MEIA Cyber Research Facility

UCCS has secured a 1.25 Million AFOSR equipment grant to furnish a data center quality server room with three racks of blade servers and storage area networks and an innovation security lab to foster development of educational and research programs in Cyber Security, Physical Security, and Homeland Security. They arelocated in the new 150,000 square feet Science and Engineering Building completed April 2009. The innovation security server room will host three racks of blade servers with storage area network and 40 tera bytes of storage. It will be used for

  • the design and developed new secure network systems and protocols,
  • the simulation or emulation of large scale networks for evaluating cyber attack and defense techniques,
  • the configuration of networked of virtua machines/infrastructures for conducting capture the flag exercieses and IA traning workshops.
  • the study of disaster recovery and network system restoration,
  • performing multi-tier server cluster,QoS, Internetnetwork research,
  • conducting biometric and physical security research.

Equipment/Software Systems

a. Blade Server Racks and Server Module
    HP C7000/C3000x2 chasis
    12 HP Blade 460C G6 Server Modules including 2 Intel Xeon E5530 (2.66GHz)
    Quad Core processors with 32 GB Memory
b. Storage Area Networks and 40 Tera Byte Storage

    HP EVA Storage & Lefthand SAN with 40 Tera byte storage per system

c. System Software for managing the virtual machines on blade servers

    VMWare Infrastructure with Lab Management software Lab Manager

    VMWare Infrastructure for 12 CPUs and 4 year support contract

d. Cyber Security Software Tools

    Nessus Annual Direct and Professional Feed

    IDA Pro Advanced Decompiler (1 Computer License)

    Hex-Rays Disassembler $2300
e. Network Router/Switch/Security Equipment
    Cisco router/switch/IDS/Firewalll

 

The 620 square feet innovation security lab will be equiped with high end worktation, tablet/laptop PCs, and wireless/senosr network equpment and development kits. It has Audio/Video connection to the innovation lab, the large conference room and the teleconference room of the National Institute of Science, Space, and Security Centers (NISSSC) with high speed internet connection to Internet for conducting cyber or homeland security exercises.

Justification for Server Rack and Server Modules
We need three server racks for disaster recovery, system restoration/survivability, multi-tier server cluster, Internetnetwork research. It allows us to emulate how to reroute system traffic to the backup site, when one site fails, and to restore the original systems. It also allows us to investigate the design efficient secure storage network and secure collective network defense to allow network systems to function even whenit is under attack. Each rack contains 4 high end X6250 blade server module each has dual quad core Xeon processor with 32 Giga byte main memory. Each of these high end blade server moduleallows us to run concurrent processes for demanding security related processing, or to run multiple networked virtual machines for cyber war exercises and different security research projects that requirement different system and application software configurations.

Justification for Storage Area Network
The storage area network with the provide Tera byte storage enables us to save large amounts of data expected to be generated by the proposed cyber security and homeland security research projects. The equipment also allows for virtual machines to access their file system images, and to access the existing cyber security knowledge base.

Justification for System software for managing the virtual machines on blade servers
To manage the large collections of virtual machines and servers for different security projects and to ensure the network configurations are properly configured, we need the VMWare Infrastructure with Lab Management software and related support.

Justification for cyber security software tool
We need this collection of security software tools to analyze the vulnerabilities in software server system.

Justfication for the research equipment in the Innovation Security lab
The Cisco router/switch connects the blade server system, the PCs in the innovation lab and the campus network backbone. IDS and Firewall are needed to isolate and protect the networks. The workstations, desktops, laptops, all-in-one office machine, and wireless/sensor network equipment will be used by the researchers and students participated in security research and cyber war exercises.