The Virtual Forensic Lab
The virtual forensic lab lives in a datacenter at UM behind state of the art security. The individual workstations are accessed via VNC over SSL VPN connections. We have 64GB of RAM and 7.5 Tb of disk storage available for workstations, datasets, snapshots, and so forth. VMWare's ESX allows us to deploy VMs quickly, and snapshot them and deactivate them just as fast
In Alpha testing right now, a Beta testing phase open to CyberWATCH consortium members will begin on December 4, 2008. The virtual lab will be available to instructors for use in courses in Spring 2009.
Instructors have their choice of 3 forensic distributions initially (and these may change based on feedback from testing):
- Helix (a highly crafted version of Ubuntu engineered for sound forensic acquisition)
- SIFT (The SANS SIFT Workstation is a VMware Appliance that is preconfigured with all the necessary tools to perform a forensic examination.(from the SANS website : https://forensics.sans.org/community/downloads/index.php))
- Encase from Guidance software running on a Windows XP workstation.
Customizations of these workstations will be considered on a case-by-case basis.
Instructors will be able to schedule time in the lab on a regular recurring basis for use during courses that are semester-long, or for shorter modules inside courses. Scheduling preference will be given to semester-long usage.
Check into the forums when they launch on November 7, 2008 for more information on the lab, the beta test, scheduling and more.
|
