Project Title: Building a Creative and Cost-Effective Network Security: Using Open-Source Tools
Overview:
This project demonstrates the design and deployment of a secure, segmented virtual network using open-source tools and virtualized infrastructure. The goal is to create an effective, budget-friendly cybersecurity environment for learning and testing.
Architecture Highlights:
VLAN Segmentation:
The network is divided into multiple VLANs: user networks, a dedicated honeypot VLAN, and a management VLAN for firewall connectivity.
Core Switching:
A primary and backup core switch use SVI interfaces for inter-VLAN routing. The backup holds standby configurations for failover.
Firewall Integration:
A virtual FortiGate firewall connects the internal VLANs to the WAN, enforcing traffic filtering and acting as the network perimeter.
Security Layer:
Kali Linux (Bridge Sensor): Runs Snort (IDS/IPS) and ClamAV for traffic analysis and malware detection.
Honeypot: Isolated in its own VLAN to capture malicious activity.
Wazuh SIEM: Deployed on a separate Kali Linux system to receive logs from both the honeypot and sensor.
Syslog Integration:
All logs from honeypot and sensor are forwarded to the SIEM for centralized monitoring and event correlation.
Virtual Testing with GNS3:
The entire network is simulated using GNS3, allowing full control and testing of switching, routing, firewall, and monitoring tools.
Tools Used:
Linux (Ubuntu/Kali), Snort, ClamAV, Wazuh SIEM, FortiGate (VM), Wireshark, GNS3.