Network Security Lab
The Digital Forensics Network Security Lab will function as our security training facility. The lab will accommodate training in data and network security as well as cyber security intrusion detection, prevention and tracing. The lab will be divided into 3 fully functioning "real-world" networks, each with four workstations. Each of these networks will have a server, firewall, routing and switching capabilities as well as wireless access. All networking hardware used in the lab will be high-end equipment including routers, switches, firewalls and wireless access points. The lab and department will also utilize a blade server consisting of 20 dual processor blade machines in one rack mountable enclosure. Software used in the lab will include network analysis tools used to localize network problems, perform sophisticated diagnostic tests, monitor network traffic and events, trace illicit network activities and test and debug network hardware and software. The lab will be used in the training of regional law enforcement agencies and investigative agencies through twelve, two-day on-site training sessions.
In addition to our hands on training labs, we maintain a small data center to serve both as a support system for our training and to provide hands on experience working in a data center environment. Data centers are quite common these days and have a tendency to serve more than one client at a time; this can be a major roadblock in DF since investigators are often only authorized to collect data on the named subject systems. This is why we make our data center available as a training tool, so that practitioners can get experience with live investigations and network imaging techniques which allow the investigator to collect evidence without going beyond their authority and without adversely affecting tertiary networks or systems in the course of their investigation.