1. Repositorio Institucional UNAD
Please use this identifier to cite or link to this item: https://repository.unad.edu.co/handle/10596/81277
Full metadata record
DC FieldValueLanguage
dc.contributor.advisorCuesta Rodriguez, Alkigner
dc.coverage.spatialcead_-_josé_celestino_mutis
dc.creatorRuiz Diaz, Cristian david
dc.creatorSuarez Yepes, Juan Diego
dc.creatorBenitez Benitez, Cesar Luis
dc.creatorPerafan Garcia, Jean Marcos
dc.creatorRuiz Merlo, Pablo Alonso
dc.date.accessioned2026-05-26T14:38:49Z-
dc.date.available2026-05-26T14:38:49Z-
dc.date.created2026-05-20
dc.identifier.urihttps://repository.unad.edu.co/handle/10596/81277-
dc.description.abstractEl proyecto presenta la implementación de una solución integral de seguridad perimetral basada en GNU/Linux mediante Endian Firewall Community. La infraestructura se desplegó en VirtualBox con tres zonas de seguridad: GREEN (LAN), ORANGE (DMZ) y RED (WAN), integrando un cliente Ubuntu Desktop y un servidor Ubuntu Server con IP estática. Se configuraron reglas de NAT para permitir el acceso seguro a Internet y se verificó la conectividad con herramientas como ping y DNS. Posteriormente, se aplicaron reglas de Port Forwarding (DNAT) para publicar servicios web (Apache) y FTP (vsFTPd) desde la DMZ, junto con políticas de filtrado que bloquearon ICMP. Finalmente, se implementó un servidor Proxy HTTP con autenticación y listas negras para restringir el acceso a sitios específicos. Los resultados evidencian que la segmentación de red, NAT, filtrado y proxy fortalecen la seguridad perimetral y optimizan el control del tráfico en entornos virtualizados modernos.
dc.formatpdf
dc.titleDiseño de un laboratorio virtual para seguridad y gestion de red
dc.typeDiplomado de profundización para grado
dc.description.abstractenglishThe project presents the implementation of a comprehensive perimeter security solution based on GNU/Linux using Endian Firewall Community. The infrastructure was deployed in VirtualBox and organized into three security zones: GREEN (LAN), ORANGE (DMZ), and RED (WAN). It integrates an Ubuntu Desktop client and an Ubuntu Server configured with a static IP address. NAT rules were configured to enable secure Internet access, and connectivity was verified using tools such as ping and DNS. Subsequently, Port Forwarding (DNAT) rules were implemented to publish web services (Apache) and FTP services (vsFTPd) hosted in the DMZ, along with filtering policies that blocked ICMP traffic. Finally, an HTTP proxy server was deployed with user authentication and blacklist-based access controls to restrict access to specific websites. The results demonstrate that network segmentation, NAT, traffic filtering, and proxy services significantly enhance perimeter security and optimize traffic control in modern virtualized environments.
Appears in Collections:Diplomado De Profundización En Administración De Sistemas Operativos Open Source Con Certificación En Linux

Files in This Item:
File Description SizeFormat 
cdruizd.pdf5.11 MBAdobe PDFView/Open
Show simple item record


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.