Enterprise Infrastructure Deployment

Multi-VM Security Operations Environment

Duration: 1 month Platform: DigitalOcean Region: Toronto

Project Overview

Deployed and secured a complete enterprise-grade security operations infrastructure consisting of 5 production services across 6 virtual machines. All services were hardened with SSL/TLS encryption using Let's Encrypt certificates and automated renewal processes.

5

Production Services

6

Virtual Machines

345GB

Total Storage

A+

SSL Labs Rating

Architecture

                          Internet
                              |
                    [DigitalOcean Cloud]
                              |
                    ┌─────────┴─────────┐
                    |                   |
             [Tailscale VPN]       [SnapShooter]
                (Exit Node)         (Backups)
                    |
                 (UFW)
                    |
    ┌───────────────┼──────────────────────────────────────────┐
    |               |               |            |             |
  [T-Pot]        [Wazuh]       [Snipe-IT]     [GitLab]      [Znuny]
  Honeypot        SIEM         Asset Mgmt     Repos/CI    Ticket System

Deployed Services

🍯 T-Pot Honeypot Platform

Multi-honeypot platform with 20+ services including Cowrie, Dionaea, and Honeytrap for threat intelligence collection and real-time attack visualization.

Docker Nginx Elasticsearch

🛡️ Wazuh SIEM

Open-source security monitoring platform providing log analysis, intrusion detection, vulnerability detection, and compliance monitoring.

OpenSearch Node.js TLS 1.3

📦 Snipe-IT Asset Management

IT asset management system for tracking hardware, software licenses, accessories, and maintenance schedules with QR code support.

Laravel MySQL PHP 8.2

🦊 GitLab DevOps Platform

Complete DevOps platform with Git repository management, CI/CD pipelines, issue tracking, and wiki documentation.

Ruby PostgreSQL Redis

🎫 Znuny Ticketing System

Enterprise ticketing system (OTRS fork) for IT service management, customer support, and incident tracking with email integration.

Perl mod_perl MySQL

🔒 Tailscale VPN

Zero-config mesh VPN for secure administrative access to management interfaces without exposing ports publicly.

WireGuard Mesh Network Exit Node

Live Service Screenshots

Service Dashboards

T-Pot Dashboard

T-Pot - Honeypot Dashboard

Wazuh Dashboard

Wazuh - Security Monitoring

Snipe-IT Dashboard

Snipe-IT - Asset Management

GitLab Dashboard

GitLab - DevOps Platform

Znuny Dashboard

Znuny - Ticketing System

Tailscale Machines

Tailscale - VPN Mesh Network

Infrastructure Management

DigitalOcean Droplets

DigitalOcean - All 6 Production Droplets

Technology Stack

Ubuntu 22.04 LTS Nginx Apache2 Docker Compose Let's Encrypt Certbot UFW Firewall Tailscale

Skills Demonstrated

System Administration

  • Linux server configuration
  • Service management (systemd)
  • User/permission management
  • Package management (apt)

Network Security

  • Firewall configuration
  • VPN implementation
  • DNS management
  • SSL/TLS encryption

DevOps

  • Docker containerization
  • Infrastructure automation
  • Backup procedures
  • Monitoring & logging

Lessons Learned

  • Certificate Management: Docker containers require custom renewal hooks; file permissions are critical for service accounts
  • Firewall Rules: UFW processes rules sequentially; use ufw status numbered for troubleshooting
  • Application Config: Cache clearing is essential after changes; browser caching can mask issues
  • Resource Planning: Elasticsearch requires minimum 4GB RAM; T-Pot logs grow rapidly
  • Documentation: Detailed notes during implementation save hours during troubleshooting

Future Enhancements

  • Implement Prometheus + Grafana for infrastructure monitoring
  • Add centralized logging with Loki or ELK stack
  • Configure automated vulnerability scanning (OpenVAS)
  • Deploy infrastructure as code using Terraform
  • Implement configuration management with Ansible
  • Set up alerting for certificate expiration and downtime