Enterprise Campus Network Architecture
A comprehensive, multi-layered network design lab simulating a secure corporate environment. This project integrates structural subnetting, dynamic backbone routing, centralized domain directory policies, and edge perimeter defenses.
- Layer-2 Isolation via Departmental VLAN Segmentation
- Multi-Area OSPF Dynamic Routing Layer Core
- Centralized Windows Domain Access via Active Directory
- Zone-Based Perimeter Control via Fortinet Firewall
The Enterprise Challenge
Multi-department organizations running unsegmented network architectures face immediate structural vulnerabilities. Flat networks suffer from extensive broadcast domain pollution, lack traffic prioritization controls, allow unmonitored cross-department lateral movement, and isolate identity verification, complicating centralized client auditing and access controls.
The Engineered Solution
I engineered a secure, multi-tier virtualized campus network. By applying strict VLAN separations at the access switch layer, establishing dynamic OSPF pathways, deploying centralized Windows Active Directory servers (AD DS, DHCP, DNS), and implementing strict zone policies via a virtual Fortinet Firewall appliance, threat surfaces are minimized across all zones.
Core Engineering Implementations
VLAN Segmentation
Deploys isolated broadcast domains across dedicated departmental switchports linked with 802.1Q trunking to optimize path boundaries.
OSPF Routing Layer
Implements Open Shortest Path First protocols to manage dynamic link availability paths, complete with DHCP relay configurations.
Active Directory Matrix
Establishes centralized object governance, automates IP parameters via DHCP scopes, handles DNS lookup trees, and pushes strict Group Policies.
Fortinet Perimeter Rules
Configures next-generation firewall interfaces to enforce zone policies, parse inter-VLAN access lists, and implement NAT translation rules.
Technical Ecosystem Mapping
| Simulation Platforms | GNS3 Engine, VMware Workstation Pro Environment |
| Identity & System Node | Windows Server 2016 Core (AD DS, DNS Infrastructure, DHCP Scopes) |
| Network Switching Core | Cisco IOS Virtual Multilayer Routers & Access Switches |
| Firewall Appliance | Fortinet FortiGate Virtual Firewall (FortiOS Zone-Policies) |
| Configured Protocols | OSPF Dynamic Routing, 802.1Q Trunking, DHCP Relay, NAT Maps, GPO Lists |
Enterprise Engineering Perspective
This lab architecture models a blueprint for production corporate networks. Successfully chaining low-level layer-2 loop mitigations with high-level server group directory architectures and zone-separated defensive edges demonstrates structural readiness across Network Engineering, Systems Administration, and Infrastructure Security tracks.
Secure Core
Hybrid Enterprise Topology
Topology Blueprints & Lab Architecture Viewports
Review the complete enterprise network maps and use-case layouts. These visuals are expanded to edge-to-edge structural view containers for full-frame clarity.
Comprehensive Lab Infrastructure Topology Map
The use case diagram demonstrates how users, administrators, network services, and infrastructure components interact within the environment.
Project Assets & Verification
Access the localized configuration settings repository, clone the laboratory topology data, or audit operational deployment checklists.