Blue Team | Securing Your Network Project for Bees Knees Inc.

This project involved designing and deploying a secure network architecture for Bees Knees Inc., with a focus on security, efficiency, and accessibility. The network was divided into two key segments: the internal network and the DMZ (Demilitarized Zone). The DMZ hosted a web server with a database and an FTP server, allowing external users to securely access services while protecting the internal network.

Firewalls were configured with both Intrusion Prevention Systems (IPS) and pfBlockerNG for content filtering and traffic management. The IPS detected and blocked suspicious activities, while pfBlockerNG filtered out malicious content and restricted access to potentially harmful websites.

The internal network featured critical components:

Domain Controller: Managed user authentication and access control, ensuring only authorized personnel had access to sensitive information.
Secure Admin Workstation (SAW): A dedicated, highly secure machine for network administration, protected with enhanced security protocols.
File Server: Hosted internal resources, securely storing files and only accessible to authenticated users.
Pi-Hole: An optional DNS-based filtering solution, blocking advertisements and preventing access to known malicious domains.
Internal Machines: Workstations used by employees, protected by internal firewalls and security policies to ensure safe access to resources.
External machines or remote users could interact with the DMZ, but firewalls ensured that only specific traffic reached the servers in this zone, maintaining the integrity of the internal network.

The project’s key achievements include secure web and FTP server setup, robust firewall configurations, and comprehensive network segmentation. Additional security measures like Pi-Hole and custom credential management further ensured the security of both internal and external communications, mitigating the risks of unauthorized access and data breaches.