Designed and executed a comprehensive firewall architecture for a medium-sized company operating on an IPv4 network. The architecture incorporates effective security tactics to safeguard the organization's network infrastructure.

• Email Server Configuration: Configured and secured an email server hosted on an external cloud (Cybera) to facilitate communication.

• DNS Forwarder Implementation: Implemented a DNS forwarder for the internal network to enhance domain resolution efficiency.

• Name Server for External Network: Set up a name server for the external network to manage domain name translations.

• Web Server Configuration: Configured a web server listening on port 443, ensuring secure and encrypted communication.

• Order Tracking Server Access: Made an order tracking server available to a subset of customers, managing access controls.

• VPN Connection to Remote Cloud Storage: Established a secure and encrypted VPN connection to cloud storage at a remote location, ensuring data confidentiality during transmission.

• Additional Security Mechanisms: Implemented additional security mechanisms on the link, network, or transport layer to fortify the overall security posture.

• Network Topology Configuration: Configured the network topology using the Cybera rapid access cloud, optimizing resource utilization.

• Secure VPN Connection: Established a secure and encrypted VPN connection for outgoing data to the external cloud, ensuring data integrity and confidentiality.

• Firewall Iptables Rules: Implemented iptables rules within the firewall to block unwanted external access, enhancing network security.

• Zeek IDS Integration: Integrated Zeek IDS to detect network traffic anomalies, providing proactive threat detection and response capabilities.