February 09, 2012

Enterasys challenges the hackers at ShmooCon 2012

ShmooCon 2012 was once again a sold out event and for the second year in a row Enterasys Networks provided the networks infrastructure for the show network. This was the eighth annual conference hosted by The Shmoo Group. The conference brings together approximately 1400 security professionals from a wide range of disciplines and provides a showcase for demonstrating technology exploitation and inventive solutions. I had the opportunity to work the Enterasys booth at the event and to attend some really great sessions. As always the information presented in the sessions and between attendees in the hallways was both cutting edge and thought provoking.

Matt Hum, a Solutions Engineer with the Enterasys Federal team designed, deployed and managed the Enterasys supplied network of 20 switches. Matt even found time to present a couple of impromptu whiteboard presentations on layer 2 spanning tree and multiple spanning tree technologies.

The network design used a number of Enterasys switches, including a core of two high performance S-Series switches, the distribution layer was a C-Series switch and the data center and conference rooms were connected using a mix of C- and D-series switches.

The show network was provisioned and managed using Enterasys NetSight. The simple one click provisioning and comprehensive problem resolution tools were critical to the successful deployment of the network. The ShmooLabs team had their first access to some of the conferences rooms the morning of the first days of the conference and had less than 36 hours to get the entire network and supporting infrastructure up and running. The team was up to the challenge and everything was deployed, provisioned and working before the conference opened at noon on Friday.

The show network consisted of both friendly networks used to support attendee and vendor Internet access, as well as hostile internal networks. There was a network where people were actively trying to break into any system connected to the network and there was another network that had people breaking into specified targets (ordered/controlled attacks). Because these networks were designed to allow attacks they were configured with minimum security policies – basically just policies to control DHCP spoofing to prevent man-in-the-middle attacks and to prevent any accidental DoS. They were also configured to prevent L2 attacks, such as VLAN hopping.

The conference sessions were streamed live to the web so the switches were configured to apply L2 and L3 QoS markings and to segregate streaming Video / Audio traffic from other show traffic. The entire show was streamed live and the attack traffic never interfered with the audio/video streams.

The Enterasys network provided a solid and stable foundation for this diverse and complex environment.

About The Contributor:
Extreme Marketing Team

See My Other Posts