Back to Table of Contents

The Cybersecurity Project Handbook: 32 Hands-On Projects for Offensive, Defensive & Emerging Domains

Project Chapter 28

Chapter 28 — NetGuard

Based on: SIH1727 — Tool for Secure Automatic Network Topology Creation
Organization: Government of India, Ministry of Petroleum and Natural Gas

Skills Required

  • Network protocols and topology discovery
  • Network security fundamentals
  • Automation with Python and network libraries (Scapy, NAPALM)
  • Graph databases (Neo4j)
  • REST API development
  • Frontend development (React/Angular)
  • Linux system and network administration

Project Description

NetGuard is an automated network topology discovery and protection system. It automatically discovers devices and links in enterprise networks, creates detailed topology maps, and continuously monitors for security policy compliance and network anomalies. The system integrates device fingerprinting, vulnerability scanning, and change detection to maintain an up-to-date secure network architecture.

Tech Stack

  • Python for discovery and automation scripting
  • Scapy and NAPALM for network probing and management
  • Neo4j for topology graph database
  • Flask or FastAPI for backend API
  • React or Angular for dashboard UI
  • Nmap/OpenVAS for integrated scanning
  • Docker/Kubernetes for deployment

Week-wise Roadmap

Week 1 — Environment Setup & Network Discovery

  • Setup dev environment with networking libraries and tools
  • Develop initial device discovery and fingerprinting modules using ICMP, SNMP, and ARP
  • Implement data ingestion to Neo4j graph database
  • Deliverable: Basic network discovery prototype with topology visualization

Week 2 — Link Mapping and Verification

  • Develop scripts to detect inter-device links and verify topology consistency
  • Integrate topology maps with device metadata (hostname, OS, services)
  • Deliverable: Link mapping module with enriched graph data

Week 3 — Vulnerability Scanning Integration

  • Integrate Nmap and OpenVAS scans for discovered devices
  • Correlate scan results with graph nodes for vulnerability tagging
  • Deliverable: Vulnerability assessment integration

Week 4 — Network Change Detection

  • Implement continuous monitoring for topology and configuration changes
  • Alert on unauthorized or risky changes to network layout
  • Deliverable: Change detection engine and alerting system

Week 5 — Security Policy & Compliance

  • Define network security policies for segmentation, access control
  • Develop compliance checking against discovered topology
  • Deliverable: Policy enforcement module with compliance reporting

Week 6 — Dashboard Development

  • Build interactive UI to visualize topology, scan results, and alerts
  • Add filtering, search, and drill-down capabilities
  • Deliverable: Network security dashboard prototype

Week 7 — API and Integration

  • Develop REST API for querying topology, scans, and alerts
  • Enable integration with SIEM and other security tools
  • Deliverable: Secure and documented API

Week 8 — Testing, Optimization & Documentation

  • Conduct end-to-end testing on real network setups
  • Optimize data processing and UI performance
  • Prepare user and developer documentation with deployment guides
  • Deliverable: Production-ready NetGuard platform

Testing & Deliverables

  • Validate topology accuracy and update speeds
  • Monitor vulnerability detection coverage and compliance scoring
  • Deliver source code, testbed setup instructions, user manuals, and demonstration videos

NetGuard empowers enterprise networks with automated visualization and security monitoring, improving situational awareness and response readiness.