What is Cyber range?
The Montimage Cyber range platform is built to evaluate the security monitoring capabilities based on MMT, Snort or Suricata Intrusion Detection Systems in different contexts (NFV/SDN, IoT, e-health, transport, etc.). It integrates the following features.
- Traffic generators: Different tool are available in the platform to generate network traffic flows to cover more than 600 different protocols and applications. It is also possible to generate malicious attacks. For this purpose, we use 3 types of tools: tcpreply, tomahawk and scapy.
- MMT Monitoring solution: MMT (Montimage Monitoring Tool) is a monitoring solution that combines data capture, filtering and storage, events extraction and statistics collection, and, traffic analysis and reporting providing, network, application, flow and user level visibility. Through its real-time and historical views, MMT facilitates network performance monitoring and operation troubleshooting. With its advanced rules engine, MMT can correlate network and application events in order to detect performance, operational, and security incidents. An easy-to use customizable graphical user interface makes MMT suitable for different user needs. The tool is easy to extend to add new protocols/applications and/or new security rules to analyse.
- High bandwidth management: It is possible to generate up to 10 Gbits/s network traffic. The necessary hardware is available to manage this kind of experiments
- Using virtualization: It is possible to use Openstack and create different network topologies and benefit from the concepts of NFV/SDN to build different use cases according to the user requirements.