<aside> 🔖
</aside>
Project Title: Enterprise-Level SOC Lab | Engineering a Multi-Zone Infrastructure for Threat Detection
Platform: On-Premises Hyper-V Lab Environment
Project Scope: Building a self-contained detection lab using pfSense, Suricata IDS, Active Directory, Windows clients, and Splunk SIEM for real-time security monitoring.
Author: Athanasios Oikonomopoulos / B4ckD00rR4t
This project was designed to replicate core components of a functional Security Operations Center (SOC) within a segmented enterprise network environment. Deployed entirely in Hyper-V, the lab includes a pfSense firewall with integrated Suricata IDS, a Windows Server 2019 Domain Controller, Windows 10 client systems, a Splunk SIEM, and a Kali Linux attacker machine , all interconnected across five dedicated virtual switches representing different network zones.
The main goal of this lab was to build and validate an infrastructure capable of detecting, forwarding, and correlating malicious or suspicious activity across multiple layers , including firewall events, host-level telemetry, and IDS alerts , using industry-standard tools.
Throughout the project, I: