Update docs/tech_docs/cyber_lab.md
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
To refine our discussion into a final draft for setting up an Active Directory (AD) domain `homelab.local` for your home, including a detailed cybersecurity lab and efficient management of your home network, NAS, laptops, and other IT equipment, we'll structure the guide with precise steps and configurations.
|
||||
Certainly! Here's the updated reference guide for setting up your `homelab.local` Active Directory domain:
|
||||
|
||||
# Final Guide: Setting Up `homelab.local` AD Domain
|
||||
# Reference Guide: Setting Up `homelab.local` AD Domain
|
||||
|
||||
## Introduction
|
||||
|
||||
@@ -11,7 +11,7 @@ This guide outlines the process for creating an Active Directory (AD) domain, `h
|
||||
### Step 1: Domain and Controller Setup
|
||||
|
||||
1. **Primary Domain Controller (PDC):** Choose a dedicated or virtual server with sufficient resources to run Windows Server. This server will manage the `homelab.local` domain.
|
||||
|
||||
|
||||
2. **Secondary Domain Controller (SDC):** Optional but recommended for redundancy. Can be less resource-intensive and also runs Windows Server.
|
||||
|
||||
### Step 2: Organizational Units (OUs) and Structure
|
||||
@@ -34,6 +34,7 @@ This guide outlines the process for creating an Active Directory (AD) domain, `h
|
||||
2. **Create User Accounts:**
|
||||
- Setup `Admin Account(s)` for AD and resource management.
|
||||
- Create individual `Family User Accounts` and `Guest Accounts` as needed.
|
||||
- Use a clear naming convention for user accounts, e.g., `john.doe_001`.
|
||||
|
||||
### Step 4: Network Configuration and Security
|
||||
|
||||
@@ -42,50 +43,50 @@ This guide outlines the process for creating an Active Directory (AD) domain, `h
|
||||
|
||||
2. **Implement Firewall Rules:**
|
||||
- Control traffic between network segments, especially protecting `CyberLab` resources.
|
||||
- Create specific firewall rules for each sub-OU within the `CyberLab`.
|
||||
|
||||
### Step 5: NAS Configuration and Access
|
||||
|
||||
1. **Set Up Storage Areas:**
|
||||
- Allocate `Media`, `Personal Storage`, and `Lab Data` areas within the NAS, setting appropriate access permissions for each user or group.
|
||||
|
||||
2. **NAS Backup Strategy:**
|
||||
- Implement a separate backup strategy for the NAS, including regular incremental backups to an external drive or cloud storage service.
|
||||
|
||||
### Step 6: Group Policy Objects (GPOs)
|
||||
|
||||
1. **Define Key Policies:**
|
||||
- Enforce a strong `Password Policy`.
|
||||
- Enforce a strong `Password Policy`, with a stricter policy for the `LabAdmins` group.
|
||||
- Set an `Update Policy` for automatic Windows updates.
|
||||
- Apply `Software Restrictions` to limit installations on personal and home devices.
|
||||
- Apply `Software Restrictions` to limit installations on personal and home devices, using a whitelist of approved software.
|
||||
|
||||
## Enhanced Mermaid Diagram
|
||||
2. **GPO for NAS Access:**
|
||||
- Create a dedicated GPO for NAS access, defining user and group permissions for specific shares.
|
||||
|
||||
To accompany the final guide, the following Mermaid diagram provides a visual representation of the `homelab.local` setup:
|
||||
## Mermaid Diagram
|
||||
|
||||
```mermaid
|
||||
graph TD;
|
||||
A[PDC: homelab.local] -->|Manages| B[CyberLab]
|
||||
A -->|Manages| C[HomeDevices]
|
||||
A -->|Manages| D[NAS]
|
||||
A -->|Manages| E[Users]
|
||||
|
||||
B --> F[Testing Environments]
|
||||
B --> G[Research]
|
||||
B --> H[Tools]
|
||||
|
||||
C --> I[Personal Laptops]
|
||||
C --> J[Smart Home Devices]
|
||||
|
||||
D --> K[Media]
|
||||
D --> L[Personal Storage]
|
||||
D --> M[Lab Data]
|
||||
|
||||
E --> N[Admins]
|
||||
E --> O[Family]
|
||||
E --> P[Guests]
|
||||
|
||||
N --> Q[Admin Account]
|
||||
O --> R[Family User Accounts]
|
||||
P --> S[Guest Accounts]
|
||||
A[PDC: homelab.local] -->|Manages| B[CyberLab]
|
||||
A -->|Manages| C[HomeDevices]
|
||||
A -->|Manages| D[NAS]
|
||||
A -->|Manages| E[Users]
|
||||
B --> F[Testing Environments]
|
||||
B --> G[Research]
|
||||
B --> H[Tools]
|
||||
C --> I[Personal Laptops]
|
||||
C --> J[Smart Home Devices]
|
||||
D --> K[Media]
|
||||
D --> L[Personal Storage]
|
||||
D --> M[Lab Data]
|
||||
E --> N[Admins]
|
||||
E --> O[Family]
|
||||
E --> P[Guests]
|
||||
N --> Q[Admin Account]
|
||||
O --> R[Family User Accounts]
|
||||
P --> S[Guest Accounts]
|
||||
```
|
||||
|
||||
## Conclusion
|
||||
|
||||
This guide and diagram serve as a comprehensive blueprint for setting up a secure and efficient Active Directory domain for your home network and cybersecurity lab. By following these steps, you can create a well-organized, manageable environment that supports both your professional and personal digital activities.
|
||||
This updated reference guide provides a comprehensive blueprint for setting up a secure and efficient Active Directory domain for your home network and cybersecurity lab. By following these steps and considering the additional recommendations, you can create a well-organized, manageable environment that supports both your professional and personal digital activities.
|
||||
Reference in New Issue
Block a user