Building a network from scratch

At Divergence, we were tasked with creating a secure network infrastructure for a small MSP (Managed service provider). We were split into teams of four to work on the project for two weeks. Under the guidance of our senior engineer instructor, we worked on a variety of assignments to create a network that was both efficient and secure.

Our team members were: 

• Jaylen Stroman
• Christopher Moore
• Derick Akomprah
• Carlos Lokey

Our Senior Network Engineer was: 

• Michael Williams

We were given the WAN-Cloud and WAN-Switch as a starting point in GNS3. We began by building our network infrastructure, adding new devices to the workspace and connected them together. We configured the LAN network on the firewall and added a Win10 workstation using the Fortinet firewall GUI.

Next, we installed the “Active Directory Domain Services” server role on the Windows 2012 Server, created new AD user accounts. The Win10 machine was then promptly added onto the local domain. We installed an IIS web server on a win2012r2 server. This too was added to the domain. We installed the “Internet Information Services” as the server role everything was tested along the way to ensure connectivity so that users were able to access what they needed according to their admin or users group they were assigned to.

In the DMZ network, we created a LAMP web server on an Ubuntu system and an FTP service on another win2012r2 server. Below you can see the results of our hard work. The topology below displays how everything was connected.

Once everything was created, we used the DocuWiki to document important information such as hostnames, FQDN's, a-records, network info, and services on each individual

Cybersecurity is an immensely important part of our work and should always be taken seriously. As part of our efforts to harden the environment, we researched how to secure our FortiGate firewall, Windows 10, Windows server, and our Ubuntu server.

We used vulnerability scanning tool called GreenBone to create a target of the WAN interface IP for the firewall. We created a report from our scan. It is linked here:

We took this report and identified the issues labelling what they were, the summary, impact and a solution to each of these issues along with their severity.  We had our senior engineer give us tasks and drop in at designated checkpoints to ensure the quality and accuracy of our project.

Working on this network infrastructure project for a small MSP has been a great experience for us. We were able to apply our knowledge and skills in configuring network devices, setting up security measures, and implementing best security practices to create a secure and efficient network infrastructure. Our team learned the importance of collaboration, communication, and attention to detail in such projects. We are proud of what we accomplished, and we look forward to applying our newfound knowledge and skills in our future endeavors.
 

And that's the end of our project! 

Thank you for joining me here and don't forget to add me on LinkedIn!