Project Architecture

Purpose

The Cyber Training Lab Manager must run in the background during a lab activity and keep a log of service status, token placements and other unique states relevant to the training. For example, 'was the FTP service available on X.X.X.X checked every 5 minutes during the activity?'.

The logged activity should be displayed on a regularly updated website, ideally served through a python web service.

Design Goals

Simple and easy to use. Should work out of the box and not require complicated modifications to config files. Security of the system is not important, as it is expected that the management host will have sufficient internal protection. The design must be modular and well documented so that new modules can be added to modify or add services which can be monitored.

System Components

The project will focus on a modular design, with components which can be easily swapped out or modified to suite particular cases.

Event Log

With most events not expected to run beyond a few days, the event log will record the status of several tests against each time on a fixed cycle (e.g. every 5 minutes).

Presentation

The presentation module will read the event log and convert the content into a website designed to be viewed by all teams to show the running score, current total score and status of each teams objectives.

Objectives

While not a module in their own right, the objectives will be clearly defined states that teams must either avoid or seek. Each of the agent modules will be designed to test an objective. The objectives should be worded like:

"The FTP service is reachable"
"The FTP server is serving file X"
"File X served by the FTP server matches token A1"

Scheduler

The scheduler must handle several threads which test objectives using individual agents on a fixed time cycle. Each of the agents will be focused on a key area, e.g. FTP, HTTP, SMTP.