As cyberattacks are on the rise, enterprises must find a way to secure and monitor its critical IT assets in order to minimize any impact upon successful attacks. Critical Infrastructures are not only reduced to the Government and Public Sector; any kind of running business has some kind of IT infrastructure that is critical to the development of its daily operations. The present thesis delivers the design of a secure network architecture to monitor a critical infrastructure. It features basic perimeter security consisting of high-availability firewalls, a DMZ to properly isolate the internal network, a central location to store logs from selected hosts, and a Security Operations Centre based on a SIEM software (Splunk), making realtime monitoring possible via informational dashboards. Last of all, an alert scheme is implemented: an e-mail is sent out from Splunk should a critical service go down in the Critical Infrastructure.