Cyber Range Simulator System for Security Training

Major Functions / Key Features

A cyber range simulator system (hereafter the “system”) is a network-based virtualization system for cybersecurity training in real-life attack/defence scenarios. It mainly consists of three parts: hardware/server, web portal, and preconfigure scenarios. The specifications on these parts are separately listed below. 

Hardware/Server

• The hardware/server, which supports all or at least the main functions of the system, must be physically hosted in-house.  
• The server, preferably an enterprise-grade rack server, should be able to support at least 50 users training in the system concurrently.

Web portal 

• The web portal is the entry point of all users, which consists of a teacher’s dashboard, a teacher’s main panel, and a student’s main panel.
• Teacher’s dashboard: 
• Real time score/statistics display of students’ progress in the attack/defence scenarios.
• Teacher’s main panel: 
• Grant system access to students and other teachers.
• Form students into teams for those multi-user preconfigured scenarios  
• Schedule a cyber range lab with preconfigured scenario
• View historic cyber range lab results of all students
• Student’s main panel:
• View and access scheduled cyber range lab
• View one’s historic lab results
• Preference will be given to vendors whose portal can integrate with Security Information and Event Management (SIEM) 

Preconfigured scenarios

• A preconfigured scenario typically consists of one or multiple virtual images (VMs) deployed in a virtualized network. 
• The system must have at least 5 scenarios, among which 2 are entry-level (for high-school students), 2 are mid-level (for students with 1 year of security training), and 1 is advanced-level (for students with 2+ years of security training). 
• All scenarios, especially those entry-level ones, must be detailed documented for students to practice on their own. 
• At least 1 entry-level or mid-level scenario must involve blue team interaction with SIEM.
• Preference will be given to vendors who support customizable scenario (including network builder, virtual image importer, flag designer, etc).
• Preference will be given to vendors whose preconfigured scenarios contain both attack & defence modules in a single scenario.
• Preference will be given to vendors whose systems can monitor or grade students’ progress by automatically checking if some commands are used or conditions are met.  
• Preference will be given to vendors who provide supplementary lab exercises in or beyond these scenarios.