Tech Solutions Library > AWS Case Study: Suffolk County Community College
Case Study

AWS Managed Services Leveraged for Next-Generation Cybersecurity Lab Prototype

Suffolk County Community College develops a prototype of their next-generation Cybersecurity Lab with AWS and CDW.
  • March 20, 2019

The Challenge

SCCC is a pioneer in IT security education with their Cybersecurity and Information Assurance degree program. The program focuses on applying security analysis tools to produce effective solutions for cybersecurity scenarios across a variety of platforms. SCCC complements extensive classroom education with hands-on experience in their Cybersecurity Lab.

SCCC had historically hosted their Cybersecurity Lab in an on-premises environment. Although this solution had served them well, much of the hardware was becoming end-of-life. In addition, this curriculum was becoming increasingly popular. SCCC was faced with a choice: refresh and expand their on-premises footprint or seek a more flexible and cost-effective solution.

For the SCCC staff, the choice was obvious. They would move their Lab environment to AWS. This decision presented many immediate challenges. As a historically on-premises organization, their AWS skill set was limited. In addition, many of their talented IT coworkers were also instructors, which limited their bandwidth to tackle a project of this scope and complexity. SCCC also wished to increase focus on strategic initiatives by relieving their staff of on-going maintenance.

Rearchitecting our Cybersecurity and Information Assurance curriculum in AWS is expected to not only increase accessibility, but also save our organization money compared to our legacy, on-premises environment.

Pete Maritato, Academic Chair of Engineer Science & Industrial Technology

The Solution

SCCC’s Cybersecurity Lab enables students to simulate cyberattacks and defensive strategies in a controlled environment. SCCC leverages a variety of tools such as Metasploit, Snort and Nmap to create these scenarios.  

Based on SCCC’s design criteria, CDW developed an architecture and prototype leveraging several AWS services to facilitate the creation of Cybersecurity environments and enable classroom on-boarding. In addition, CDW provided our AWS Managed Services to ensure consistency and availability of Cybersecurity Lab prototype. These services included:


Security Governance

The AWS Accounts and AWS Identity and Access Management (IAM) for IAM users, roles and groups were implemented according to AWS Security Best Practices. Any variations from these standards were reported on a dashboard enabling quick remediation.


Technical Account Management

CDW assigned a CDW Technical Account Manager (TAM) to ensure continuity and a high-level of customer experience. 


Technical Training and Best Practice Guidance

Through regular account reviews, the CDW TAM ensured continued implementation of AWS best practices as well ensuring all SCCC staff were able to confidently deploy and manage their virtual classrooms.    


AWS Technical Monitoring

CDW provided proactive monitoring of SCCC’s AWS infrastructure including availability, security and performance metrics. Remediation was applied to services as needed. 


AWS Technical Support Services

CDW provided 24/7 technical support including Level 1-3 and senior engineering support depending on the severity of the incident.

On the technical side, CDW worked closely with the customer to help architect and deliver a Cybersecurity Lab prototype which included the following AWS Services:


AWS CloudFormation

AWS CloudFormation was leveraged to allow rapid deployment of AWS Virtual Private Clouds (VPCs), IAM Groups and Amazon EC2 instances. Focusing on Infrastructure as Code enabled SCCC to rapidly deploy and scale their virtual classrooms. 


Amazon Cognito

Amazon Cognito allowed SCCC to leverage their existing on-premises Active Directory as an Identity Provider and provide access to relevant AWS services via Cognito Federated Identities.


Amazon S3

Amazon S3 was leveraged to host the Lab’s landing page. S3 automatically scales up to meet growing demand while providing 99.99% availability. 


Amazon WorkSpaces

Amazon WorkSpaces is a managed, secure cloud desktop service. WorkSpaces will enable the creation of individualized attack and defensive environments for each student. In addition, WorkSpaces provided a consistent experience regardless of device.    

AWS will make our Cybersecurity curriculum easy to access and use while preserving the security of the SCCC network. Additionally, the combination of AWS capabilities and CDW tools is expected to allow us to ensure academic integrity by monitoring and reporting student activity within the system. By engaging CDW to help us build the Cybersecurity Lab prototype, we will be able to focus on curriculum development and expedite the final deployment.

Stephen J. Clark, College Director of Infrastructure Services

Expected Benefits 
 
An Expected Reduction in Operational Expenses

SCCC forecasts a reduction in the operational expenses of their Cybersecurity Lab compared to hosting it in their on-premises datacenter. Expense reductions are expected to be driven by decreased staffing costs for on-premises monitoring and support. SCCC’s goal is to decrease the cost of deploying the Lab environment so that a student’s Lab costs no more than a textbook. Controlling costs is also expected to further decrease SCCC’s reliance on grants.

An Expected Reduction in Capital Expense

When fully deployed, SCCC will be able to avoid a costly refresh of on-premises equipment while positioning their organization for rapid expansion.

Increased Focus on Strategic Initiatives:

By leveraging CDW’s AWS Managed and Professional Services, SCCC will enable their IT staff to focus on developing next-generation cybersecurity curriculum.    



Optimize your infrastructure with AWS Cloud Services from CDW.

Share this article

You May Also Like

Webinar

Simplify Cloud Management - Modernize with Azure Services by CDW

Dive deeper into managing costs, reporting, getting live support and developing smarter cloud-focused architectures when managing Azure and other public clouds.

Tech Tips

What are the Different Types of Cloud Computing Services?

What is the difference between Software-as-a-Service, Infrastructure-as-a-Service and Platform-as-a-Service? How can each type of cloud service benefit your business?

Tech Tips

Why SaaS is the Right Choice for Your Business?

What is SaaS, and how can it help you increase the efficiency of your business? What are the different types of SaaS applications you can use?