medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c24a27b8f7ebc2e2032b0bbbc2155c0909cb7658
the_information_nexus/docs/tech_docs/cyber_lab.md

3.7 KiB
Raw Blame History

To provide a more detailed guide for setting up an Active Directory (AD) domain homelab.local tailored for your home environment, including a cybersecurity lab, home LAN/WLAN, NAS, laptops, IT equipment, and servers, well delve deeper into the specifics. This setup aims to enhance management, security, and operational efficiency across all devices and users in your home network.

Detailed Active Directory Domain Setup for Home Use

Domain Name: homelab.local

  • Primary Domain Controller (PDC): A robust machine (physical or virtual) that runs Windows Server, designated to manage the domain homelab.local.
  • Secondary Domain Controller (SDC): Optional but recommended for redundancy, can be a less powerful machine or virtual instance.

Organizational Units (OUs) Structure

  1. CyberLab:

    • Purpose: Contains resources specifically for cybersecurity research and testing.
    • Sub-OUs: Testing Environments, Research, Tools.

  2. HomeDevices:

    • Purpose: Manages personal and home devices.
    • Sub-OUs: Personal Laptops, Smart Home Devices.

  3. NAS:

    • Purpose: Organizes access to different NAS functionalities.
    • Sub-OUs: Media, Personal Storage, Lab Data.

  4. Users:

    • Purpose: Manages all user accounts.
    • Sub-OUs: Admins, Family, Guests.

Security Groups

  • LabAdmins: Full access to CyberLab resources.
  • FamilyMembers: Standard access to home devices, personal storage, and media.
  • MediaAccess: Special access to media storage on the NAS.
  • Guests: Restricted access to certain home devices and internet.

User Accounts

  • Admin Account(s): For managing AD and critical resources.
  • Family User Accounts: Individual accounts for family members with appropriate access rights.
  • Guest Accounts: Temporary accounts for visitors, with internet access and limited resource access.

Network Configuration and Security

  • LAN/WLAN Segmentation: Separate networks for CyberLab and HomeDevices to isolate traffic and enhance security.
  • Firewall and Access Rules: Configure firewall rules to control traffic between segments and protect sensitive resources in the CyberLab.

NAS Configuration

  • Media Storage: Shared storage for family media like photos, videos, and music.
  • Personal Storage: Private folders for each family member.
  • Lab Data: Storage for cybersecurity research, tools, and data.

GPOs for Security and Management

  • Password Policy: Strong passwords for all users, with regular mandatory changes.
  • Update Policy: Automatic updates for Windows devices to ensure security patches are applied.
  • Software Restrictions: Limit software installation on HomeDevices to prevent malware.

Mermaid Diagram for Enhanced Detail

Heres a more detailed Mermaid diagram for your setup:

graph TD;
    A[PDC: homelab.local] -->|Manages| B[CyberLab]
    A -->|Manages| C[HomeDevices]
    A -->|Manages| D[NAS]
    A -->|Manages| E[Users]

    B --> F[Testing Environments]
    B --> G[Research]
    B --> H[Tools]

    C --> I[Personal Laptops]
    C --> J[Smart Home Devices]

    D --> K[Media]
    D --> L[Personal Storage]
    D --> M[Lab Data]

    E --> N[Admins]
    E --> O[Family]
    E --> P[Guests]

    N --> Q[Admin Account]
    O --> R[Family User Accounts]
    P --> S[Guest Accounts]

This enhanced setup and diagram provide a more granular view of how to structure your home AD domain, focusing on both cybersecurity lab needs and home networking requirements. By following this detailed guide, you can create a secure, manageable, and efficient environment that supports both your professional and personal digital life.