In this entry, I will discuss my implementations for network security, remote access, and home automation. For network security, I have implemented two projects: Suricata IPS installed on the pfSense firewall, and a Security Onion IDS installed on my Unraid server.

Suricata is an open-source network intrusion detection and prevention system that can be run on pfSense. I set it up to run on my LAN network, and initially added the rules that would be used for threat detection. Over the course of a few weeks, I worked on removing false positives until I was satisfied. I then turned on the blocking function and continue to monitor the alerts happening on my network.

The Security Onion is a Linux distribution that is specifically designed for network security analysis and monitoring. It includes multiple tools for intrusion detection, log management, network traffic analysis, and more. I have set up port mirroring on my Mikrotik CSS326-24G-2S+RM switch to send all traffic from the trunk port to the pfSense firewall to a monitoring interface of the Security Onion. Along with the mirrored traffic, it is also ingesting firewall logs from pfSense. This allows me to detect and respond to network security threats in real-time.

To enable remote access to my home network, I have set up an OpenVPN server and a WireGuard server. The OpenVPN server provides a secure and encrypted connection to my home network from remote locations. The WireGuard server is a lightweight and fast VPN solution that I use to keep my mobile devices connected to my home network. Additionally, I utilize Cloudflare tunnels to expose some of my hosted services without needing to open any ports on my firewall. This adds an extra layer of security to my home network.

For home automation, I use Home Assistant, an open-source home automation platform, equipped with a Z-Wave/Zigbee hub and a Hue hub. I use Amazon Alexa smart speakers to trigger smart devices and automations. Home Assistant allows me to easily control and automate various smart devices, including lights, fans, outlets, and more. I have also set up custom scripts to monitor the status of various devices, such as a washing machine, and receive notifications when a cycle is complete or if there is an issue.