GitHub - Minhthepud/NetSec-Infrastructure-Lab: A comprehensive Network Security simulation on Cisco Packet Tracer. Features Cisco ASA 5506-X (DMZ, NAT, MPF), IOS Zone-Based Firewall (ZBF), IPSec Site-to-Site VPN, and Advanced Device Hardening (AAA, SSHv2, Port Security)

Minhthepud / NetSec-Infrastructure-Lab Public

Notifications You must be signed in to change notification settings
Fork 0
Star 0

A comprehensive Network Security simulation on Cisco Packet Tracer. Features Cisco ASA 5506-X (DMZ, NAT, MPF), IOS Zone-Based Firewall (ZBF), IPSec Site-to-Site VPN, and Advanced Device Hardening (AAA, SSHv2, Port Security)

0 stars 0 forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
Config.txt		Config.txt
Diagram.png		Diagram.png
IP Table.pdf		IP Table.pdf
NetSec.pkt		NetSec.pkt
Network_Implementation_Plan.pdf		Network_Implementation_Plan.pdf
README.txt		README.txt

Repository files navigation

========================================================================
NETWORK SECURITY PROJECT - ENTERPRISE FIREWALL & VPN LAB
========================================================================

1. PROJECT OVERVIEW
------------------------------------------------------------------------
This project focuses on designing and deploying a secure enterprise network 
infrastructure. It connects a Headquarters (HQ) with a Branch Office via a 
simulated Internet connection, enforcing strict security policies using 
Firewalls and VPNs.

Key security technologies implemented:
- Perimeter Security: Cisco ASA 5506-X (DMZ, NAT, ACLs, MPF).
- Internal Security: IOS Zone-Based Firewall (ZBF).
- Secure Connectivity: IPSec Site-to-Site VPN (AES-256 encryption).
- Device Hardening: AAA, SSHv2, Login Block, Port Security.

2. FILE LIST AND DESCRIPTIONS
------------------------------------------------------------------------
Below are the details of the files included in this project repository:

[+] NetSec.pkt
    -> Cisco Packet Tracer Source File.
       This is the simulation lab file. Open this with Cisco Packet Tracer 
       to view the topology, interact with devices, and test connectivity.
       (Note: Ensure you have a compatible version of Packet Tracer installed).

[+] IP Table.docx
    -> IP Addressing Plan.
       A detailed document listing Interfaces, IP Addresses, Subnet Masks, 
       and Security Zones (Inside/Outside/DMZ) for all devices (Routers, 
       ASA, Switches).

[+] Network_Implementation_Plan.docx
    -> Step-by-Step Deployment Guide.
       A comprehensive manual following a 5-phase security implementation:
       - Phase 1: Physical Connectivity & Basic Addressing.
       - Phase 2: Routing Infrastructure (OSPF & Static).
       - Phase 3: Device Hardening (AAA, SSH, Port Security).
       - Phase 4: Perimeter Security (ASA Firewall & ZBF).
       - Phase 5: VPN Connectivity (IPSec Site-to-Site).

[+] Config.txt
    -> Full Configuration Script (CLI).
       Contains the complete, hardened configuration commands for all devices 
       (R1, R2, R3, ASA, S1, S2). These scripts include security policies, 
       ACLs, NAT rules, and VPN parameters ready for deployment.

3. QUICK START GUIDE
------------------------------------------------------------------------
1. Open 'NetSec.pkt' in Cisco Packet Tracer.
2. Refer to 'IP Table.docx' to understand the network layout and addressing.
3. Follow the steps in 'Network_Implementation_Plan.docx' to understand 
   the configuration logic and verification methods.
4. Use 'Config.txt' to review or re-apply configurations to the devices.

========================================================================
Thank you for checking out this project.

Hope it helpful :)