Help for my homelab

[Ritss778]

Hello everyone,

I'm thrilled to join this community and seek your guidance as I navigate a new challenge. I recently secured a position as a desktop support engineer in a company, and my manager has urged me to broaden my knowledge into servers and hardware. The urgency stems from our system admin resigning, and my manager is hopeful that I can step up into that role.

To expedite my learning, I'm planning to create a home lab environment to gain practical experience with enterprise setups. Here's my current hardware:

Main Gaming PC (Windows 10 stays primary due to EAC in games):

• Ryzen 5 3500 6C/6T
• 32GB Memory
• GTX 1060 6GB
• 240GB OS SSD (Windows 10)
• 1TB NVMe

Dell SFF -1:

• i7 7700 4C/8T
• 8GB Memory
• 240GB SSD
• No OS

Dell SFF -2:

• i5 6500 4C/4T
• 8GB Memory
• 120GB SSD
• No OS

I currently have only one monitor for all these desktops and plan to buy a small 4-Port Switch soon. I've also acquired a static IP. Given my limited budget, I'm aiming to transform this existing setup into an enterprise environment using free resources and software for educational purposes.

Specifically, I have a few questions:

1. Virtualization Software: What free virtualization software would you recommend for setting up different server roles with my current hardware?
2. Free Enterprise Software: Are there any free resources or trial versions of enterprise software that I can use for learning purposes?
3. Optimizing Hardware: How can I effectively utilize my existing hardware to simulate an enterprise environment?
4. Software Firewall and Security: Can you recommend a reliable open-source software firewall, and what security measures should I implement in my home lab to align with industry best practices?
5. Learning Resources: Any recommendations for learning materials or online resources that cover server administration, enterprise environments, and security?

Moreover, I've heard about Type 1 Hypervisors and would like to explore implementing them in my home lab to showcase their benefits. My manager takes security very seriously, and I want to ensure my home lab reflects best practices in this regard. While my manager is familiar with basic server setups like Domain Controller, AD DS, WSUS (which has some issues), and Office 365 Admin, I'm eager to go beyond these basics and prove my capabilities in handling a more comprehensive enterprise environment.

Thank you all in advance for your valuable insights and suggestions. I'm excited to embark on this learning journey and demonstrate my potential.

Best regards,

 

[PP Mguire]

Usually a company has more than 1 guy or a few teams to cover such broad things. I'd be willing to bet if you have to handle networking, infosec, SA duties, Microsoft 365, SCCM, and server management you're not going to be paid enough lol. I have a day job where all of these are separated into different teams and run my own business doing it myself. Even with all my prior knowledge and scope it took about 3 weeks pulling 14-16 hour days to put my prod environment together from scratch AND I screwed up a child domain by migrating the DC VM from one box to another making me start from scratch.
That being said, I wouldn't worry that much. All of these environments would be handed over to you stood up already in working order. It'll only be your job to maintain it and deploy anything new once it comes down the pipe.

Next thing, if you're serious then I would invest in a used server like a Dell Poweredge R630 (I have some links I can provide if you want) so you can put an entire environment on one machine. It won't be enough to teach you failover clustering but enough spec to cover everything else.

Virtualization Software: What free virtualization software would you recommend for setting up different server roles with my current hardware?

Windows Server and Hyper-V. Make VMs of each instance if possible so if you break one thing you can revert to a prior checkpoint OR only have to redo that VM instead of the whole environment. Realistically, I would use whatever VM backend is used at your job.

Free Enterprise Software: Are there any free resources or trial versions of enterprise software that I can use for learning purposes?

ADManager Plus, Windows Admin Center, SQL Express, SQl Manager Studio, I think SCCM has a free trial but can't remember, and you can sign up for eval to download a Windows Server ISO to get started. I would also get experience in using Microsoft RDS as I've noticed anywhere I've gone the environment is there and barely maintained because not many people have much experience with the inner workings of it.

Optimizing Hardware: How can I effectively utilize my existing hardware to simulate an enterprise environment?

That's tough because you have limited hardware available, specifically RAM. I would start by spinning up Hyper-V on your game box and dedicating 2 cores and 4GB of RAM to an ADDC to start your domain. This will cover ADDS, and DNS. Do not add your game box host OS to the domain. You can then fire up Server 2022 on the other 2 boxes and bundle roles to each one. If you can make a VLAN then I would create a new virtual network for this environment to sit on and assign static IPs from within Windows on this VLAN. Don't touch your domain controller once it's started, use the spare boxes for anything else, and remember to make at least once checkpoint once it's up and functional. If you're up to getting some new network hardware a cheap start is Ubiquiti. If you're serious about running what your job has, then I would learn more about their network infrastructure.

Software Firewall and Security: Can you recommend a reliable open-source software firewall, and what security measures should I implement in my home lab to align with industry best practices?

pfSense is a good start or OpenSense. VLANs, network isolation, IPS/IDS, reverse proxy, traffic management/load balancing, port forwarding, DNS forwarding, encrypted DNS, list goes on. This is a whole different ball game and specialty and properly dealing with IPS/IDS is a headache that will keep you running. Oh, and don't leave passwords laying around.

Learning Resources: Any recommendations for learning materials or online resources that cover server administration, enterprise environments, and security?

Youtube and Google.

This is the basics that I can think of for the time being, but it all depends greatly as each environment is different and this advice could differ greatly from what you have going on at work. This best thing to do is take note of how things are setup, hardware used, etc and go from there. Learn what they have first so you can pay your bills then expand beyond that in your free time.