-
Homelab: A Homelab, as the name implies, is an environment in your home that is used to practice and improve your skills in a specific field. This home lab has components and tools similar to large-scale infrastructures. It’s a safe environment to work with these components and learn how they work.
-
TECHNOLOGY USED:
- VM Ware
- Kali Linux
- pfSense Firewall
- Splunk(SIEM)
- Security Onion IDS
- Windows Server 2016 (Active Directory)
-
IMPLEMENTATION DETAILS:
- Downloading & Installing VMware Workstation Pro
- Configuring pfsense
- Configuring Security Onion
- Configuring Kali Linux
- pfsense Interfaces and Rules
- Configuring Windows Server as a Domain Controller
- JOINING THE PCs TO THE DOMAIN
- Installing Splunk on a Ubuntu Server
- Installing Universal Forwarder on Windows Server
-
As we implemented IDS, IPS, Firewall and SIEM tools from various vendors, we can generate, detect, and monitor logs from these Gateway security devices.
-
A secure web gateway protects our network from online security threats and infections by enforcing policy and filtering Internet-bound traffic. A secure web gateway is an on-premise or cloud-delivered network security service. Sitting between users and the Internet, secure web gateways provide advanced network protection by inspecting web requests against security policy to ensure malicious applications and websites are blocked and inaccessible. A secure web gateway includes essential security technologies such as URL filtering, application control, data loss prevention, antivirus, and https inspection to provide organizations with strong web security.
-
SIEMs collect logs and events from hundreds of organizational systems (for a partial list, see Log Sources below). Each device generates an event every time something happens, and collects the events into a flat log file or database. The SIEM can collect data in four ways: