Select a result to preview

##HomeLab

002 - Security Plan

As slightly detailed in 001 - Network Proposal the security plan for the new network is fairly standard and quite simple. After hardware segmentation is setup, the only things left to be done it to update and monitor internet facing and home network devices for any signs of breach or attempted attacks.

The security plan is generally as follows:

  1. Update all firmware and software regularly.
  2. Update all VM's and internet facing services regularly
  3. Monitor all activity on VM's and the Hypervisor for signs of attempted attacks

If a breach is detected or anticipated (ie. Major security vulnerability found on a running service) the server will be promptly disconnected from any way to the internet and then threats will be properly taken care of while air gapped from the network. After any detected breach, all endpoints will be monitored as well. Finally a security onion VM will be running under Proxmox as well to aid in monitoring network activity.

References

https://bilk0h.com/posts/security-onion-proxmox-open-vswitch#the-machine
https://docs.securityonion.net/en/2.4/architecture.html#architecture