Diseño e implementación de una red corporativa multisede segura con DMZ, AAA y defensa en profundidad

Authors

  • Gustavo Enrique Muñoz Velez Universidad Tecnica de Machala image/svg+xml Author
  • Joel Alexander Muñoz Velez Universidad Tecnica de Machala image/svg+xml Author
  • Génesis Daniela Solano Ordoñez Universidad Tecnica de Machala image/svg+xml Author
  • Jonathan Andrés Medina Muñoz Universidad Tecnica de Machala image/svg+xml Author
  • Jimbo German Jordy Ortiz Universidad Tecnica de Machala image/svg+xml Author
  • Luis Ángel Gonzales Olaya Universidad Tecnica de Machala image/svg+xml Author

DOI:

https://doi.org/10.64973/xjcqzm42

Keywords:

redes multisede, VLAN, DMZ, AAA, RADIUS, TACACS+, VoIP, Cisco Packet Tracer

Abstract

La dependencia de servicios distribuidos exige arquitecturas que integren seguridad y conectividad. Este trabajo presenta el diseño y validación en Cisco Packet Tracer de una infraestructura multisede segura para RedTec Solutions S.A. La propuesta adopta un modelo de núcleo colapsado con microsegmentación por VLANs y una Zona Desmilitarizada (DMZ) para servicios públicos. Se aplicó una estrategia de defensa en profundidad mediante listas de control de acceso (ACL), gestión vía SSH y autenticación centralizada AAA (RADIUS/TACACS+). Las pruebas funcionales validaron la convergencia de VoIP y el aislamiento efectivo entre zonas, confirmando la viabilidad del diseño como base para entornos corporativos seguros de mediana escala.

References

Meghana S, Suriya Hanchinal, Preethi H A, & Naveen Chandra Gowda. (2024). Campus Area Network Design Using Cisco Packet Tracer. International Journal of Computing Learning and Intelligence, 3(2), 323-329. https://doi.org/10.5281/zenodo.11065719

Ahmed, A. H., & Al-Hamadani, M. N. A. (2021). Designing a secure campus network and simulating it using Cisco Packet Tracer. Indonesian Journal of Electrical Engineering and Computer Science, 23(1), 479–489. https://doi.org/10.11591/ijeecs.v23.i1.pp479-489

Mhaskar, N., Alabbad, M., & Khedri, R. (2021). A formal approach to network segmentation. Computers & Security, 103, 102162. https://doi.org/10.1016/j.cose.2020.102162

Sudha, M., Aishwaran, K., Arun, A., Jagadesh, T., & Nelson, J. (2020). Implementation of VLAN and inter VLAN in corporate networks. International Journal of Advanced Research, 8(2), 1074–1078. https://doi.org/10.21474/IJAR01/10548

Nuñez Alvarez, J., Zamora, Y., Pina, I., & Angarita, E. (2021). Demilitarized network to secure the data stored in industrial networks. International Journal of Electrical and Computer Engineering (IJECE), 11(1), 611-619. http://doi.org/10.11591/ijece.v11i1.pp611-619

Hendrawan, R., Widyawati, L., Asroni, O., Husain, & Muhamad Wisnu Alfiansyah. (2025). Implementation of Multihomed Firewall Based on IDS and DMZ Technology Using PfSense. Journal of Artificial Intelligence and Engineering Applications (JAIEA), 4(3), 1823–1828. https://doi.org/10.59934/jaiea.v4i3.1028

Alezander, C., & Roman-Gonzalez, A. (2023). Implementation of a RADIUS server for access control through authentication in wireless networks. International Journal of Advanced and Applied Sciences, 10(3), 183–188. https://doi.org/10.21833/ijaas.2023.03.022

Chinchay Quiroz, K. I., Peña Fernández, V. A., Carrión Barco, G., Fuentes Adrianzén, D. J., Delgado Chavarri, A. H., & Yeckle Arteaga, R. M. (2022). Control de acceso a redes inalámbricas por medio de protocolos de autenticación de usuarios. Biblioteca Colloquium. https://dialnet.unirioja.es/servlet/libro?codigo=874886

Palanisamy, R., Oraba, S. B., Al-Hizami, M. S. M., & Al-Jaafariyan, A. A. (2021). Analysis of authentication, authorization, and accounting server. International Journal of Advance Research, Ideas and Innovations in Technology, 7(1), 170–172. https://www.ijariit.com/manuscripts/v7i1/V7I1-1186.pdf

