“Guard”: with information security in mind

SOTSBI-guard: educational and laboratory complex for information security.

The complex is designed to organize the educational process in information security, which is one of the most important areas of technical training. This complex provides unified educational platform for schools, universities and faculties. Most importantly, it can be used as part of the training programs for technical universities.

Demo access is available here: prague.sotsbi.ru,
login demo, password demo.

The system allows you to explore contemporary approaches to information security, information security methods and the means of information protection, as well as gain practical skills of working with modern software and hardware appliances dedicated for these goals.

The training can be conducted using in-class infrastructure or on-line cloud infrastructure.

The Assignment options include:

  • Schools. Basic knowledge
  • University. User skills
  • Advanced professional training. Expert R&D.

The basic concept of education with the help of the “SOTSBI” computer program involves:

  1. Theoretical material learning: multimedia slide presentation (Adobe Flash technology);
  2. Computer-aided modeling: taking a multiple choice test and identifying weak points ('Testing'), as well as computer-aided practical tasks ('Simulation');
  3. Laboratory Work: performing assignments on the network model using common software tools;
  4. Credit: taking a multiple choice test and identifying weak points;
  5. Skill rates reporting: statistical data collection on students’ learning progress.


The complex

The complex supports administrative functions, including remote administration. The deployed complex can be tentatively divided in four parts: student’s and lecturer’s (teacher’s) workstations, the XenServer SOTSBI-lrn service and learning software, the XenServer SOTSBI-guard security equipment area and the Nester Network Attack server.

The XenServer open source software (virtual machine monitor) allows several guest operating systems to run on the same physical server hardware concurrently. All network entities are “bundled” within one physical server.

See also: A new look at virtualization.

Thereby, a typical solution involves one physical server for XenServer SOTSBI-Irn, one physical server for XenServer SOTSBI-guard and one for Nester Network Attack server

Booting of the workstations is provided by the SOTSBI-Irn server over the network. Client-server approach allows applications to run on the server and interact with a thin client terminal for handling the user input and displaying output.

The installed accessories and tools include:

  • On students’ workstations: softphones, WireShark network protocol analyzer utility, XenServer SOTSBI virtual machine management GUI interfaces.
  • On  the  lecturer’s workstation: XenServer SOTSBI virtual machine management extended GUI interfaces, WireShark network protocol analyzer utility, softphone, statistic  system.
  • The Student’s workstation remote control system enables to monitor and control computers remotely.


The main components of the SOTSBI-guard software complex include:

The SOTSBI-lrn software server. Hosts the software for theoretical material learning, computer-aided modeling, crediting, skill rates reporting. SOTSBI-lrn software server includes:

  • ‘Administrator’ Module. Features: administration, statistics.
  • ‘Teacher’ Module. Features:administration, statistics, control, assistance, theory, testing, simulation, final testing, notebook, glossary, report.
  • ‘User’ module. Features: theory, testing simulation, final testing, notebook, glossary, report.

Student’s workstation management server;
Helper server;
Interactive learning media content for “Fundamentals of Information and Computer Security” course;
SOTSBI tutorials editor. It is designed for interactive tutorials editing.


The tutorials editor

The editor allows performing the following actions:

  • introducing corrections into the current theoretical materials that are part of the tutorials, questions from the ‘Testing’ section, as well as the practical assignments from the ‘Simulation’ section;
  • creating new theoretical materials, questions from the ‘Testing’ section, as well as the practical assignments from the ‘Simulation’ section.

Using the editor does not require any programming language knowledge and allows introducing changes by means of completing ready-made templates according to the on-screen instruction.


SOTSBI-guard software for laboratory and research works

Avaiable tools and utilities: DNS server, vulnerability scanner, Rаdius AAA-server, H.323 gatekeeper, mail server, web-server, Kerberos server, MFS servers (HTTP server Apache, IP PBX Asterisk, Fail2ban, IPSec, firewall Iptables/Vuurmuur, Portsentry, PPTP server, FTP server ProFTPd, honeypot Dionaea, honeypot Artemisa, HIDS AIDE, MySQL server.)

All network area entities are connected by LAN.


Nester Network Attack server

The Nester Network Attack server, which allows you to generate various types of attacks, working in multi-user mode, has the ability to easily migrate test scripts and user-friendly interface.

Attacks on network elements, leading to the denial of service (filling bandwidth, distributed attack to fill the bandwidth, queue overflow to establish a connection, a distributed attack on the overflow line to establish a connection, overflow queue Web-service query and file transfer service, overflow ARP requests), udp-scanning attacks, tcp-scanning attacks.

The complex supports a virtual notepad and term glossary.


The SOTSBI-Lib electronic library

Stores materials designed for supplementary studies by post-graduate students during their independent work on completing research tasks.


The Lecturer’s workstation software

Implements the following functions:

  • remote control of the teaching process: during the process of studying the theoretical material, testing (getting access to laboratory assignments) and simulation (doing laboratory assignments), the teacher can monitor students’ workstations.
  • using teaching courses: the teacher can access all tutorials implemented in the laboratory-training class, i.e. go through all the teaching stages (theory, testing, modeling, credit), which are available to the students. The teacher can also complete practical and research tasks. 
  • using the 'Teacher' module:

The 'Teacher' module has been developed to help the teacher, It allows:

  • viewing any test being completed by a student at the Testing stage, searching for a particular question in the test and obtaining the correct answer;
  • making a quick search to obtain information on the Glossary item of interest;
  • viewing any task of the laboratory assignments offered to students at the Modeling stage and automatically obtaining the correct answer.
  • the teacher’s service opportunities.

The teacher has many ways to administer the complex. She/he can create, delete and edit the study groups and users, as well as browse and export student statistics on testing and block modeling completion.



Office 14, #7, Pestel street
Saint-Petersburg City




+7 (812) 273-78-27