In this project, I am working on securing and segmenting my LAN into five different networks. Below is a short description of each and their intended use.

• LAN
  • This network will be used by my trusted devices and will be prioritized over the other networks.
  • Clients on this network can initiate connections to devices on the Servers network.
• Servers
  • This network will be for server to server communication, and is the only network that will be allowed to host services to the internet.
• Guests
  • This is a strict network that only allows clients to use the internet.
  • No network traffic between clients is allowed.
• Pentest
  • This network has no internet access and is where I intend to host vulnerable virtual machines for use in penetration testing exercises.
• Blackhole
  • This network will not route any traffic and exists as a network for me to test untrusted devices or software.
  • Additionally this will be the network assigned to any ports that are not currently in use on my physical networking equipment.