Securing an Information System

Context

The goal of this project was to design a secure information system for a company, integrating several essential services such as an LDAP directory, an NFS file server, secure email, and VPN access. The challenge was to ensure a reliable infrastructure tailored to user needs, while strengthening protection against potential threats.
Setting up this architecture required careful consideration of access management, communication security, and user authentication. The chosen approach involved creating a segmented network with precise filtering rules, while integrating advanced mechanisms such as TLS certificate management and firewall configuration. Through collaborative work, we designed a functional and robust infrastructure, validated by a technical presentation and practical demonstrations.

Skills Developed

Example of implementation:

• Designing a secure network and segmenting traffic flows.
• Deploying and configuring critical services: LDAP, DNS, NFS, VPN, and email.
• Implementing a firewall with appropriate filtering rules.
• Centralized authentication via LDAP and integration with various services.
• Securing remote connections using OpenVPN and TLS certificates.
• Certificate management and implementing a CA to ensure communication integrity.
• Server administration and configuration optimization to ensure IS performance.
• Experience with virtualization using VirtualBox to test and deploy services.
• Methodical approach to cybersecurity to anticipate and mitigate risks related to information systems.

This project allowed us to develop essential skills in cybersecurity and system administration, by applying technical solutions adapted to the requirements of a professional environment.