Home Lab Overview
In this blog, I will be detailing the setup and configuration of my home lab, which serves as an essential tool for learning key Blue Team security topics. My focus will be on mastering areas such as Security Information and Event Management (SIEMs), Intrusion Detection/Prevention Systems (IDS/IPS), and Endpoint Detection and Response (EDR). By simulating real-world environments, this lab will help me understand how to detect, analyze, and respond to security incidents.
Additionally, I will be diving into Active Directory (AD), which is a critical component in managing network security and user authentication in enterprise environments. This lab will allow me to explore the practical applications of these tools and technologies, reinforcing my understanding of defensive security measures.
I am planning on keeping this lab as simple as possible so I have decided not to use VLANs. I am sure that I will revamp the network to be segmented at a later date.
Lab Setup
Dell R720 Server Specifications
- RAM: 64 GB
- Storage: 2x 1TB Crucial SSDs
- Processor: 2x Intel(R) Xeon(R) CPU E5-2650 v2 @ 2.60GHz
- Hypervisor: VMware ESXi
Hosts and Services
Below is the list of hosts and services that I will be running.
Hosts
- pfSense Firewall
- Windows Server
- SIEM (Wazuh)
- Linux Server(s)
- Windows 10 Hosts
- Windows 7 Host
Services
- Antivirus
- Endpoint Protection
- IDS/IPS
- Monitoring
- Vulnerability Scanner