Network Security

Production VLAN Segmentation

Role-based network separation, default-deny thinking, DMZ placement, migration notes, and validation habits.

Production VLAN Segmentation architecture diagram
Problem

Why it mattered

A flat lab network was becoming too hard to reason about safely as services, storage, remote access, and public ingress grew.

Result

What changed

The lab now reads like a production environment: separated trust zones, clearer dependencies, and better troubleshooting paths.

What I Built

Build summary

  • Designed role-based VLAN separation for management, services, guests, storage, and public ingress paths.
  • Moved toward default-deny firewall thinking and documented allowed dependencies at a public-safe level.
  • Captured migration notes and rollback thinking without publishing private addressing or rule detail.
Skills Shown

Practical skills

  • VLAN design
  • Firewall policy
  • Switching
  • Migration planning
  • Validation
Related Writeups

Notes connected to this project

Networking - May 2026

Guest VLAN Captive Portal

Validated guest isolation and captive portal behavior while keeping the public writeup sanitized.

Read writeup
Infrastructure - May 2026

VLAN Segmentation Migration

Moved the lab toward production-style network separation with documented recovery points.

Read writeup
Networking - 2026

VLAN Trunking Path Fix

Diagnosed a trunking mismatch and validated the public ingress path after the fix.

Read writeup
Back to project hub
Contact

Open to junior networking, SOC, NOC, MSP, help desk, and cybersecurity internships.

I bring documented hands-on practice, public-safe writing, and the discipline to explain what changed and why.

Email Me Resume Digital Card LinkedIn GitHub

nazeemdickey@masternazz.com  •  Boynton Beach, FL