Home labs are integral to the growth of IT professionals. It is where we develop, get creative, destroy stuff, and we are never afraid to do so because it will not hurt so badly. The case is different in an enterprise production environment. In a controlled environment, the policy will not allow testing or playing, as they often result in damning consequences.
The reason every IT professional should have a lab is crystal clear. Yet many may not fully understand or overlook the benefits. Information Technology is a practical trade and requires whoever desires to excel not only to be knowledgeable about how things work but also able to demonstrate it. You do not want to be just a theoretical engineer.
An ideal analogy of a home lab is a sandbox for children, which provides an avenue for them to play and develop their muscles while still being safe from physical harm. Even enterprise environments have a dedicated test environment where they test patches, for example, before deployment to production.
New IT professionals have to start from somewhere to earn an employer’s trust. Seasoned professionals must continuously develop their skills, but change and configuration control discourage doing that on an enterprise network. It turns out we all always need to upskill, regardless of where we are in our journey. The question is: where do we get our hands dirty?
The idea of a home lab is not new but often confusing to many. It sparks questions like: how do I build one, and what should it include? What you want to emulate is an enterprise infrastructure, but in a pretty affordable way. You are doing it wrong if you think it must be of the standard of a server room or data center. You can even start with just your laptop as your last resort. Virtualization is your friend.
Think about old laptops or desktop computers in your basement. You can ask friends, family, or colleagues if they have any of those they could give up. They would work just fine for this effort. What you want to achieve is a basic network setup, then build on it as your skills demand. You need at least one multi-home device for your firewall, a switch, and at least one other computer. The more, the better.
I suggest a switch with at least four ports, preferably with a span/mirror port. More ports are better for scaling as your network grows. Virtualization of computers at your disposal will be crucial to optimize available resources. You can then spring up multiple virtual servers and clients for testing purposes. That requires the host system to have substantial computing resources to achieve the best performance.
The setup illustrated above is a good starting point. Also, remember that if you are already employed, your employer has some decommissioned gear, and their policy allows it. You can solicit some of these devices that may benefit your development. However, to get approval, you may have to present a convincing narrative of how that might help you grow. The idea is not to break the bank building your lab.
An alternative to a home lab setup is springing up a lab in a cloud environment. While this is a viable option, it has its advantages and disadvantages. The cloud option offers on-demand access and access to cutting-edge technologies, and you can scale as required, among other benefits. However, cloud services are subscription-based and could be more expensive. It also requires additional efforts to completely prevent hosts’ exposure to the Internet, which you may need for some use cases.
The following are the devices that make up my home lab setup, inspired by Active Countermeasures’ Building a Home Lab webcast:
Protectli Vault FW4B (Firewall)
The Protectli box is ideal for a firewall device. I installed pfSense—the open-source community edition firewall software on it for my lab. There are different models with varying features and capabilities, but this meets my requirement and is within budget. It has 4 CPU cores at 1.6GHz with 4GB RAM installed and has been fantastic since I deployed it. What I love most about this device is that it is silent—no moving parts, not even a fan.
Netgear GSS116E (Switch)
GSS116E is a 16-Port Gigabit Smart Managed Switch. It comes with a span port which makes passive network monitoring possible. That is an essential feature of any home lab.
Netgear AC2000 (Access Point)
You may need to work with and test devices with only WiFi connectivity, like phones, tablets, or some IoTs. Having an Acess Point (AP) comes in handy here. Some AP also avail you additional ethernet ports to extend your network. If you purchase a wireless router like me, you may want to deploy it in AP mode. One reason is that wireless-connected devices can pick up IP addresses from your firewall’s DHCP server. The other vital reason is that the switch can mirror their traffic to the network sensor.
Raspberry Pi 4 Model B 8GB Set (Sensor)
I used Raspberry Pi for the network sensor. That is where all traffic passing through selected ports in the switch goes for analysis. You could use any operating system for this effort. But for the best performance of the small box, I use Raspberry Pi OS—a port of the Debian distribution release Bulleye.
Lenovo E490 Laptop (Hypervisor)
When I last shopped for a laptop, I wanted to buy a decent inexpensive 14 inches screen laptop upgradable to at least 32GB RAM. The Lenovo E490 met these requirements and was also within budget. For virtualization purposes, you want to consider a computer with a relatively high CPU clock speed with a considerable amount of matching speed and size of RAM that meets your requirements.
These could be any, from flash and hard disk to solid-state drives. However, thumb and solid-state drives with USB 3.0 or higher are faster and would make your life easier. You would need them for different storage needs in your home lab, especially for file transfers and disk imaging for digital forensics.
Developers and programmers are better off showcasing their portfolios. There is no exception for others in IT, including information and cyber security professionals. You may also want to consider this to increase your chances of landing your dream job. Every IT professional should see themselves as and walk the walk as a lifelong learner. Building a home lab is one way out of many of doing that.