International Journal of Science, Engineering and TechnologyAuthors: M. Sri Krishna, M. Vishnuvardhan, R. Annamaiah, Mrs.Sivaselvi. k
Abstract: In today’s corporate landscape, the high-speed data transit and robust cybersecurity is no longer optional, it is a fundamental requirement for business continuity. This paper details the design and deployment of Enterprise Campus Network Security Architecture, using Cisco Packet Tracer. The primary objective was to build a resilient “Defense-in-Depth” security architecture for a distributed enterprise campus. The architecture is built upon a hierarchical three-tier mode, utilizing a redundant core powered by the Hot standby Router Protocol (HSRP) and OSPF dynamic routing to eliminate single point of failure. At the enterprise edge, Cisco ASA firewalls serve as the primary gatekeepers, implementing stateful packet inspection and isolating servers within a secure Demilitarized Zone (DMZ). The critical component of this project is to establish a Site-to-Site IPsec VPN tunnel, which provides an encrypted bridge between the Headquarters and the Branch network, ensuring the sensitive data remains confidential while Routing data across public ISP networks. We make the network a lot safer right at the entry point by locking down the switch hardening techniques, including Port Security witch Sticky MAC addressing, DHCP Snooping, and Dynamic ARP Inspection (DAI) to mitigate internal ‘Man-in-the-middle’ threats. The Successfully implementation of these technologies together, we’ve built a network that’s both highly reliable and easy to use, without compromising on security. It strikes a balance between letting employee access what they need and maintaining a strict ‘Zero-trust’ policy.
