Data Center Next-Generation Firewall Topology
The lab was configured with a basic data center architecture to emulate the following components:
- SRX Series Firewall (SRX4600) device in a Layer 2 high availability architecture.
- Baselined configuration covering:
- Interface configuration.
- Zone configuration.
- Basic building blocks, such as DNS, NTP, System Logging, and so on.
- Firewall policy enforcement between defined zones.
- Kali Linux server to emulate an attacker. This system emulates
the following attack scenarios:
- Generation of flooding attacks.
- Generation of penetration testing attacks on webserver.
- Generation and hosting of malware. Provides a reverse shell for exfiltration.
- Assumes the role of C&C and hosts the malware for download.
- Linux server to host webserver services. This endpoint is protected from various attacks initiated by an attacker.
- Windows client to generate a web based traffic.
- Linux client to generate web based traffic and emulate malware download.