Next Steps¶
Now that your ISERink has been set up and tested, there are many use cases for this environment. Below are some common activities or setups that may be of assistance customizing the environment to meet your specific needs.
Adding extra hosts for VMs¶
In order to run larger competitions you will need a few hosts. The number of hosts that you will need depends on the size of your scenario and competition.
Managing larger scale environments with VMware vCenter¶
Once you have more host than one host using VMware vCenter is is useful for managing hosts and virtual machines. When working a clustered environment it the competitors will be using vCenter to manage there virtual machines. The white team will also use vCenter to manage the infrastructure. You can learn about vCenter on VMWare’s website.
Hosting a Cyber Defense Competition¶
In order to host a successful Cyber Defense Competition (CDC), good planning is critical. You should start planning as early as possible. Below is an example timeline for how the ISEAGE Lab at Iowa State University runs their CDCs. You should tailor this to your needs.
This guide is based off of a typical three to four week remote setup phase.
For more information about the ISEAGE CDCs and some of the terminology used here, see https://cdc.iseage.org.
Two to Three Months Before¶
This is the initial planning stage. Figure out an overall idea for the scenario. You should draw up a network map and figure what hosts, services, flags, and attack surface there will be. This step is important; it is crucial that time is spent thinking through how all pieces of the scenario will fit together. This should be documented.
Once a scenario idea is finalized, team members should be assigned to create the services described in the scenario.
Other event planning tasks should take place at this time as well, such as finding a place to host the event and other logistics.
During this time, you should begin recruiting volunteers for the Red and Green teams, and finding participants to compete on the Blue teams.
One Month Before¶
All the services, applications, and machines should be finished. They should be cloned to all the teams and the scenario should be released to the Blue Team participants.
After Scenario Release¶
You should set up channels for support such as email or chat so your participants can contact you. They will ask questions about the environment, rules, the scenario, and other questions of technical nature. You should make every attempt to ensure a quick response to support requests.
Week Before¶
During the week before the CDC, you should take extra care to answer questions, as it is crunch time for the competitors. The competition location is usually prepared the day before competitors arrive so that tables can be set up, and power and networking provided appropriately.
T-Minus 2 hours¶
Have your staff ready to go. Ensure the competition area is ready to go. Help answer last minute questions from competitors.
Running Training Exercises¶
Configuring and Managing IScorE¶
IScorE is a very large scale project and has many extra features that you can take advantage of. As stated, its intent is to help manage and score CDCs. Full documentation for administration of IScore can be found at https://docs.iseage.org/iscore/admin/latest/. There is also user documentation that can be found at https://docs.iseage.org/iscore/user/latest/. Make sure that the documentation here matches the version of IScorE that is installed in the ISERink.