This homelab is a full-stack offensive and defensive security environment built on Proxmox. It includes Active Directory, a SIEM stack, VLAN-based segmentation, SCADA/ICS simulation, and a mainframe emulation network. There are changes to be made, such as more RAM, more storage. There is also stuff not listed, like an Inferno and Plan9VM, ReactOS, etc., as well as some hosted web applications. These will be updated soon.
This page contains high-level documentation, network maps, and architecture diagrams. Additional sections will be added as the lab evolves.
High-Level Architecture
┌──────────────────────────┐
│ Proxmox Host │
│ Ryzen 9, 64 GB RAM │
│ SSD Tier + HDD Tier │
│ GPU (AMD → NVIDIA later)│
└───────────┬──────────────┘
│
┌─────────────────┼─────────────────┐
│ │ │
▼ ▼ ▼
┌──────────────┐ ┌──────────────┐ ┌──────────────────┐
│ Firewall VM │ │ LAN VLAN │ │ MANAGEMENT VLAN │
│ (OPNsense) │ │ (Home LAN) │ │(Proxmox, SIEM,DC)│
└──────┬───────┘ └──────┬───────┘ └─────────┬────────┘
│ │ │
▼ ▼ ▼
┌────────────────────────────────────────────────────────────────┐
│ VIRTUAL MACHINES │
└────────────────────────────────────────────────────────────────┘
SECURITY STACK MEDIA / HOME
┌──────────────────┐ ┌────────────────────────┐
│ Wazuh Manager │ │ Plex/Jellyfin VM │
│ OpenSearch Node │ │ GPU Passthrough │
│ Velociraptor │ │ (NVIDIA EVENTUALLY) │
│ Zeek / Suricata │ └────────────────────────┘
└──────────────────┘
CORE LAB SERVICES & UTILITY
┌──────────────────┐ ┌────────────────────────┐
│ Windows DC01 │ │ Linux SSH Bastion VM │
│ Windows Servers │ │ Pi-hole │
│ Win10/11 Clients │ │ Home Automation │
└──────────────────┘ └────────────────────────┘
SPECIALIZED LAB SEGMENTS
┌─────────────────────────────┐
│ SCADA/ICS VLAN │
│ - OpenPLC │
│ - RapidSCADA │
│ - HMI Win7 Workstation │
└─────────────────────────────┘
┌─────────────────────────────┐
│ Mainframe VLAN │
│ - Hercules TK4- │
│ - x3270 terminal access │
└─────────────────────────────┘
Network Segmentation
┌──────────────────────────────┐
│ Proxmox │
│ vmbr0 (MGMT VLAN 10) │
│ vmbr1 (LAB VLAN 20) │
│ vmbr2 (DMZ VLAN 40) │
│ vmbr3 (SCADA VLAN 70) │
│ vmbr4 (MAINFRAME 80) │
└───────────┬──────────────────┘
│
┌──────────────┴──────────────┐
│ Managed Switch (VLAN-aware) │
└──────────────┬──────────────┘
│
┌──────────────────────────────────────────────────────────────┐
│ VLAN OVERVIEW │
└──────────────────────────────────────────────────────────────┘
MGMT VLAN 10 (10.10.10.0/24)
─────────────────────────────
- Proxmox Web UI
- Wazuh / SIEM
- Velociraptor
- OpenSearch
- SSH jumpbox
LAB VLAN 20 (10.20.0.0/24)
─────────────────────────────
- Windows AD
- Windows Servers
- Clients
- Red-team VMs
- Dev & Web Apps
DMZ VLAN 40
─────────────────────────────
- External-facing apps
- Honeypots
- Reverse proxies
SCADA VLAN 70
─────────────────────────────
- OpenPLC
- RapidSCADA
- HMI workstation
MAINFRAME VLAN 80
─────────────────────────────
- Hercules TK4-
- TSO/ISPF
Status
Version 0.1 — initial architecture documentation FINALLY uploaded. Detailed writeups, screenshots, and build notes will follow.