This project evaluates a multi-site enterprise network and recommends a more resilient future-state design built around SD-WAN, layered security, and operational standardization. The goal was to address single points of failure, uneven security controls, and growing demand for cloud, voice, and video services across multiple locations.
Primary issues identified
- WAN connectivity relied too heavily on limited paths, increasing outage risk.
- Firewall coverage and security controls were inconsistent between sites.
- The environment was not designed to scale cleanly for new offices and services.
- Latency-sensitive traffic such as VoIP and video lacked enough prioritization.
Recommended architecture
- Dual-hub SD-WAN design to improve resiliency and disaster recovery.
- Redundant ISP connectivity and encrypted tunnels between sites.
- Next-generation firewalls at every location for more consistent perimeter defense.
- Centralized monitoring, logging, and traffic visibility for faster response and troubleshooting.
Segmentation and access control
The proposed design separates traffic into dedicated network segments for data, voice, video, servers, management, and guest access. I like that this approach reduces unnecessary east-west exposure, improves troubleshooting, and supports stronger access control through ACLs, policy enforcement, and authenticated network access.
Performance and continuity improvements
| Area | Improvement | Benefit |
|---|---|---|
| Availability | Dual hubs and redundant WAN links | Better uptime and failover support |
| Security | NGFWs, MFA, centralized monitoring | Stronger and more consistent protection |
| Performance | QoS for voice and video traffic | Improved experience for real-time services |
| Scalability | Template-based deployment and standardization | Faster onboarding for new sites |
Why it matters
I think this project works well in a portfolio because it shows both analysis and design. It is not just a diagram. It demonstrates how I evaluate risk, map business needs to technical controls, and build a practical architecture that improves resilience, security, and growth readiness.