Infrastructure as Code (IaC) Design for Network Security Automation: Hardening Mikrotik-Based Router

Main Article Content

Arief Indriarto Haris
Rd. Angga Ferianda


The router plays an important role in managing data packet traffic in the network infrastructure, so its role is central and crucial. Disruption of Router functions by cyber-attacks will have a direct impact on the quality of Information Technology (IT) services in the network as a whole. Therefore, it is necessary to harden the router to protect it from cyber-attacks. But on the other side, securing (Hardening) Router also often encounters several obstacles and challenges, such as configuration errors or configuration processes that are repeated and tend to consume a lot of time and energy, especially if there are a lot of devices configured. By using the PPDIOO method, this study aims to design Infrastructure as Code (IaC) which focuses on MikroTik-based Router Hardening through an automation process. The results obtained were that all IaC designs had been successfully implemented through the automation process and no errors had been encountered. The total duration of hardening through automation was 4 minutes 28 seconds. The results of the system security test showed that the router was successfully protected and no vulnerabilities were encountered.


Article Details

How to Cite
Haris, A. I., & Ferianda, R. A. (2023). Infrastructure as Code (IaC) Design for Network Security Automation: Hardening Mikrotik-Based Router. Jurnal Pekommas, 8(1), 39–46.


Agus, I. P., & Pratama, E. (2021). Infrastructure as Code (IaC) Menggunakan OpenStack untuk Kemudahan Pengoperasian Jaringan Cloud Computing (Studi Kasus: Smart City di Provinsi Bali) Infrastructure as Code (IaC) Using OpenStack for Ease of Operation of Cloud Computing Network (Case Study . Jurnal Ilmu Pengetahuan dan Teknologi Komunikasi, 23(1), 93–105.

Akin, T. (2002). Hardening Cisco Routers (J. Sumser (ed.)). O’Reilly Media.

Bahnasse, A., Bensalah, F., Louhab, F. E., Khiat, A., Khiat, Y., & Talea, M. (2019). Automation of network simulation: concepts related to IPv4 and IPv6 convergence. Procedia Computer Science, 155(2018), 456–461.

Ceron, J. M., Scholten, C., Pras, A., & Santanna, J. (2020). MikroTik Devices Landscape, Realistic Honeypots, and Automated Attack Classification. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium, 1–9.

Christanto, F. W., & Suprayogi, M. S. (2017). Pemantauan Sumber Daya Virtual Server pada Cloud Computing Universitas Semarang Menggunakan Network Monitoring System. Simetris : Jurnal Teknik Mesin, Elektro dan Ilmu Komputer, 8(2), 629.

CISA. (2020). Security Tip (ST18-001) Securing Network Infrastructure Devices. CISA.

Dalla Palma, S., Di Nucci, D., Palomba, F., & Tamburri, D. A. (2020). Toward a catalog of software quality metrics for infrastructure code. Journal of Systems and Software, 170, 110726.

Dalla Palma, S., Di Nucci, D., & Tamburri, D. A. (2020). AnsibleMetrics: A Python library for measuring Infrastructure-as-Code blueprints in Ansible. SoftwareX, 12, 100633.

Haeruddin, H. (2021). Analisa dan Implementasi Sistem Keamanan Router Mikrotik dari Serangan Winbox Exploitation, Brute-Force, DoS. JURNAL MEDIA INFORMATIKA BUDIDARMA, 5(3), 848.

Haris, A. I., Riyanto, B., Surachman, F., & Ramadhan, A. A. (2022). Analisis Pengamanan Jaringan Menggunakan Router Mikrotik dari Serangan DoS dan Pengaruhnya Terhadap Performansi. Komputika : Jurnal Sistem Komputer, 11(1), 67–76.

Hariyadi, I. P., & Marzuki, K. (2020). Implementation Of Configuration Management Virtual Private Server Using Ansible. MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, 19(2), 347–357.

Islami, M. F., Musa, P., & Lamsani, M. (2020). Implementation of Network Automation using Ansible to Configure Routing Protocol in Cisco and Mikrotik Router with Raspberry PI. Jurnal Ilmiah Komputasi, 19(2), 127–134.

Jeni Rahman, Azhari, M. L., Tamba, S. R., Ramadhan, A. N., Fakhriyah, I., Hilmi, M. A., Hartadi, E. E., & Kristallia, R. (2022). Laporan Tahunan Hasil Monitoring Keamanan Siber Tahun 2021.

Khumaidi, A. (2021). Implementation of DevOps Method for Automation of Server Management Using Ansible. Jurnal Transformatika, 18(2), 199.

Kokuryo, S., Kondo, M., & Mizuno, O. (2020). An Empirical Study of Utilization of Imperative Modules in Ansible. Proceedings - 2020 IEEE 20th International Conference on Software Quality, Reliability, and Security, QRS 2020, 442–449.

MikroTik. (2019). Manual: Securing Your Router. Wiki MikroTik.

Mohd Fuzi, M. F., Abdullah, K., Abd Halim, I. H., & Ruslan, R. (2021). Network Automation using Ansible for EIGRP Network. Journal of Computing Research and Innovation, 6(4), 59–69.

Pambudi, R., & Muslim, M. A. (2017). Implementasi Policy Base Routing dan Failover Menggunakan Router Mikrotik untuk Membagi Jalur Akses Internet di FMIPA Unnes. Jurnal Teknologi dan Sistem Komputer, 5(2), 57.

Perera, H. M. D. G. V., Samarasekara, K. M., Hewamanna, I. U. K., Kasthuriarachchi, D. N. W., Abeywardena, K. Y., & Yapa, K. (2021). NetBot - An Automated Router Hardening Solution for Small to Medium Enterprises. 2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), 0015–0021.

Pratama, M. A. A., & Hariyadi, I. P. (2021). Otomasi Manajemen dan Pengawasan Linux Container (LCX) Pada Proxmox VE Menggunakan Ansible. Jurnal Bumigora Information Technology (BITe), 3(1), 82–95.

Rifki Afandi, M., Hatta, P., Efendi, A., Kunci-Otomatisasi Jaringan, K., Komputer, L., & Jaringan, P. (2020). Otomatisasi Perangkat Jaringan Komputer Menggunakan Ansible Pada Laboratorium Komputer. SMARTICS Journal, 6(2), 48–53.

Spichkova, M., Li, B., Porter, L., Mason, L., Lyu, Y., & Weng, Y. (2020). VM2: Automated security configuration and testing of virtual machine images. Procedia Computer Science, 176, 3610–3617.

Swastika, I. M. B., & Atitama, I. G. O. G. (2017). Otomatisasi Konfigurasi Mikrotik Router Menggunakan Software Ansible. Internet of Think (IoT) & Big Data : Teknologi, Tantangan dan Peluang, 495–502.

Tantoni, A., Ashari, M., & Zaen, M. T. A. (2020). Analisis Dan Implementasi Jaringan Komputer Brembuk.Net Sebagai Rt/Rw.Net Untuk Mendukung E-Commerce Pada Desa Masbagik Utara. MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, 19(2), 312–320.

Wilkins, S. (2011). Cisco’s PPDIOO Network Cycle. Cisco Press.