Work

Enterprise Network Configuration

Networking
Linux
DHCP
DNS
LDAP
Security

Configured and deployed a complete enterprise network on Linux, integrating key network services and security protocols to ensure connectivity, authentication, and data integrity.

Enterprise Network Configuration
Overview

This project focused on designing and configuring an enterprise network on a Linux-based infrastructure. The network consists of multiple subnets connected via a router acting as a relay agent, with services distributed across dedicated servers. The goal was to ensure secure communication, authentication, and efficient resource sharing among users.

Network Architecture
  • Two Subnets: Separate networks connected through a router.
  • Router & Switches: Facilitates communication between devices and servers.
  • Dedicated Servers: Each protocol has a designated server for optimized performance.
Configured Services & Protocols
  1. DHCP (Dynamic Host Configuration Protocol)
    • Implemented a DHCP server to dynamically assign IP addresses to clients.
    • Configured a relay agent to link both subnets.
  1. DNS (Domain Name System)
    • Set up a master DNS server using BIND9.
    • Configured a slave DNS server to improve redundancy and security.
    • Integrated domain name resolution with enterprise authentication.
  1. LDAP (Lightweight Directory Access Protocol)
    • Configured LDAP with SLAPD for centralized user authentication.
    • Allowed secure storage and management of credentials.
  1. FTP (File Transfer Protocol)
    • Set up an FTP server using vsftpd for secure file sharing within the enterprise.
    • Restricted access to users within the local subnet.

  1. Mail Server (Postfix & Courier-IMAP)

    • Deployed a mail server to handle internal email communication.
    • Configured spam filtering and mailbox management.

  2. HTTP & HTTPS (Web Hosting with Apache2)

    • Hosted two web pages: one public and one with restricted access.
    • Integrated SSL/TLS for secure communication.
Security Measures Implemented
  • Firewall & Access Control: Configured iptables and firewall rules to restrict unauthorized access.
  • User Authentication & Access Rights: LDAP managed authentication for network resources.
  • SSL/TLS Encryption: Ensured secure communication over HTTP and mail services.
  • Backup & Failover Strategies: Implemented a slave DNS server to prevent downtime.
Results & Achievements
  • Successfully established a fully functional enterprise network on Linux.
  • Ensured seamless connectivity and authentication between users and services.
  • Improved security with encrypted communications and access controls.
  • Demonstrated the ability to configure and manage essential enterprise networking services.
Practical Demonstration

A hands-on demonstration was conducted showcasing:

  • Client DHCP IP assignment.
  • Domain resolution via DNS.
  • User authentication with LDAP.
  • Secure file transfer using FTP.
  • Internal email exchange with Postfix.
  • Secure web hosting with HTTPS.
Contributors
  • Imad-Eddine NACIRI