Designed and executed a comprehensive firewall architecture for a medium-sized company operating on an IPv4 network. The architecture incorporates effective security tactics to safeguard the organization's network infrastructure.
-
Email Server Configuration: Configured and secured an email server hosted on an external cloud (Cybera) to facilitate communication.
-
DNS Forwarder Implementation: Implemented a DNS forwarder for the internal network to enhance domain resolution efficiency.
-
Name Server for External Network: Set up a name server for the external network to manage domain name translations.
-
Web Server Configuration: Configured a web server listening on port 443, ensuring secure and encrypted communication.
-
Order Tracking Server Access: Made an order tracking server available to a subset of customers, managing access controls.
-
VPN Connection to Remote Cloud Storage: Established a secure and encrypted VPN connection to cloud storage at a remote location, ensuring data confidentiality during transmission.
-
Additional Security Mechanisms: Implemented additional security mechanisms on the link, network, or transport layer to fortify the overall security posture.
-
Network Topology Configuration: Configured the network topology using the Cybera rapid access cloud, optimizing resource utilization.
-
Secure VPN Connection: Established a secure and encrypted VPN connection for outgoing data to the external cloud, ensuring data integrity and confidentiality.
-
Firewall Iptables Rules: Implemented iptables rules within the firewall to block unwanted external access, enhancing network security.
-
Zeek IDS Integration: Integrated Zeek IDS to detect network traffic anomalies, providing proactive threat detection and response capabilities.