Embed Size (px)
Citation preview
ADVANCED NETWORK ARCHITECTURE
AND CYBERSECURITY SOLUTIONS
Creating Emerging Technologies for Next-Generation Communication Networks The LGS Innovations Internet and Cybersecurity Research Department (ICRD), located at the William J. Perry Research Center in Florham Park, NJ, develops and delivers innovative, game-changing network architecture and cybersecurity solutions that support both government and commercial customers. The ICRD leverages world-class research and an unrivaled understanding of wireless and wireline communication network protocols, equipment, and operations to address and solve complex networking challenges facing governments and industry today. Building on a unique Bell Laboratories heritage, the ICRD has in-depth experience in all areas relating to service provider networks and commercial communications equipment. With expertise in Internet Protocol (IP), optical transport, wireless (3G/4G), and IP Multimedia Subsystem (IMS) networks, the IRCD has a team of experts who advance both today’s networks and emerging technologies.
LG
S IN
NO
VA
TIO
NS
2
I NTE R N E T R E S E A R CH L A B O R ATO RY: PR OAC TIV E CY B E R A NA LYS IS
A N D D E VE LO PM E NT
The ICRD conducts much of its research in the LGS Internet Research Laboratory (IRL). The IRL serves as a development and test facility for the ICRD’s systems, tools, technologies, and processes. It is the control center for a full spectrum of cyber-related activities in the areas of security assessments, network assurance, and information assurance. The IRL contains a research network with native IPv4 / IPv6 100 Mbps connections to the public Internet, high-speed cable modems, and multiple dial-up lines. The IRL network, which has its own class B address space, is a routable, multi-homed, non-transit, autonomous system that can be configured to emulate various network architectures such as a service provider or corporate/government enterprise.
The IRL architecture includes many of the functions envisioned for any Cybersecurity Operations Center. In addition, the IRL hosts a central core network that provides secure Internet access for emulated corporate/government enterprise networks. Several reconfigurable project areas and testbeds provide research, development, and test facilities to analyze attacks and develop tools. Fundamental to the IRL’s design, Indications and Warning (I&W) of potential threats are provided so they can be addressed proactively in a laboratory setting.
IRL’s central core network is a virtualized environment with workstations, virtual servers, and a high capacity Storage Area Network (SAN). This network is configured as follows:
» Cyber defense area for research, tool development, and testing. Various configurations representing enterprise and network equipment (e.g. routers, firewalls, IDSs, etc.) and software are tested and analyzed to determine effectiveness against attacks.
» Application area for cyber tool development, testing, and project operations. Tools and procedures are developed and verified for applications such as penetration testing.
» Demonstration, integration, and product testing area. Tools and procedures can be used to assess the viability of vendor products.
» Red-Blue exercise area. Playing the role of an attacker to enhance defensive skills.
» Network Operations Center (NOC) area to control and monitor the IRL network, testbeds, and security, including configuration/data management, servers, routers, firewalls, IDSs and switches.
LG
S IN
NO
VA
TIO
NS
3
F U L L S PEC TR U M CY B E RS ECU R IT Y A N D N E X T- G E N E R ATI O N
N E T WO R K I N G CA PA B I L IT I E S
NETWORK SECURITY ASSESSMENTS
For more than ten years, ICRD scientists have been recognized for their ability to perform security assessments by mapping networks and assessing their vulnerabilities. By applying their understanding of geographic and topological mapping of Internet hosts and routers to create solutions for effectively protecting cyber infrastructure, they discover detailed network resource relationships and determine global paths between physical networks.
ICRD experts also use these capabilities to perform external security assessments, during which they are able to identify and provide solutions to vulnerabilities in a customer’s IP networks. Security assessments are performed on a customer’s core or enterprise network in one of two ways: (i) the customer provides information about and access to their network; or (ii) the security assessment is performed for the
customer without any provided network information.
