Imad-Eddine NACIRI
← Back to Projects

Enterprise Network Configuration

Configured and deployed a complete enterprise network on Linux, integrating key network services and security protocols to ensure connectivity, authentication, and data integrity.

3/3/2022
Live Demo View Code
NetworkingLinuxDHCPDNSLDAPSecurity
Enterprise Network Configuration
Overview

This project focused on designing and configuring an enterprise network on a Linux-based infrastructure. The network consists of multiple subnets connected via a router acting as a relay agent, with services distributed across dedicated servers. The goal was to ensure secure communication, authentication, and efficient resource sharing among users.

Network Architecture
  • Two Subnets: Separate networks connected through a router.
  • Router & Switches: Facilitates communication between devices and servers.
  • Dedicated Servers: Each protocol has a designated server for optimized performance.
Configured Services & Protocols
  1. DHCP (Dynamic Host Configuration Protocol)
    • Implemented a DHCP server to dynamically assign IP addresses to clients.
    • Configured a relay agent to link both subnets.
  1. DNS (Domain Name System)
    • Set up a master DNS server using BIND9.
    • Configured a slave DNS server to improve redundancy and security.
    • Integrated domain name resolution with enterprise authentication.
  1. LDAP (Lightweight Directory Access Protocol)
    • Configured LDAP with SLAPD for centralized user authentication.
    • Allowed secure storage and management of credentials.
  1. FTP (File Transfer Protocol)
    • Set up an FTP server using vsftpd for secure file sharing within the enterprise.
    • Restricted access to users within the local subnet.

  1. Mail Server (Postfix & Courier-IMAP)

    • Deployed a mail server to handle internal email communication.
    • Configured spam filtering and mailbox management.

  2. HTTP & HTTPS (Web Hosting with Apache2)

    • Hosted two web pages: one public and one with restricted access.
    • Integrated SSL/TLS for secure communication.
Security Measures Implemented
  • Firewall & Access Control: Configured iptables and firewall rules to restrict unauthorized access.
  • User Authentication & Access Rights: LDAP managed authentication for network resources.
  • SSL/TLS Encryption: Ensured secure communication over HTTP and mail services.
  • Backup & Failover Strategies: Implemented a slave DNS server to prevent downtime.
Results & Achievements
  • Successfully established a fully functional enterprise network on Linux.
  • Ensured seamless connectivity and authentication between users and services.
  • Improved security with encrypted communications and access controls.
  • Demonstrated the ability to configure and manage essential enterprise networking services.
Practical Demonstration

A hands-on demonstration was conducted showcasing:

  • Client DHCP IP assignment.
  • Domain resolution via DNS.
  • User authentication with LDAP.
  • Secure file transfer using FTP.
  • Internal email exchange with Postfix.
  • Secure web hosting with HTTPS.
Contributors
  • Imad-Eddine NACIRI