A secure, scalable, and highly available enterprise network designed and simulated in Cisco Packet Tracer using industry-standard networking practices including hierarchical architecture, dynamic routing, VLAN segmentation, redundancy, and network security controls.
This project presents the design and implementation of a modern enterprise network infrastructure for a trading floor support center expansion. The network follows Cisco's three-tier hierarchical model, ensuring:
- High Availability
- Network Redundancy
- Efficient Traffic Management
- Secure Communication
- Future Scalability
The entire infrastructure was designed, configured, and validated using Cisco Packet Tracer, simulating real-world enterprise networking scenarios.
β Design a scalable enterprise network architecture
β Implement redundancy across critical network components
β Enable secure communication between departments
β Provide efficient inter-VLAN communication
β Configure dynamic routing using OSPF
β Secure network devices with SSH
β Implement internet connectivity using NAT/PAT
β Apply security policies through ACLs and Port Security
β Validate functionality through simulation testing
The network follows a Three-Tier Hierarchical Design Model.
Responsible for high-speed backbone connectivity.
- Dual Core Routers
- Dual Multilayer Switches
- Dual ISP Connections
- Redundant Paths
- Fast Routing Decisions
- High Availability
- Load Distribution
Acts as the intermediary between the Core and Access layers.
- Layer 3 Distribution Switches
- VLAN Segmentation
- Routing Policies
- Inter-VLAN Routing
- Traffic Filtering
- Route Summarization
- Policy Enforcement
Provides connectivity for end devices.
- Departmental Access Switches
- End User Workstations
- Wireless Access Points
- Port Security
- VLAN Assignment
- User Connectivity
- Network Access Control
ISP-1
|
+-----------+
| Core RTR1 |
+-----------+
||
+-----------+
| Core RTR2 |
+-----------+
|
-------------------------------------
| |
+-------------+ +-------------+
| L3 Switch 1 |===================| L3 Switch 2 |
+-------------+ +-------------+
| |
----------------------------------------------------------
| | | | | |
Sales HR Finance Admin ICT Servers
VLAN10 VLAN20 VLAN30 VLAN40 VLAN50 VLAN60
| Category | Technology |
|---|---|
| Simulation Platform | Cisco Packet Tracer |
| Routing Protocol | OSPF |
| Layer 2 Segmentation | VLANs |
| Layer 3 Routing | SVIs |
| Address Assignment | DHCP |
| Internet Access | NAT / PAT |
| Security | ACLs |
| Remote Management | SSH v2 |
| Switch Security | Port Security |
| Monitoring | SNMP |
192.168.0.0/22
| VLAN | Department | Network |
|---|---|---|
| 10 | Sales & Marketing | 192.168.10.0/24 |
| 20 | HR & Logistics | 192.168.20.0/24 |
| 30 | Finance & Accounts | 192.168.30.0/24 |
| 40 | Admin & Public Relations | 192.168.40.0/24 |
| 50 | ICT Department | 192.168.50.0/24 |
| 60 | Server Room | 192.168.60.0/24 |
10.10.10.0/30
103.133.254.0/30
The network uses:
OSPF Area 0
- Fast convergence
- Scalability
- Efficient route calculation
- Automatic route advertisement
Implemented using:
Switch Virtual Interfaces (SVIs)
- High-speed Layer 3 switching
- Simplified management
- Reduced router dependency
Used for:
- Default Route Configuration
- ISP Connectivity
- Failover Mechanisms
Security was incorporated at multiple layers of the network.
ACLs were configured to:
- Restrict unauthorized access
- Protect sensitive resources
- Control inter-department traffic
Secure remote administration was enabled using:
SSH v2
- Encrypted management sessions
- Protection against credential interception
- Secure device administration
Applied primarily on Finance Department access ports.
- MAC Address Binding
- Unauthorized Device Prevention
- Violation Detection
Implemented for secure internet connectivity.
- Private to Public Address Translation
- Internet Access Sharing
- Address Conservation
Configured on sensitive interfaces to ensure:
- Authorized device connectivity
- Enhanced endpoint security
Dynamic Host Configuration Protocol (DHCP) was configured for automatic IP assignment.
- Automated IP Allocation
- Reduced Administrative Overhead
- Consistent Network Configuration
IP Helper Address
was configured to forward DHCP requests across VLANs.
Simple Network Management Protocol (SNMP) was implemented for:
- Device Monitoring
- Network Performance Analysis
- Fault Detection
- Centralized Management
The network was thoroughly validated within Cisco Packet Tracer.
- Inter-VLAN Ping
- End-to-End Connectivity
- Server Reachability
- OSPF Neighbor Validation
- Route Table Inspection
- Traceroute Analysis
- Dynamic IP Allocation
- DHCP Relay Verification
- ACL Enforcement
- SSH Access Testing
- Port Security Validation
- Core Device Failover
- ISP Failover Simulation
- Link Failure Recovery
The implemented solution successfully achieved:
β Secure departmental segmentation
β Reliable inter-VLAN communication
β Dynamic and efficient routing
β Secure device management
β Internet connectivity through NAT/PAT
β High availability through redundancy
β Enterprise-level scalability
- Hierarchical Enterprise Design
- Dual Core Redundancy
- Dual ISP Connectivity
- OSPF Dynamic Routing
- VLAN-Based Segmentation
- Inter-VLAN Routing
- DHCP & DHCP Relay
- NAT/PAT Internet Access
- SSH Device Management
- ACL-Based Security
- Port Security Enforcement
- SNMP Monitoring
Cisco Networking Academy, Routing and Switching Essentials v6 Companion Guide, Cisco Press, 2016.
| Name | Registration Number |
|---|---|
| Anany Singh | RA2311031010085 |
| Syed Muhammad Rizvi | RA2311031010086 |
| Ishan Shrinath | RA2311031010064 |
Course: 21CSC302J β Computer Networks
Institution: SRM Institute of Science and Technology
Department: Networking and Communications
Submission: November 2025
This project was developed for academic and educational purposes as part of the Computer Networks coursework at SRM Institute of Science and Technology.
β If you found this project useful, consider giving the repository a star.