LybothVic

Projects

---

Some of AWS Projects Worked On

Deploying a WordPress on an EC2 Instance

Create an EC2 instance, SSH onto the instance, Install WordPress and all its dependencies,
and obtained the Wordpress page. steps taken:

Create the EC2 instance and SSH Onto the instance
Install Linux Apache MySQL server and PHP stack
Install MariaDB MySQL database-server and MariaDB-client
to connect with the database Mariadb
Start the database and check the status to ensure it up and running
Install root password for the database to secure the database
Install PHP to support WordPress as it runs on PHP
Install wget unzip file Now downloading WordPress
Remove index html
Log in to MariaDB MySQL to create the database and provide the user
access to the dataabse object and provide all privileges.Explore More

High Available 3 Tier Architecture

3-tier network architecture is a structured and highly scalable framework. Designed to support
the deployment of web applications with improved security, high availability, and fault tolerance.

Networking component

We have deployed services across two availability zones within one region. With a public subnet in each AZ. These subnets have an
internet-facing load balancer to distribute incoming traffic to our web servers across both AZs. Two private subnets in each aviailability
zone for our applications and for the database instances. An Internet gateway is also configured to control incoming and outgoing
traffic. A Nat gateway for each public subnet. best practice as recommended for redundancy. The Nat gateway is created
to facilitate outgoing internet traffic for private subnets. Route table for the web applications and database subnets.

Application Components

To access our application, R53 can be used but is optional as the applications will be accessed via the application load balancer.
Auto scaling group is created with a maximum of two ec2 instances to provide automatic scaling and management for both
the Web teir and application tier instances. PHP and Apache are installed on the application servers. The latest mariaDB package.
Application Server Security Group allowing inbound permission from the Web Server Security Group.

Database Components

RDS MySQL database instances is used. The Database Security Group will allow inbound traffic for
MySQL database from the Application Server Security Group.Explore More

Some of Network and Netwotk Security Project Worked On

Multiple Sites WAN VPLS (MPLS) Network

WAN MPLS services are delivered over fiber circuits and FTTC connections across 9 sites including DC. 2x sites supplied and provided with 100/100Mb
resilient connection operating active/passive, terminating into dual RSX300 Juniper routers configured with VRRP for failover mechanism in the event
of primary circuit failure. 3x sites supplied and provided with 1G/1G resilient connection operating active/passive, terminating into dual RSX300 Juniper
routers configured with VRRP for failover mechanism. 2x sites provided with 100/100Mb link as a primary links and FTTC backup. Terminating into dual
Juniper routers configured with VRRP for failover mechanism and a small remote site in Birmingham. Explore More

Some of Cyber Security Project Worked On

Vulnerability Scanning

I Worked on a vulnerability scanning project using Qualys as a vulnerability scanning tool. Using Qualys, I scanned
all network devices by deploying a scanner appliance across two sites, London and Manchester. The scanner
appliance was deployed as an agent. Which is a software I installed on a server to scan the client environment.

The agent was also connected to the client Azure environment via Qualys cloud connecter to pull all the Virtual
machines for vulnerability and scanning. And, enabled single sign-on (SSO) on Azure for Azure AD joint staff.
To alow them access via SSO using a URL from Qualys

Endpoint Protection Project

Endpoint Detection & Response (EDR) Solution

I designed an endpoint protection solution for a medium-sized business network. Considering that over 90% of attacks start by
email, I started vy carrying out some gap analysis on their email security system and end-point protection solution. I learned that
all they had as security controls for email security was a FortiGate Next-Generation Firewall, and a Forti-mail configured in proxy
mode. No Sandboxing environment or a kind of threat intelligence machine learning tool. And no proper EDR solution for endpoint
protection and network monitoring. So they were exposed to major attacks such as Zero-day Malware/attacks also called unknown
malware and Ransomware attacks as well as Web-related attacks

I redesigned their security architecture accordingly, considering their web security solution too. and, taking into account the budget.
First I tackled endpoint security by deploying a good EDR solution. I used the Crowd Strike EDR solution. Crowd Strike EDR is a
cloud-based solution and deliver Real-time detection and prevention of malicious attacks. First by, Leveraging known signatures
or indications of compromise, hashes, Ips, domains, anything else that was seen before. Big data analysis and machine learning
algorithms to look for anything unknown or from the behavior of activity with indicators of compromise. and, deployed five modules of
Crowd Strike EDR solutions to complete the EDR solution.

Falcon Prevents, Next Generation Antivirus modules with all its capability to identify known malware whether online or offline, including
machine learning mechanisms for unknown malware.
Falcon Insight, the actual EDR module. Which detects incidents that have escape prevention measures and ensures that customer has
real-time visibility into everything going on at their endpoints. Which reduces the risk of silent failure that enables attackers to remain in the
network undetected
Device Control, enables the safe usage of USB drives or devices across the entire network, it provides granular control to make ensure
that approved USBs are used appropriately in the network
Falcon Spotlight, a module for vulnerability management provides real-time vulnerability assessment on the endpoints, the most critical ones
Falcon X, a threat intelligence module that brings endpoint protection to the next level by combining malware sandboxing, malware search,
and threat intelligence into an integrated solution to provide threat analysis in a matter of seconds.

At the perimeter network, I implemented a defense in depth by adding an extra layer of security, as they already had a Fortigate NG-UTM-Firewall
and a mail proxy. Since the Next Generation firewall IPS does not detect unknown malware, I added a Forti-Sandbox to Identify and isolate unknown
malware in real time. To mitigate zero-day attacks and ransomware attacks. Forti-SIEM, for complete visibility into the network and 24/7 end-to-end
threat monitoring and mitigation. And also, deployed a Web application firewall to identify and filter malicious requests. To mitigate web-related attacks
such as DDoS attacks, SQL injection, and cross-site scripting attacks. The Forti-Sandbox is integrated with all security appliances in the network.
Everything passes through the sandbox for deep analysis.

Finally, recommended phishing email awareness training and overall corporate security awareness training to all the employees. Both technical and
non-technical staff. Which I conducted over two weeks to different types of audiences.