The aim of the bachelor thesis is Corporate Network Segmentation to Security Level Improving. During the audit of the company's network, several problems were identified, such as a single network, weak nodes, no backup channel, a separate strand with Lithuanian servers, HQ branch without a backup channel. The most popular network security threats and attacks were reviewed, DiD strategies and measures were introduced, an audit of the existing computer network was performed, and the new network topology was drawn.
Based on the Cisco PPDIOO model, a plan for gradual restructuring in a new network has been drawn up. A central device was installed in the DC of Latvia, an IPsec tunnel was agreed with the DC of Lithuania, tests were carried out. All branches were provided with backup channels, which made it possible to test a new network first through the backup channel and only when all the tests were performed and were positive, the main channel could easily be connected as well. The backup channel routers and branch routers are configured according to a single template to allow easy interchangeability. Configured access to branch switches and backup routers from both channels: primary channel and backup channel. The network has been tested and is working.