Optimization of Confidentiality, Integrity, and Availability Through Network Segmentation: A Comparative Simulation Study
DOI:
https://doi.org/10.33197/justinfo.v3i1.3358Keywords:
VLAN Segmentation, CIA Triad, Network Security, Cisco Packet Tracer, Traffic EfficiencyAbstract
Flat network architectures present significant security and efficiency challenges, exposing organizations to heightened risks of cyberattacks, including data breaches and service disruption, while impeding optimal network performance. This inherent vulnerability directly conflicts with the fundamental information security objectives of Confidentiality, Integrity, and Availability (CIA Triad). To address these critical issues, this research investigates the strategic implementation of Virtual Local Area Network (VLAN) segmentation as a mechanism to concurrently enhance security and operational performance. The study employs an experimental, simulation-based methodology using Cisco Packet Tracer software to design and evaluate a functionally segmented network topology. The model incorporates role-based traffic isolation and enforces precise access policies through the application of Extended Access Control Lists (ACLs) on inter-VLAN routing points. Simulation analysis demonstrates that the proposed architecture yields a dual benefit: a 70% reduction in broadcast domain traffic and up to a 50% decrease in communication latency, substantially improving network efficiency and stability. From a security perspective, the logical isolation of segments successfully contained and mitigated prevalent Layer 2 threats, including packet sniffing and ARP poisoning attacks, thereby strengthening data confidentiality and network integrity. The findings conclusively establish that VLAN segmentation, when integrated with granular ACL policies, serves as a foundational and highly effective strategy. It provides a robust technical framework for enforcing the CIA Triad, transforming network infrastructure from a vulnerable, flat entity into a secure, performant, and resilient organizational asset.
References
[1] M. A. Haque, S. Shetty, K. Gold, and B. Krishnappa, “Realizing Cyber-Physical Systems Resilience Frameworks and Security Practices BT - Security in Cyber-Physical Systems: Foundations and Applications,” A. I. Awad, S. Furnell, M. Paprzycki, and S. K. Sharma, Eds. Cham: Springer International Publishing, 2021, pp. 1–37. doi: 10.1007/978-3-030-67361-1_1.
[2] L. Qudus, “Resilient Systems: Building Secure Cyber-Physical Infrastructure for Critical Industries Against Emerging Threats,” Int. J. Res. Publ. Rev., vol. 6, no. 1, pp. 3330–3346, 2025, doi: 10.55248/gengpi.6.0125.0514.
[3] S. Naik, “Cloud-Based Data Governance: Ensuring Security, Compliance, and Privacy,” Eastasouth J. Inf. Syst. Comput. Sci. Vol., vol. 1, no. 01, pp. 69–87, 2023, [Online]. Available: https://esj.eastasouth-institute.com/index.php/esiscs
[4] I. A. Essien, E. Cadet, J. O. Ajayi, E. D. Erigha, and E. Obuse, “Secure Configuration Baseline and Vulnerability Management Protocol for Multi-Cloud Environments in Regulated Sectors,” Int. J. Multidiscip. Res. Growth Eval., vol. 2, no. 3, pp. 686–696, 2021, doi: 10.54660/.IJMRGE.2021.2.3.686-696.
[5] M. Rusdan and M. T. Anwar, “Blockchain - Based Academic Information System to Enhance Data Security,” JUSTINFO | J. Sist. Inf. dan Teknol. Inf., vol. 2, no. 1, pp. 186–193, 2024, doi: 10.33197/justinfo.v2i1.2495.
[6] S. Dhar, A. Khare, A. D. Dwivedi, and R. Singh, “Securing IoT devices: A novel approach using blockchain and quantum cryptography,” Internet of Things, vol. 25, p. 101019, 2024, doi: https://doi.org/10.1016/j.iot.2023.101019.
[7] Perdylasta, D. H. Saputra, M. Irfa’i, M. S. Azzuhdi, and S. Wijirahayu, “Cybersecurity: Transforming Vulnerable System to A More Secure and Hard-to- Penetrate System,” Forum Univ. Sch. Interdiscip. Oppor. Netw., vol. 1, no. 1, pp. 254–258, 2024.
[8] A. H. Wijaya, Arsitektur dan Keamanan Jaringan Komputer. CV Eureka Media Aksara, 2025. [Online]. Available: https://books.google.co.id/books?id=4N-tEQAAQBAJ
[9] C. Nicodeme, “A Global Energy-Efficient Framework for Edge AI in Industry and Railway,” in 2024 24th International Conference on Control, Automation and Systems (ICCAS), 2024, pp. 1299–1304. doi: 10.23919/ICCAS63016.2024.10773332.
[10] H. Nanang, S. J. Putra, H. T. Sukmana, and I. Amal, “Evaluating Quality of Service Standards on Computer Networks using Protocol Redundancy Gateway,” in 2024 3rd International Conference on Creative Communication and Innovative Technology (ICCIT), 2024, pp. 1–6. doi: 10.1109/ICCIT62134.2024.10701222.
[11] O. M. C. Osazuwa, “Confidentiality , Integrity , and Availability in Network Systems : A Review of Related Literature,” Int. J. Innov. Sci. Res. Technol., vol. 8, no. 12, pp. 1946–1955, 2023, [Online]. Available: https://www.ijisrt.com
[12] H. Riggs et al., “Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure,” Sensors, vol. 23, no. 8. p. 4060, 2023. doi: 10.3390/s23084060.
[13] N. R. Kotha, “Network Segmentation as a Defense Mechanism for Securing Enterprise Networks,” Turkish J. Comput. Math. Educ. (TURCOMAT, vol. 11, no. 3, pp. 3023–3030, 2020, [Online]. Available: https://turcomat.org
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Jurnal Sistem Informasi dan Teknologi Informasi
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
