Team
Simulated by 18 participants using Palo Alto Networks security platforms that managed the availability, the scalability, the security and the stability of network infrastructure and application infrastructure for the Green Team and protected it from the cyber attacks simulated by the Red Team.
Green Team
Simulated by Cyber Test Systems using a network traffic generator simulating the legitimate users accessing to a large diversity of applications using wire or wireless connections with their desktops, laptops, tablets, smartphones to the application infrastructure hosted on the network infrastructure managed by Blue Team.
Red Team
Simulated by Cyber Test Systems using a network traffic generator simulating the malicious users sending advance cyber attacks to the user’s computers using different vectors of infection to install viruses, trojans, worms, spyware, adware and malware. The Red Team also sends cyber attacks to the network infrastructure and the application infrastructure to bring it down using DOS attacks or DDOS attacks, or leak information, or use the network or servers as relay to launch other cyber attacks using network attacks using combination of well-known vulnerabilities or zero day vulnerabilities or unknown vulnerabilities.
White Team
The White Team involved Cyber Test Systems for creating the cyber attacks scenarios running and monitoring the success or failure of the participants simulating the Blue Team to defend properly against the cyber attacks scenarios launched by the Red Team and keep the availability, scalability, security and stability of network infrastructure and application infrastructure for the Green Team. Also in the White Team, Palo Alto Networks ensured the participants were well equipped with the right visibility into network security infrastructure so as to defend against cyber attacks scenarios launched by the Red Team.
The Cyber test range exercise was conducted over two days where participants built network security infrastructure using routers, switches, wireless access points, and next-generation security platforms from Palo Alto Networks to provide Intrusion Prevention Systems (IPS), Anti-Virus, Anti-Spyware, URL Filtering as well as Anti-DDoS and Advance Persistence Threat Prevention in accordance with the Cyber test range Lab Setup. After the setup, participants learned how to defend against more than 50 different cyber attacks simulated by Cyber Test Systems network traffic generators. On every hour of the cyber attack launched, a debrief was conducted to make sure participants were adequately defending the network as well as effectively managing risk.
Bringing together all elements of effective risk management for network security, participants identified the need to improve the skills of security professionals using the right technology and processes. It’s for those experiences that these Cyber test range exercises are hugely important and we look forward to many more involving Palo Alto Networks and Cyber Test Systems!