NETWORK ASSURANCE
The ICRD performs security assessments on individual network elements (e.g. routers, switches, firewalls, etc.). By analyzing the code embedded in a network element, ICRD scientists are able to discover vulnerabilities that could pose a security concern for a network operator. Both white box and black box testing techniques are utilized.
The primary objective of white-box testing is to perform static analysis of source code to identify bugs. Bugs are not necessarily vulnerabilities, but can potentially represent a security concern. Manual inspection is required to determine if any identified bug actually poses a vulnerability. White box testing also includes a public search for vulnerabilities against the product, both indirect and direct.
Black box security testing includes all of the methods of testing performed by suppliers, service providers and other independent test facilities. Some key test scenarios include: denial of service attacks (DOS), distributed denial of service attacks (DDOS), fuzzing, security scanning, mock attack scenarios, and failure testing.
INFORMATION ASSURANCE
The ICRD engages in cutting-edge research to protect information systems and their content, and develops next generation tools and techniques to independently verify and validate the security of information system software. This research produces new techniques to find latent malware in mobile apps and advances novel exploratory testbeds to monitor and analyze desktop, web, and mobile apps. In addition, ICRD is creating new protocol independent techniques designed to find vulnerabilities in web applications, server software, and network intrusion detection systems by simply analyzing IP network traffic. The ICRD scientists are also inventing next generation technologies to provide secure ad hoc information sharing within local clouds of tactical mobile devices and across long-range sensor networks.
L G S I N N OVAT I O N S
13665 Dulles Technology Drive, Suite 301
Herndon, VA 20171
T E L : 1-866-LGS-4243 (1-866-547-4243)
U R L : www.lgsinnovations.com
LGS, LGS Innovations, and the LGS Innovations logo are trademarks of LGS Innovations LLC. The information presented is subject to change without notice.
© 2015 – LGS INNOVATIONS
LGS Innovations delivers next generation solutions that solve the most complex networking and communications challenges
facing the U.S. Federal Government, State and Local Governments, Foreign Governments, and commercial enterprises. LGS offers
groundbreaking research and development and builds advanced wireless, optical, and wired products and applications customized
for specific mission environments. These solutions provide unique information and security advantages that lead to the operational
success of its customers. LGS’ offerings include:
LGS Innovations is a U.S.-owned company headquartered in Herndon, Virginia, with offices in Colorado, Florida, Illinois, Maryland,
New Jersey, New Mexico, and North Carolina. Formerly a subsidiary of Alcatel-Lucent, LGS is the exclusive reseller of Alcatel-Lucent
products and services to the U.S. Federal Government and any other entity when the end customer is the U.S. Federal Government.
LGS maintains strong ties to Bell Labs and its technologies, employing more than 450 scientists and engineers and over 730
employees worldwide. To learn more about LGS Innovations, visit www.lgsinnovations.com.
» Campus and building networking solutions for military bases,
hospitals, and corporate centers
» Maritime applications for in-port and at sea communications
» Global networks (long-haul communications, including
undersea cable)
» Enterprise voice, video, and data networking
» 4G wireless deployable communications for public safety,
battlefield, and emergency and first responder communities
» Network engineering, integration, and installation
» Cloud and data center infrastructure
» Video teleconferencing and IPTV suites
» Research and development in advanced multimedia/RF
communications, cybersecurity, sensing technologies,
and photonics
A B O UT LGS I N N OVATI O N S
I N N OVATIVE S O LU TI O NS : R E S HA PI N G CO M M U N I CATI O NS
From defending and protecting the homeland to increasing and improving services to the citizen, LGS Innovations’ Internet and Cybersecurity Research Department inspires new ways of approaching existing and potential cyber threats and addressing U.S. Federal Government and commercial enterprise communications needs.
Through applied internet research and cybersecurity solutions development, LGS Innovations delivers innovative solutions that reshape communication and security while preparing for both immediate and future information demands.
