Vigrid is a opensource and free (for non commercial use) Cyber Range framework.
However, it is not limited to such a use. Vigrid also fits into engineering tests, trainings, awarenesses, virtual network setup for any use (data collect, tests etc).
What is a Cyber Range ?
To explain it simply, soldiers needs to train in order to be the most efficient during war times. They rely on training grounds where they can use real weapons of any kind, even sometimes with real ammo.
A Cyber Range is exactly the same...in the computer world.
A Cyber Range offers to build virtual networks with the same operating systems, devices, vendor solution etc existing in the real world. The only difference is these are in real virtual machines. Once such a network is built, it can be used the same as if it was a real physical network.
The main difference is a virtual network can be rewind so the same training can start over and over again until learnt...without being forced to install everything again.
Cyber Range network designs
It is a standard with Cyber Ranges, as well as warfare, to use the Blue Team / Red Team designs.
In warfare, Blues must take the flag from Reds and vice-versa.
In Cyber Ranges, Reds are oftenly the attackers and Blues must defend the place...still being capable to attack Reds if they can.
What is Vigrid in all this ?
Vigrid is an extension to the famous GNS3 software. GNS3 is using emulators such as Qemu or docker, adding its own tools to virtualize the network into a easy to use orchestrating solution, including heavy client to build virtual networks, appliances etc.
Vigrid is only completing/extending GNS3 to provide a much more efficient way other capacilities such as ondemand or industrial cloning, framework designs, cyber range network design ready, remote access...
Once Vigrid is installed, GNS3 capabilites are demultiplicated:
Multiple CPU emulations over Qemu (see Qemu CPU list)
GPU access on Qemu VMs via VirGL
Cyber Range ready design (with or without Blue/Red admin networks)
Virtual networks attachable to physical networks
Virtual networks isolated from each other (except if attached to the same physical network)
Extended functions such as:
- NAS ready (or not) architecture design
- VPN seamless access (USERtoLAN and LANtoLAN)
- Vigrid network design automatically build bonding ready network links
- Easy project ondemand or industrial cloning without time & storage cost
- Easy project snapshot & rollback
- Easy project balanced launches (over any number of Vigrid slaves)
- Easy project/nodes launch & controls over an easy to use WWW interface
Future: scenario automation to control agents (*nix, windows...) hosted into virtual networks
Future: RBAC (Role Based Access Control) to come with GNS3 v3
Enough bla bla, let's go to the real world now
To be able to install Vigrid, you must first understand the possible architectures.
Vigrid can be standalone without a NAS (Network Attached Storage). That is the simplest design. Vigrid will then configure the server to have all its features.
Vigrid can also use a NAS, either being a standalone server, or part of a Farm, either for cloning or scalability.
Vigrid can install Cyber Range network design (with or without Blue/Red Admin), or let you manage this part.
| Vigrid Types |
Vigrid Logo |
Pros |
Cons |
Vigrid standalone server
without NAS |
 |
Easy+quick install via installation script
Still Vigrid features (CPU/GPU, snapshot, cloning...) are available
Auto detection of available physical drives for Vigrid secure storage
Vigrid Cyber Range network design possible
|
Can't be part of a farm that requires central storage
|
Vigrid standalone server
with NAS |
 |
Easy+quick NAS & server install via installation script
Auto detection of available physical drives for Vigrid NAS secure storage
Same features as Vigrid standalone server without NAS
Plus the possibility to change into a Vigrid Master Server to control a Farm (Cloning or Scalable)
|
Vigrid NAS must be installed (much better). However, other NAS might fit if SSH root access over SSH key is possible and NAS is using either BTRfs or ZFS over NFS.
Server cant be standalone anymore. Network infrastructure (switch etc) is required.
|
Vigrid Master server
with NAS |
 |
Easy+quick NAS & server install via installation script
Auto detection of available physical drives for Vigrid NAS secure storage
Same features as Vigrid standalone server without NAS
Master server gateway to access all Vigrid Slave Servers (either for cloning or scalability)
Unlimited number of Slaves can be controlled
|
Vigrid NAS must be installed (much better). However, other NAS might fit if SSH root access over SSH key is possible and NAS is using either BTRfs or ZFS over NFS.
Server cant be standalone anymore. Network infrastructure (switch etc) is required.
|
Vigrid Slave
(with NAS) |
|
Cloning Farm: provide more CPU/memory to the Farm, permitting to run more clones at a time
Scalable Farm: provide more CPU/memory to extend even more a big virtual network(s) project
|
|
| Vigrid Network Designs |
Pros |
Cons |
| Vigrid TINY Cyber Range |
Network ready design. NICs are detected and configured, Firewall rules installed, VPN access provided.
Bond ready network. Upon other NIC available, load balance, failover... can be setup easily
DHCP server for VM linked to Vigrid Control Tower
NAS can be attached to WAN side (advised) for reduced DoS risk
|
Require 4 physical network interfaces: Internet, Admin, Blue & Red
|
| Vigrid FULL Cyber Range |
Network ready design. NICs are detected and configured, Firewall rules installed, VPN access provided.
Bond ready network. Upon other NIC available, load balance, failover... can be setup easily
DHCP server for VM linked to Vigrid Control Tower
NAS can be attached to WAN side (advised) for reduced DoS risk
|
Require 6 physical network interfaces: Internet, Admin, Blue Admin, Red Admin, Blue & Red
|
| No Vigrid network design |
DHCP Server proposed (yours to configure) during install
|
Your job, your limits, your issues :-)
|
Vigrid Cyber Range Security Policy
Network Attached Storage installation, before servers.
Vigrid Server (any type or network design).
How to use Vigrid