Last week I discovered a most excellent piece of software, namely VNUML. As their web page says, it is “a general purpose virtualization tool designed to quickly define and test complex network simulation scenarios”. That means you can test network ideas and design decisions without having to deploy spare kit or mess with an existing setup. Given our impending move to new premises, where we will have a very different network setup, this is exactly what I want.
I’ve configured a virtual network, which (simplified somewhat) looks like this:
The internal network has some desktops and servers, the DMZ (Demilitarised Zone, publically accessible) has a web server. Configurations can be explored for each of the machines (desktop, server, firewall and www), to see what happens in different situations. In the scenario, there is also a rogue machine called ‘evil’, located outside the main network, which can be used to try to penetrate the security of the rest of the network, i.e. someone trying to ‘break in’. The configurations are set up so that ‘evil’ should only be able to reach the web server (the only publically-accessible part of the network). Also, the usual protection afforded to the main internal network means that if the web server were to be compromised, an attacker cannot get out of the DMZ, i.e. cannot connect to the desktops and other local servers.
A very nice bit of software indeed.
of more interest to me is what tool you used to draw the diagram. I’m trying to find something as an alternative to Visio. Dia sort of does what I want, but item and text rotation isn’t present, or wasn’t last time I looked..
PermalinkI used dia to draw the diagram. Didn’t try to do any rotations …
Permalink