Lopez-Gomez, F., Marin-Lopez, R., Canovas, O., Lopez-Millan, G., & Pereniguez-Garcia, F. (2025). SDN-AAA: Towards the standard management of AAA infrastructures. Journal of Network and Computer Applications, 236, 104114. https://doi.org/10.1016/j.jnca.2025.104114

Sultana, N., Bang, H., Yulaeva, E., Mok, R. K. P., Claffy, K. C., & Mortier, R. (2025). A survey on packet filtering. SIGCOMM Computer Communication Review, 54(3), 2–9. https://doi.org/10.1145/3711992.3711994

Saripurna, D. (2020). Network Security System Analysis Using Access Control List (ACL). International Journal of Information System and Technology (IJISTECH), 5(2), 192-197. https://doi.org/10.30645/ijistech.v5i2.131

Lyimo, J. M. (2023). Implementing a campus VoIP intercom VLAN: A technology review, system requirements and architecture. International Journal of Science and Research Archive, 9(2), 716–726. https://doi.org/10.30574/ijsra.2023.9.2.0648

Tuleun, W. (2024). Design of an asterisk-based VoIP system and the implementation of security solution across the VoIP network. World Journal of Advanced Research and Reviews, 23(1), 875–906. https://doi.org/10.30574/wjarr.2024.23.1.2048

Ayodele, H., Banjo, O. I., & Olla, M. O. (2022). Voice over Internet Protocol over Wireless Local Area Network: A review. Journal La Multiapp, 3(4), 162–173. https://doi.org/10.37899/journallamultiapp.v3i4.687

Peña Casanova, M. P. C., & Anías Calderón, C. (2020). Policy based network management architecture modifications. Telemática, 19(2), 79–85. https://revistatelematica.cujae.edu.cu/index.php/tele/article/view/395

Thoyyibah, T., Hidayat, A. R., Hanggara, I. S., & Sudarsono, R. S. (2024). Analysis of networking tools using Cisco Packet Tracer (CPT). International Journal Software Engineering and Computer Science (IJSECS), 4(2), 721–730. https://doi.org/10.35870/ijsecs.v4i2.2359

Adedokun-Shittu, N. A., Abdulkareem, O. I., Ajani, A. H., & Oyekunle, R. A. (2021). Effect of Cisco-Packet-Tracer simulator on senior school students’ comprehension and skill acquisition in computer network topology in Nigeria. Nigerian Online Journal of Educational Sciences and Technology (NOJEST), 3(2), 9–14. http://nojest.unilag.edu.ng

Suthar, P., Kakadiya, R., Dhameliya, M., Dangashiya, D., & Bhinasara, R. (2020). Optimize network infrastructure using architecting and protocols. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 6(2), 517–522. https://doi.org/10.32628/CSEIT2062145

Ryynänen, T. (2020). Design and implementation of a small- and medium-sized TCP/IP enterprise network. Theseus Repository. https://www.theseus.fi

Yousif, Y. E., & Elnageeb, O. A. O. (2025). Performance Evaluation and Comparison of RIP, EIGRP and OSPF Routing Protocols. European Journal of Applied Science, Engineering and Technology, 3(3), 303-308. https://doi.org/10.59324/ejaset.2025.3(3).21

Jain, N., Payal, A., & Jain, A. (2021). Effect of data packet size on the performance of RIP and OSPF routing protocols in hybrid networks. International Journal of Pervasive Computing and Communications, 17(4), 361–376. https://doi.org/10.1108/IJPCC-02-2021-0036

Downloads

Published

2026-05-01

Issue

Vol. 1 No. 1 (2026): Enero - Marzo

Section

Artículos de Tecnologías de la Información y Comunicaciones

License

Copyright (c) 2026 EduLearn

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

How to Cite

Muñoz Velez, G. E., Muñoz Velez, J. A., Solano Ordoñez, G. D., Medina Muñoz, J. A., Jordy Ortiz, J. G., & Gonzales Olaya, L. Ángel. (2026). Diseño e implementación de una red corporativa multisede segura con DMZ, AAA y defensa en profundidad. EduLearn, 1(1), 148-176. https://doi.org/10.64973/xjcqzm42